We're all in the hands of ad networks. But let's keep fighting regular XSS and non-PFS. The ad networks and trackers must have full access.https://twitter.com/brendaneich/status/782767374705496064 …
-
-
In this definition the web is built on "XSS" and the term becomes useless. Let's stick to industry definition :)
-
I think that the problem is that the industry definition is wrong, no? No real fix for that.
-
Industry definition of XSS is status quo for a decade and never meant "app loads script from a CDN".
-
Tweet unavailable
-
I am thoroughly enjoying this debate.
-
Tweet unavailable
-
Good morning! In terms of aggregate risk on the web, do you agree ad scripts > "regular" XSS?
- 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.