Why making usable something that almost never actually delivers security?
If nonces are the way to go it's easy to build a new mechanism to enforce them
-
-
And the only way to see if they really work is to use them with current CSP
-
Developers won't spend time on such stuff unless they get value out of it *now*
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.