If you want a TLDR summary of the new rules to share, here you go: Payment pages must only load JS required for processing payments. Payment pages must restrict what JS loads, for example with CSP. Payment pages must integrity check JS, for example with SRI. Payment pages must be monitored for changes, for example with CSP reporting
If you want a TLDR summary of the new rules to share, here you go:
As I try to keep up with the articles pilling up in my to-read list, this one (from last year) is, well, nasty and sad at the same time
Krkrkr