Y
Hacker News
new
|
ask
|
show
|
jobs
by
Torgo
4700 days ago
They do include noscript, but with JS globally enabled. Noscript will cleanse XSS/CSRF requests and prevent some sorts of clickjacking (according to noscript.)