grumbulon Nekobit :grey_cat_roll: God's Silliest Soldier wafu ...

2023-05-26 04:20:54

grumbulon (npub1m7p…0szf) Nekobit (npub1q3k…q3wu) :grey_cat_roll: (npub1pnp…52zw) God's Silliest Soldier (npub10pg…xu2f) wafu :Libbie_dance:❤️:wafumelon_rotate: (npub1yua…c3d4) It looks like it might be a good idea to implement CSPs. We can apparently whitelist all the scripts we want to allow the browser to run on the page. It would be something like:

Content-Security-Policy: script-src : https://domain/static/*.js

This would prevent any scripts from anywhere except /static directory from running regardless of any magic fuckery.

Author Public Key

npub16rws74jzn42yjxw0jzm6pt9xqrdfjat6uge5atg2035w830n8v5sgnd9ze

Show more details

Published at

2023-05-26 04:20:54

Kind type

1 Short Text Note

Event JSON

{ "id": "4735c108f6b0a08219e58b572009e25b05faa8888f7962baff716466bba8ae57", "pubkey": "d0dd0f56429d544919cf90b7a0aca600da99757ae2334ead0a7c68e3c5f33b29", "created_at": 1685074854, "kind": 1, "tags": [ [ "p", "df83a81dcdf1446cfce8df6499deb715e3332fedc56c707ffc8aafdad46ce1e3", "wss://relay.mostr.pub" ], [ "p", "046dd2da464b66e7b9e881a5bb3034a33db476ba2e6c8f543cd18fd014d1570d", "wss://relay.mostr.pub" ], [ "p", "0cc3917b13addf50990ff377bb7c4417b9e4edee535a37294f05fc7a0c11dd54", "wss://relay.mostr.pub" ], [ "p", "78506bb9397526d4050b53359984555c391eb6319c4774429e6d52f8ec8776fa", "wss://relay.mostr.pub" ], [ "p", "273bdad9d60370c39f582c828087321b1ec273accd09ed8e42abbd5c041d95d7", "wss://relay.mostr.pub" ], [ "e", "1683c59a6db2743456842bdc9d845675325148ffd90665c01e6a341b3db29925", "wss://relay.mostr.pub", "reply" ], [ "mostr", "https://bajax.us/objects/bc327714-6e9b-4dba-bbae-e48d0c40ad91" ] ], "content": "nostr:npub1m7p6s8wd79zxel8gmajfnh4hzh3nxtldc4k8qllu32ha44rvu83sad0szf nostr:npub1q3ka9kjxfdnw0w0gsxjmkvp55v7mga469ekg74pu6x8aq9x32uxsk0q3wu nostr:npub1pnpez7cn4h04pxg07dmmklzyz7u7fm0w2ddrw220qh785rq3m42ql452zw nostr:npub10pgxhwfew5ndgpgt2v6enpz4tsu3ad33n3rhgs57d4f03my8wmaqp2xu2f nostr:npub1yuaa4kwkqdcv886c9jpgppejrv0vyuave5y7mrjz4w74cpqajhtsy5c3d4 It looks like it might be a good idea to implement CSPs. We can apparently whitelist all the scripts we want to allow the browser to run on the page. It would be something like:\n\n Content-Security-Policy: script-src : https://domain/static/*.js\n\nThis would prevent any scripts from anywhere except /static directory from running regardless of any magic fuckery.", "sig": "6bca456bc1e7d92964572c3733b8627bce097bb1c5fdcf2a4dc63c0a6487902ea22da869d6a7ba71c2cbfc6f8352034dcc3e23c245148e99b2caff4477ef3a93" }

bajax on Nostr: grumbulon Nekobit :grey_cat_roll: God's Silliest Soldier wafu ...