Jalla is still adding polyfill.io by default #4
Description
Hey Carl
I didn't notice this until recently. The url https://polyfill.io/v3/polyfill.min.js is not safe.
It's still used there: https://github.com/jallajs/jalla/blob/master/lib/document.js#L84
See: Polyfill.io Supply Chain Attack
Augustin