The JavaScript Supply Chain Paradox: SRI, CSP and Trust in Third Party Libraries
Troy Hunt
FEBRUARY 11, 2018
This tag was in the source code over at secure.donaldjtrump.com/donate-homepage yet it was pulling script directly off Igor Escobar's GitHub repository for the project. pic.twitter.com/xQhspR7A2f — Scott Helme (@Scott_Helme) February 11, 2018. Until now. It was the US Courts too. And the UK's National Health Service.
Let's personalize your content