orb icon indicating copy to clipboard operation
orb copied to clipboard

Published 20 hours ago verified publisher icon annevk

Could be stricter on safelisted CSS and JS MIME types

Open annevk opened this issue 3 years ago • 0 comments

In particular, we could require an ok status as well and network error otherwise as the attacker process will do the same. It's not clear how often this would prevent a legitimate security issue, but it seems worth considering.

annevk avatar Jan 13 '21 10:01 annevk