CSP support is becoming an expected feature of such integrations, services need to adapt and not detriment the security of sites using them.https://twitter.com/ivanristic/status/803591094499938304 …
And if inline JS/CSS is added by a widget you don't control, then you generally don't have to maintain it.
-
-
OTOH if the JS widget adds markup with inline event handlers or javascript: URIs to your document then it sucks.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.