Thread. I've also seen this happening. A soft cushion some mitigations allude to provide have a side effect of folks neglecting reporting or fixing bugs. I've spent tens of hours convincing to do otherwise, and instead I could do actual work. Defense deserves better.https://twitter.com/brcrwilliams/status/1054704145184153600 …
-
-
Replying to @kkotowicz
I have been noodling on this. I agree defense deserves better, but what would that look like? I have thoughts but would love yours
1 reply 0 retweets 0 likes -
Replying to @frgx @kkotowicz
I've seen people argue against fixing XSS when it's prevented by CSP. Are the people in favor of removing the XSS Auditor also in favor of removing CSP? (I suspect not)
1 reply 0 retweets 2 likes
I know one who is.
9:23 PM - 23 Oct 2018
0 replies
0 retweets
2 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.