• #indieweb 2015-09-01
  • Prev
    Next
  • #indieweb
  • #dev
  • #wordpress
  • #meta
  • #stream
  • #microformats
  • #known
  • #events
#indieweb ≡
  • ←
  • →
2015-09-01 UTC
# 07:45
Loqi [bridgy] Tom replied '@t @dougturner They don't have to modify your CSP: most CSP allows 'self', they can just inject a script '/att_ads.js' and catch the request' to a tweet that linked to http://indiewebcamp.com/Content-Security-Policy#Why_bother_if_attacker_can_hack_CSP_too (https://twitter.com/kermiite/status/638617749367951360)