The JavaScript Supply Chain Paradox: SRI, CSP and Trust in Third Party Libraries
Troy Hunt
FEBRUARY 11, 2018
This tag was in the source code over at secure.donaldjtrump.com/donate-homepage yet it was pulling script directly off Igor Escobar's GitHub repository for the project. I woke up on the other side of the world to most people this morning and my Twitters had gone nuts overnight with this story: Ummm, so yeah, this is *bad*. Until now.
Let's personalize your content