Reply to post: Re: Why do browsers allows JS from other domains to run

Ticketmaster breach 'part of massive bank card slurping campaign'

vtcodger Silver badge

Re: Why do browsers allows JS from other domains to run

"I've never understood i) why a site would trust other sites to host code for them and ii) why browsers allow one site to run scripts from another."

Heck, I've never understood why anyone would think that downloading ANY code from ANY website into a browser for immediate execution, could possibly be a good idea. It seems clear to me that can only work in a world with technology that provides 100% iron clad security as well as computer folk who never, ever, make mistakes. We do not live in such a world. We are unlikely ever to live in such a world.

But ... but ... but ... That'd make life harder for web designers. Yep. Almost certainly it would. So what? If we're going to do financial and other important stuff over distributed public communications network, shouldn't USER security be the overriding priority?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019