• fuzzzerd@programming.dev
    link
    fedilink
    arrow-up
    1
    ·
    11 months ago

    I felt like I had a good understanding of both htmx and csp, but after this discussion I’m going to have to read up on both because both of you are making a logically sound argument to my mind.

    I’m struggling to see how htmx is more vulnerable than say react or vue or angular, because with csp as far as I can tell I can explicitly lock down what htmx can do, despite any maliciously injected html that might try to do otherwise.

    Thanks for this discussion 🙂