You're missing a crucial point, which is that an XSS or SQL injection requests are different requests from those made during regular use. The intent of sending such a request is also different.
In this case, we are dealing with the same requests with the same intent, just made with a different browser. As stated previously, you cannot force my choice of browser.
Now please tell me which (real or imaginary) ToS clause this violates and how it could possibly violate it, even hypothetically.
In this case, we are dealing with the same requests with the same intent, just made with a different browser. As stated previously, you cannot force my choice of browser.
Now please tell me which (real or imaginary) ToS clause this violates and how it could possibly violate it, even hypothetically.