Reply to post: Re: Why do browsers allows JS from other domains to run

Ticketmaster breach 'part of massive bank card slurping campaign'

tfewster Silver badge
Facepalm

Re: Why do browsers allows JS from other domains to run

I see your point, but it's essential in some cases - e.g. checking a payment using Verified by Visa loads the Visa JS from Visas site (if I allow NoScript to run some JS from those dodgy-sounding domains when prompted). However, I really wouldn't want multiple "local" copies of that.

"...i get the third party components, bundle and test them then distribute".

Unfortunately that's why you get multiple installs of Java on some systems, all out of date.

Every solution has its own problems :-( The real question is, 'is the "trusted" site trustworthy?'

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019