Y
Hacker News
new
|
ask
|
show
|
jobs
by
hklutryhgg
1791 days ago
I'm pretty sure you can defend against this with javascript script hashes and restrictive CSR's, but yeah, they are quite involved to setup.