A few days ago there was a lot of chatter about a 'keylogger' built in CSS. Some folks called for browsers to 'fix' it. Some folks dug a bit deeper and saw that it only affected sites built in React-like frameworks, and pointed the finger at React. But the real problem is thinking that third party content is 'safe'. Third party images If I include the above, I'm trusting example.com. They may betr
![Third party CSS is not safe](https://cdn-ak-scissors.b.st-hatena.com/image/square/275edb50d473e8e4acd3a8035eef743809f96ee2/height=288;version=1;width=512/https%3A%2F%2Fjakearchibald.com%2Fc%2Ficon-d166b7f8.png)