Linking to a CDN is for development only. Once the app is build you build your d... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		array_key_first 16 days ago \| parent \| context \| favorite \| on: I decompiled the White House's new app Linking to a CDN is for development only. Once the app is build you build your dependencies into the app. You don't fetch them at runtime and run them. Not only for security, but also for performance. There's also a difference between using a CDN for, say, React and a random github project hosted by some dude.

trimethylpurine 16 days ago [–]

Yeah I agree. Tell Microsoft. But, meanwhile this is normally used wrong in a lot of apps. It's not newsworthy that this one is also.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact