Loading ...
Sorry, an error occurred while loading the content.

Stinking badges

Expand Messages
  • Douglas Crockford
    ... There are lots of Ajax libraries out their. You can find some pointers to them at Ajaxian.com. The web developer selects scripts from the library and
    Message 1 of 2 , May 20, 2007
    View Source
    • 0 Attachment
      --- In caplet@yahoogroups.com, Norman Hardy <norm@...> wrote:
      >
      > I quote from the MashupOS paper from Microsoft that Doug referred us to:
      >
      > There is either no trust across principals through complete isolation
      > or full trust through incorporating third party code as libraries.
      >
      > Where can I learn about these libraries--who can add to them and who
      > can call them?
      > Is there an implication that the 'third party' is mutually trusted?

      There are lots of Ajax libraries out their. You can find some pointers
      to them at Ajaxian.com. The web developer selects scripts from the
      library and includes then using HTML script tags. These scripts have
      access to everything. The scripts generally do not have secrets of
      their own.

      Most libraries get copied to your server. Some libraries, such as Dojo
      and YUI, can be loaded from 3rd party servers.

      A recent fad on sites with user-generated pages (like MySpace) is
      inclusion of 3rd party JavaScript badges on web pages. These badges
      provide access to logging, galleries, and video. And the badges have
      access to everything.
    Your message has been successfully submitted and would be delivered to recipients shortly.