Re: Why do browsers allows JS from other domains to run
"I've never understood i) why a site would trust other sites to host code for them and ii) why browsers allow one site to run scripts from another."
Heck, I've never understood why anyone would think that downloading ANY code from ANY website into a browser for immediate execution, could possibly be a good idea. It seems clear to me that can only work in a world with technology that provides 100% iron clad security as well as computer folk who never, ever, make mistakes. We do not live in such a world. We are unlikely ever to live in such a world.
But ... but ... but ... That'd make life harder for web designers. Yep. Almost certainly it would. So what? If we're going to do financial and other important stuff over distributed public communications network, shouldn't USER security be the overriding priority?
Biting the hand that feeds IT
