I wish to serve a web application where only digitally signed code from a trusted source is allowed to execute for a given domain.
To me it seems like such an obvious
