Sources Contact Advanced Search Tutorials

An Interest In:

HTML
CSS
Javascript
jQuery
Canvas
PHP
MySQL
Development
PhotoShop
Design

Web News this Week

May 2, 2024
May 1, 2024
April 30, 2024
April 29, 2024
April 28, 2024
April 27, 2024
April 26, 2024

Search Archive

Some of Our Sources

BoingBoing
Technology Review
Team Treehouse
Joshua Blankenship
Smashing Magazine
Abduzeedo
Vandelay Design
Noupe
Web Resource Source
The Verge

View All Sources

Help Webnuz

Referal links:

March 1, 2018 10:40 pm GMT

Third party CSS is not safe

...because third-party anything really isn't safe. Jake Archibald:

If you're worried about users tricking your site into loading third party resources, you can use CSP as a safety net, to limit where images, scripts and styles can be fetched from.

We've long discussed security considerations for using and managing third-party scripts, but the topic of security in third-party CSS was recently broached in response to a "trick" that employs keylogging via CSS.

Jake's post is a worthy read because …

Third party CSS is not safe is a post from CSS-Tricks

Original Link: https://jakearchibald.com/2018/third-party-css-is-not-safe/

Share this article:

View Full Article

CSS Tricks

A Web Design Community curated by Chris Coyier

More About this Source Visit CSS Tricks