Y
Hacker News
new
|
ask
|
show
|
jobs
by
yahelc
2522 days ago
In addition to properly escaping inputs, Content Security Policy Headers to restrict the hosts that the browser executes JavaScript from (e.g., script-src).
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Co...