mttaggart, Your periodic reminder that a Content-Security-Policy that includes
cdn.jsdelivr.net
is not safe. Any GitHub repo can be loaded via that CDN, so if you find it on a test, prove the point.
mttaggart, Your periodic reminder that a Content-Security-Policy that includes
cdn.jsdelivr.net
is not safe. Any GitHub repo can be loaded via that CDN, so if you find it on a test, prove the point.