Site original : Infosec Reactions
MRW browsing securityreaction with “security.mixed_content.block_display_content:true”.
..it’s completely useless:
Content-Security-Policy: default-src ‘self’ ’*’ 'unsafe-inline’ 'unsafe-eval’
“I don’t know what all this IPS brou-hah-hah is about; NAT, Implicit Deny, and Good Password Hygiene is all we needed in the past.”