Y
Hacker News
new
|
ask
|
show
|
jobs
by
lxgr
921 days ago
Is there even an alternative? Once you can inject arbitrary code into a library that a web app loads and executes (except if it’s in an iFrame), it’s game over, no?
1 comments
chrisandchris
921 days ago
Partially, one could use a Content-Security-Policy to lock things further down.
link