-
We added a strict Content Security Policy to our new work website. Looking at our client-side error tracking, there's an incredible amount of stuff that gets caught (dozens of things per week). All sorts of random pieces of JavaScript being injected into users' webpages.On twitter.com
❤️ 2 Favorites Mood -2 🙁
-
I wonder how much of this stuff is unknown to the user (browser plugins, ISP stuff, corporate surveillance plugins etc). The lesson: use CSP on your sites; vet your own browser.Permalink On twitter.com