|
|
|
|
|
|
by bastawhiz
481 days ago
|
|
|
> In dev mode, just issue a warning "loaded script that has hash X but isn't statically defined. How does the browser know which files to warn you about? What about scripts that are generated dynamically and have no static hash? There's plenty of reasons why you wouldn't want this. |
|
|
> What about scripts that are generated dynamically and have no static hash?
Well, then the warning is still valid because this is a security risk. I guess it'd be fine to be able to suppress the warning explicitly in those cases.
> There's plenty of reasons why you wouldn't want this.
For example? Honestly curious where you would not want a warning by default.