This seems likely to have issues with most "Content-Security-Policy" rules becau... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		sublinear on Feb 19, 2024 \| parent \| context \| favorite \| on: Show HN: htmz – a low power tool for HTML This seems likely to have issues with most "Content-Security-Policy" rules because of the inline script in "onload" and the iframe. Makes it a non starter in real world production environments.

morbicer on Feb 19, 2024 | [–]

Can be imho solved with nonce or hash based policy

tommica on Feb 19, 2024 | [–]

But isnt it the same exact domain?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact