Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
johnmaguire
on June 25, 2024
|
parent
|
context
|
favorite
| on:
Polyfill supply chain attack hits 100K+ sites
In general, SRI (Subresource Integrity) should protect against this. It sounds like it wasn't possible in the Polyfill case as the returned JS was dynamic based on the browser requesting it.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
