You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Should we have an audit to discourage use of plugins? E.g. we already list use of Flash as a common mistake in our "mobile friendly documentation"
Some types of videos or content are not playable on mobile devices, such as license-constrained media or experiences that require Flash or other players that are not broadly supported on mobile devices. Unplayable content, when featured on a page of any website can be very frustrating for users.
A "simple" way to ensure that this is the case:
check that the site's CSP policy sets object-src 'none'
Okay, so @mikewest says in the longer term we may have https://w3c.github.io/webappsec-csp/api/ to play with, for now I'll roll with checking the headers. Which I think we should be able to do from the existing Network records gather.
Should we have an audit to discourage use of plugins? E.g. we already list use of Flash as a common mistake in our "mobile friendly documentation"
A "simple" way to ensure that this is the case:
object-src 'none'
The text was updated successfully, but these errors were encountered: