Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If you browse with NoScript in default-deny mode, you're probably also the type to use RequestPolicy which would prevent irrelevant sites from running a script off vjs.zendcdn.net

NoScript isn't a comprehensive security/privacy suite. It's just a crucial component.



RequestPolicy won't save you if the link is to a subdomain of vjs.zendcdn.net which is whitelisted, but also the site you're visiting.


Right, if you get tricked into visiting the site then first-party scripts can run. But with XSS protection intact and RequestPolicy preventing any third-party access, the scope of possible attacks is pretty narrow.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: