Single-Page Application(lemmy.ml)

posted 8 months ago

Ephera@lemmy.ml

programmerhumor@lemmy.ml

118 commentshide report

Sort:

Hot Top Controversial New Old

You are viewing a single thread.

View all comments View context

[ - ]

fuzzzerd@programming.dev

2 points

8 months ago

I felt like I had a good understanding of both htmx and csp, but after this discussion I’m going to have to read up on both because both of you are making a logically sound argument to my mind.

I’m struggling to see how htmx is more vulnerable than say react or vue or angular, because with csp as far as I can tell I can explicitly lock down what htmx can do, despite any maliciously injected html that might try to do otherwise.

Thanks for this discussion 🙂

permalink

report

parent

[ - ]

rwhitisissle@lemmy.world

1 point

8 months ago

CSP works on the browser API level - all HTMX does is what you could do yourself with any AJAX: send an HTTP request to an endpoint. If the CSP disallows that endpoint, it will fail.

permalink

report

parent

Programmer Humor

!programmerhumor@lemmy.ml

Create post

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

Posts must be relevant to programming, programmers, or computer science.
No NSFW content.
Jokes must be in good taste. No hate speech, bigotry, etc.

Community stats

6.2K
Monthly active users
1.5K
Posts
35K
Comments

Rules:

Community stats

Community moderators