I fully agree. Anyone who wants to defend against XSS should have a tightly lock... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		imtringued 7 months ago \| parent \| context \| favorite \| on: Authentication with Axum I fully agree. Anyone who wants to defend against XSS should have a tightly locked down CSP. That's the only way. (no, "careful" coding isn't reliable enough)

varun_ch 7 months ago [–]

I think you mean a tightly locked down CSP and “careful” coding (just escape practically everything you render), a tightly locked down CSP is also not reliable enough.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact