- TIL 'strict-dynamic' - Mitigate cross-site scripting (XSS) with a strict Content Security Policy (CSP)
- Read CSP Is Dead, Long Live Strict CSP! - DeepSec 2016 - Speaker Deck
- Read CSP Is Dead, Long Live CSP! On the Insecurity of Whitelists and the Future of Content Security Policy – Google Research
- Read Why it's time to update our language about bad design patterns by Amy Hupe, content designer. - Is a very good read and something I hope we can move too more in our communication.
I lead the Chrome Developer Relations team at Google.
We want people to have the best experience possible on the web without having to install a native app or produce content in a walled garden.
Our team tries to make it easier for developers to build on the web by supporting every Chrome release, creating great content to support developers on web.dev, contributing to MDN, helping to improve browser compatibility, and some of the best developer tools like Lighthouse, Workbox, Squoosh to name just a few.