The JavaScript Supply Chain Paradox: SRI, CSP and Trust in Third Party Libraries
Troy Hunt
FEBRUARY 11, 2018
This tag was in the source code over at secure.donaldjtrump.com/donate-homepage yet it was pulling script directly off Igor Escobar's GitHub repository for the project. We've had this for ages and Scott pumped out a piece in response to this incident explaining precisely how to use it. Now, imagine if Igor took a dislike to Trump.
Let's personalize your content