I’m feeling dirty. Just talked a client _out_ of setting all those cool new security HTTP headers. :(
-
-
@mathias several reasons. Mainly b/c it’s a subdomain-based service, that might be included via iframes, that might have SSL certs from… -
@mathias …different roots, that uses jQuery (which triggers CSP violations), and so on. - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
JavaScript, HTML, CSS, HTTP, performance, security, Bash, Unicode, i18n, macOS.