|
|
|
|
|
|
by arkadiyt
2162 days ago
|
|
|
It doesn't seem so bad to me. Fetch Metadata will be handled by your framework of choice (Rails, Django, etc) & COOP is a single header that can be deployed by the security team in your app or at the edge. TrustedTypes are the only thing that will really cause developer headache I think. |
|
|
I wish this was my experience with security teams. The teams I've worked with through the years are generally disconnected from any product teams and support a wide-ranging enterprise. So they simply don't have the resources or specific technical or product knowledge to do it. It would be awesome to have a security person on the team directly mitigate issues, understanding the product, and making everyone else more security knowledgeable. I've just never seen it happen though. But I digress.
I agree. These new sets of headers look useful and simple to get going, and even would be useful to deploy today. So it seems worth checking out!