Direct link to the article Weekly Platform News: PWA Issue on iOS, Performance Culture, Anti-Tracking in Browsers

Weekly Platform News: PWA Issue on iOS, Performance Culture, Anti-Tracking in Browsers

In this week's news: resolving an issue when restarting progressive web apps in iOS, why The Telegraph now vets all scripts before they make it to their codebase, and Microsoft plans to add tracking prevention to the Edge browser.
Avatar of Šime Vidas
Šime Vidas on (Updated on )

Third party CSS is not safe

Direct Link

…because third-party anything really isn’t safe. Jake Archibald:

If you’re worried about users tricking your site into loading third party resources, you can use CSP as a safety net, to limit where images, scripts and styles can be fetched from.

Avatar of Chris Coyier
Shared by Chris Coyier on

Just Another HTTPS Nudge

I was strongly reminded about the scariness of non-secure websites the other day.

I’m using Xfinity as an internet service provider, and they give you a device that is both a cable modem and a router.

Here’s a tiny bit …

Avatar of Chris Coyier
Chris Coyier on (Updated on )

ShopTalk 250: Web Security

Direct Link

For all y’all that want to understand the potential attacks, and potential defenses, of front-end web development.

It’s pretty wild. The dangers are big, real, and many. But the tools we have to fight back are up to the job, …

Avatar of Chris Coyier
Shared by Chris Coyier on

The Line of Death

Direct Link

Eric Lawrence has written a pretty scary post about browser security and malicious websites that hope to trick us:

When building applications that display untrusted content, security designers have a major problem— if an attacker has full control of a

Avatar of Robin Rendle
Shared by Robin Rendle on