Archived link

The polyfill.js is a popular open source library to support older browsers. 100K+ sites embed it using the cdn.polyfill.io domain. Notable users are JSTOR, Intuit and World Economic Forum. However, in February this year, a Chinese company bought the domain and the Github account. Since then, this domain was caught injecting malware on mobile devices via any site that embeds cdn.polyfill.io. Any complaints were quickly removed (archive here) from the Github repository.

  • DaGeek247@fedia.io
    link
    fedilink
    arrow-up
    3
    arrow-down
    2
    ·
    5 months ago

    I’ve been using noscript for years.

    Yeah, it took me about that long to get my regular websites working right too. And then i had to reinstall for unrelated reasons and all that customisation was gone.

    • Optional@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      ·
      5 months ago

      While you can back it up, at least once you’ve suffered the loss multiple times you can get it 90% back on first re-visit after reinstall.