|
|
|
|
|
|
by tptacek
5052 days ago
|
|
|
You can't do that without incurring a PCI Audit, can you? The best answer is "don't link to Javascript URLs that you don't control and audit on your website". Nobody likes that answer, but that doesn't make the second-best answer any more meaningful. |
|
|
Exactly. There's no way I would be serving up third party javascript to a logged-in Tarsnap user, even inside an iframe, if it weren't for the fact that dealing with PCI auditing would irreparably damage my sanity.