Twitter | Pretraživanje | |
Mike West
I took some time to sketch out `Scripting-Policy` in a little more detail: . I'm starting to think it might actually not be a terrible idea.
Reply Retweet Označi sa "sviđa mi se" More
Mike West 8. sij
Odgovor korisniku/ci @mikewest
It's like the CSP: The Good Parts. Most users would be well-served with a policy like `Scripting-Policy: nonce=number-used-once`, and I think even complex deployments can be supported with a limited set of options. We can keep it small and focused, with a clear threat model.
Reply Retweet Označi sa "sviđa mi se"
Mike West 8. sij
Odgovor korisniku/ci @mikewest
Feedback would be welcome, either here or as issues/PRs filed on the GitHub repository: . Thanks!
Reply Retweet Označi sa "sviđa mi se"
Ryan Barnett 8. sij
Odgovor korisniku/ci @mikewest
Yes please.
Reply Retweet Označi sa "sviđa mi se"