@filedescriptor: How do you feel about https://codereview.chromium.org/2260103003 as a mitigation against http://blog.innerht.ml/csp-2015/#danglingmarkupinjection …? /cc @arturjanc @lcamtuf
FYI https://github.com/w3c/webappsec-csp/issues/98 … has some more context and discussions about alternatives.
-
-
For breakage, my hope/uneducated guess is that it shouldn't be terrible because you need: 1)
-
: I'm also not worried about breakage. I am worried about performance impact.
@filedescriptor@lcamtuf
End of conversation
New conversation -
-
-
Thanks. I'm taking a stern look into this
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.