Reply to post: Content-security-policy

UK ICO, Thousands of websites hijacked by hidden crypto-mining code after popular plugin pwned



Modern browsers all support content-security-policy, an HTML header which allows websites to white list JavaScript sources. But that would require them to *actually* know where their JavaScript comes from. That would totally break their shitty ad model.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019