Uhm, I think they have noscript bundled with JS globally disallowed? IIRC, that ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		lawl on Aug 4, 2013 \| parent \| context \| favorite \| on: Freedom Hosting sites compromised, founder arreste... Uhm, I think they have noscript bundled with JS globally disallowed? IIRC, that is.

Torgo on Aug 4, 2013 [–]

They do include noscript, but with JS globally enabled. Noscript will cleanse XSS/CSRF requests and prevent some sorts of clickjacking (according to noscript.)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact