No, the attacker decides the hash, since they inject the <script> tag using XSS. | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

icebraining on Oct 1, 2015 | parent | context | favorite | on: Do not let your CDN betray you: Use Subresource In...

No, the attacker decides the hash, since they inject the <script> tag using XSS.

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact