Request for Mozilla Position on an Emerging Web Specification Specification Title: Web Environment Integrity API Specification or proposal URL (if available): https://rupertbenwiser.github.io/Web-E...
Let’s just go back to the good old days when the web worked without JS. That would remove a massive amount of attack surface. Might seem a bit shit without the interactivity, though.
Is there any way to make JS safer? E.g. limiting the scope of its access to specific functions (e.g. visual/DOM changes, posting/querying a server only but no local function), or is it just inherently unsafe?
Is there any way to make JS safer? E.g. limiting the scope of its access to specific functions (e.g. visual/DOM changes, posting/querying a server only but no local function), or is it just inherently unsafe?
I think the FBI recommends the use of ad blockers for personal safety, let me find that link real quick…
Edit: FOUND IT, Third point under “Tips to Protect Yourself”
Let’s just go back to the good old days when the web worked without JS. That would remove a massive amount of attack surface. Might seem a bit shit without the interactivity, though.
Is there any way to make JS safer? E.g. limiting the scope of its access to specific functions (e.g. visual/DOM changes, posting/querying a server only but no local function), or is it just inherently unsafe?
Is there any way to make JS safer? E.g. limiting the scope of its access to specific functions (e.g. visual/DOM changes, posting/querying a server only but no local function), or is it just inherently unsafe?