Kilamaos@lemmy.worldtoNo Stupid Questions@lemmy.world•How do you deal with endless cookies dialogues?English
1·
1 year agoThis. While react is entirely js, plenty enough have js somewhere for something. Manually whitelisting stuff is a widely unnecessary burden.
Is what you host publicly accesible? If not, then it’s not even a concern. You could even host unsafe apps, but if you know they are entirely inaccessible, it wouldn’t change a thing.
As for php itself, it’s mostly due to the fact it’s by far and wide overwhelmingly crushing the competition. A quick Google search says it’s used by about 80% of websites. So, it has, by far, the most (negative) publicity, biggest target, and most inexperienced/bad devs working on it. Software is as secure as its made. Junior dev don’t often think about security. It’s bigger, so it happens more often.