Y
Hacker News
new
|
ask
|
show
|
jobs
by
pauljohncleary
3914 days ago
Because a properly configured content security policy will block any inlined js (and external js files on non whitelisted domains)