R0;because third- anything really isn’t . Jake Archibald:

If you’re worried about users tricking your site into loading third party resources, you can use CSP as a safety , to limit where images, scripts and styles can be fetched from.

We’ve long discussed security considerations for using and managing third-party scripts, but the topic of security in third-party was recently broached in response to a “trick” that employs keylogging via CSS.

Jake’s post is a worthy read because it takes a high-level look at all third-party assets and the risks they pose.

Direct Link to ArticlePermalink

Third party CSS is not safe is a post from CSS-Tricks

Source link
thanks you RSS link
( https://jakearchibald.com/2018/third-party-css-is-not-safe/)


Please enter your comment!
Please enter your name here