|
|
|
|
|
|
by twic
4529 days ago
|
|
|
It might be better to allow: Content-Security-Policy: can-set-cookies-for-parent-domain: no! There's no harm in letting haxx0r.blogspot.com set cookies for haxx0r.blogspot.com. It's only cookies for blogspot.com that should be restricted. |
|
|