If so many sites fail to set a secure flag on a cookie, what can we realistically expect of CSP?https://twitter.com/mikewest/status/772709833460084736 …
@mikewest Good stats but the numbers shouldn't be an indictment of the platform. Non-auth cookies w/o Secure are ok
-
-
If my non-authed news site moves to HTTPS but doesn't set Secure cookies I get 99% of the security value
-
A better metric is how many applications with *your* sensitive data use the new web security mechanisms.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.