|
|
|
|
|
|
by adrianmacneil
3924 days ago
|
|
|
For a static site I expect you would be far less concerned about session hijacking or XSS if someone took over that domain. Even a complete single-page app should serve the initial html request from a trusted domain/server. |
|
|