Hacker News new | ask | show | jobs
by dboreham 106 days ago
There are already tools and techniques to validate served JS is as-intended, and these techniques could be beefed up by adding browser checks. I've been surprised these haven't been widely adopted given the spate of recent JS-poisoning attacks.
1 comments
bawolff 106 days ago
You mean like SRI? That's not really what happened here, so its not really relavent.
link