…because third- anything really isn’t . Jake Archibald:

If you’re worried about users tricking your site into loading third party , you can use CSP as a safety net, to limit where images, scripts and styles can be fetched from.

We’ve long discussed considerations for using and managing third-party scripts, but the topic of in third-party was recently broached in response to a “trick” that employs keylogging via CSS.

Jake’s post is a worthy read because it takes a high-level look at all third-party assets and the risks they pose.

Direct Link to ArticlePermalink


Third party CSS is not safe is a post from CSS-Tricks



Source link
thanks you RSS link
( https://jakearchibald.com//third-party-css-is-not-safe/)

LEAVE A REPLY

Please enter your comment!
Please enter your name here