|
|
|
|
|
|
by onion2k
56 days ago
|
|
|
It would be nice if there was a whitelist option for non-sensitive content. There's no such thing as non-sensitive content from a CDN though. Scripts are obviously sensitive, styles can be used to exfiltrate data through background-url directives, and anything like images has no benefit being cached across sites. Fonts might be one exception, but I bet those are exploitable somehow. |
|
|