Someone recently mentioned this improvement to the latest 1.9.7 security enhancements in the Bricks Facebook group, which I thought was a great idea.
“It would be amazing if you could disable the possibility to create NEW signatures via a constant in wp-config or a hook. That way, you can lock code creation down after you’re done with a site build.”
Signatures protect the code that is inserted into the Code widget, but there is still no protection for JS code in the page settings and in the Bricks settings. Isn’t JavaScript code dangerous? By implementing it you can steal redirects or steal cookies
But if you look from the other side, there are plenty of places where you can implement JS code