Hacker News new | past | comments | ask | show | jobs | submit login

Well, it's not necessarily that. For example, my website serves an authority delegation file (https://stavros.io/.well-known/browserid) which I really don't want an attacker to mess with. Serving JS libs/changing the config/etc wouldn't get them anywhere, unless they could change that single file.

Since there are some ways to protect from that (I think the two I proposed above are reasonable), Mozilla probably should think about implementing it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: