|
|
|
|
|
|
by yyyk
294 days ago
|
|
|
You're not crazy, and they should fix it. But remember the web existed before CSP was ubiquitous and plenty of sites still don't use it (even though they should). It's a very important defense but not the only one. You've identified something that could be the first step in a hack - but it doesn't necessary mean there is a hack. |
|
|