I've fleshed out the "CSP as compilation target" proposal at https://mikewest.github.io/artur-yes/ , tacking on and formalizing `X-XSS-Protection`. WDYT?
re 1): no idea, I just know @lcamtuf wrote about it in http://lcamtuf.coredump.cx/postxss/
-
-
:
@lcamtuf is, unfortunately, clever.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.