Tiffany B. Brown

a mish-mosh of stuff

Trusting Anil Dash not to f*ck up my site with evil JavaScript

Below is a snippet of an entry from Anil Dash‘s blog on the possibilities of using embed, object and JavaScript for serving all kinds of content — not just movies.

The obvious question is ‘How much should you trust code from strangers?’ And can this be done in a safe(-ish), secure(-ish) way?

Possibly related: Cross-domain Ajax links and Access Control for Cross-site Requests (implemented in Firefox 3)

  • http://negroplease.vox.com/ Jason Toney

    the title of this post would’ve been hella funny if you had lopped off “javascript”.

  • http://negroplease.vox.com Jason Toney

    the title of this post would’ve been hella funny if you had lopped off “javascript”.

  • http://www.anildash.com/ Anil

    Oh, see, now you’re tempting me to mess with your site. ;) I think the most interesting thing here is the list of commenters… makes me wonder what it would look like if we had avatars for them or something.

  • http://www.anildash.com/ Anil

    Oh, see, now you’re tempting me to mess with your site. ;) I think the most interesting thing here is the list of commenters… makes me wonder what it would look like if we had avatars for them or something.