Follow

Bookmarked: jlelse.blog/thoughts/2020/01/s.

I would—before my tiny setup stopped working, that is—scrape and cache avatars locally.

> [Y]ou should consider enabling Content Security Policy (CSP) headers and only allow embedded content from trusted sites.

(janboddez.tech/notes/26c3d6f0f)

Sign in to participate in the conversation
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!