So the malicious site can run risk assessment first and then if it thinks nobody's looking, send different code for hashing to this particular user.