Y
Hacker News
new
|
ask
|
show
|
jobs
by
cowl
229 days ago
most sites pull blindly pull and exec JS from their vendors, especially adds / tracking. you don't need a MITM attack on the site, plenty of supply chain issues for which https does nothing.