| Tweetovi |
|
koto
@kkotowicz
|
2. velj |
|
Gratulacje!!!
|
||
|
|
||
|
koto
@kkotowicz
|
31. sij |
|
Congratulations!
|
||
|
|
||
|
koto
@kkotowicz
|
29. sij |
|
You may be able to tighten the unsafe-eval with trusted types.
|
||
|
|
||
|
koto
@kkotowicz
|
29. sij |
|
I can understand the snarkiness, but still - AMP has tons of existing customers,and those will still be exposed to CSRF. Brushing that off only to take a stab at AMP is a position that's... not very helpful.
|
||
|
|
||
|
koto
@kkotowicz
|
28. sij |
|
I'm guessing AMP websites might want to have a say.
|
||
|
|
||
|
koto
@kkotowicz
|
28. sij |
|
In other words, some AMP pages will have to opt out of the mechanism that addresses CSRF so cleanly. Sad. twitter.com/johnwilander/s…
|
||
|
|
||
| koto proslijedio/la je tweet | ||
|
Phineas
@Phineas
|
27. sij |
|
Remember, Marcus Aurelius has already absolved you of the duty of having a take pic.twitter.com/hLSNy7a5OB
|
||
|
|
||
|
koto
@kkotowicz
|
25. sij |
|
Parts of CSP we could definitely do without. Some forms of it increase deployment complexity without significant enough value. See github.com/mikewest/csp-n…
|
||
|
|
||
|
koto
@kkotowicz
|
24. sij |
|
Welcome to the team!
|
||
|
|
||
|
koto
@kkotowicz
|
24. sij |
|
There's some nuance to this, but, without splitting hairs, the best advice for the end users in response to the paper is indeed NOT to disable ITP. twitter.com/othermaciej/st…
|
||
|
|
||
| koto proslijedio/la je tweet | ||
|
Kelsey Hightower
@kelseyhightower
|
23. sij |
|
When your decision to adopt microservices is missing the big picture. pic.twitter.com/dvRHK4MCyQ
|
||
|
|
||
|
koto
@kkotowicz
|
22. sij |
|
In terms of technical details, twitter.com/s_englehardt/s… has a good summary.
|
||
|
|
||
| koto proslijedio/la je tweet | ||
|
Artur Janc
@arturjanc
|
22. sij |
|
Earlier today we published the details of a set of vulnerabilities in Safari's Intelligent Tracking Prevention privacy mechanism: arxiv.org/abs/2001.07421. They are... interesting. [1/9]
@kkotowicz @empijei @we1x
|
||
|
|
||
|
koto
@kkotowicz
|
22. sij |
|
The time has come to fix that typo in Referer ;) twitter.com/kcotsneb/statu…
|
||
|
|
||
|
koto
@kkotowicz
|
22. sij |
|
Our title is boring, @johnwilander's "Preventing Tracking Prevention Tracking" is way better ;) twitter.com/lukOlejnik/sta…
|
||
|
|
||
| koto proslijedio/la je tweet | ||
|
Ben Stock
@kcotsneb
|
16. sij |
|
Have an idea that would totally change the Web's security but would break today's Web? We have the right workshop for you! @stecalzavara&I are hosting secweb.work, *the* place for those ideas. We also have a keynote from the Web's chief deprecator @mikewest #SecWeb
|
||
|
|
||
|
koto
@kkotowicz
|
15. sij |
|
Oh man, that's terrible :( Hope something new, and greater will come out of this! Sending lots of <3. We are hiring as well for multiple roles, if you're interested.
|
||
|
|
||
| koto proslijedio/la je tweet | ||
|
Brad Hill
@hillbrad
|
15. sij |
|
💕❤️💕 for all who have worked for a better web and a better world at Mozilla.
|
||
|
|
||
|
koto
@kkotowicz
|
15. sij |
|
Wait what? Is that for real?
|
||
|
|
||
|
koto
@kkotowicz
|
14. sij |
|
So was XHR ;)
|
||
|
|
||