※ Hiding JSON-formatted data in the DOM with CSP enabled: http://mathiasbynens.be/notes/json-dom-csp …
@mathias Ah, but perhaps you could randomize the id of the div, like a csrf token!
-
-
@avlidienbrunn …or just escape user input correctly -
@mathias well, yeah. But if everyone did that we wouldn't have the problem in the first place :p just adding to the thoughts on mitigate
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.