> CSP is one of the worst pieces of Web security infrastructure
I disagree. Like many things, it's a trade-off, in this case between configurability and extensibility for those who know what they're doing and security for those who don't. In the grand scheme of things, it seems pretty reasonable.
I disagree. Like many things, it's a trade-off, in this case between configurability and extensibility for those who know what they're doing and security for those who don't. In the grand scheme of things, it seems pretty reasonable.