Hacker News new | comments | show | ask | jobs | submit login

Also, if there's a known-trusted resource, go for https://developer.mozilla.org/en-US/docs/Web/Security/Subres... - if the resource changes, it will fail to load. If unchanged, offload to a CDN, if fails, serve locally. Multiple identifiers allowed, which mitigates second preimage attacks.



I added this to the article, thanks!




Applications are open for YC Winter 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: