Good morning! In terms of aggregate risk on the web, do you agree ad scripts > "regular" XSS?
You mentioned compromise of infrastructure. You trust your vendor, both for HW and JS APIs.
-
-
I'm talking third-party scripts. Not first party.
-
We can agree to disagree. I think full powered third-party scripts are bad for web security.
-
The only current thing that could limit the power is SRI + no dynamic loading.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.