Doesn't it help protect clients from malicious 3P JS?
At least so long as they don't have malicious extensions or a non-CORS browser?
Doesn't it help protect clients from malicious 3P JS?
At least so long as they don't have malicious extensions or a non-CORS browser?