That's easy. Just add async attribute to the script tag. DOM will be ready before Javascript is downloaded, so the visitor will see contents of the page faster. It's always better, when your JavaScript is only used for user's interaction.
How to check if image has no code injected?
If you let images with code injection be saved on your server, it is possible, that it's a highwayto your php files and whole database, so it is important to make sure, that if user uploads avatar, it is really an avatar, not some hacky stuff with code injected into the image.
Subscribe to:
Posts (Atom)