Hacker News new | ask | show | jobs
by kinlan 145 days ago
Author of the linked post here. This is actually a pretty interesting idea, I'll pass it to the team.
1 comments
spankalee 145 days ago
Enabling the `integrity ` attribute on iframes would help: https://github.com/w3c/webappsec-subresource-integrity/issue...

But then you'd also want the frame content to use `integrity` on nested resoures.

CSP frame-src can help for now.

link