Y
Hacker News
new
|
ask
|
show
|
jobs
by
amarshall
1034 days ago
Seems to be
https://developers.cloudflare.com/stream/viewing-videos/secu...
. Probably can be disabled and replaced with short-lived signed tokens. Though perhaps CloudFlare could have used [more modern iframe restrictions][1].
[1]:
https://w3c.github.io/webappsec-csp/#frame-ancestors-navigat...