Loading ...
Sorry, an error occurred while loading the content.

1421Re: [json] Re: IMPORTANT: Remove this line from json2.js before deployment.

Expand Messages
  • Andrea Giammarchi
    Dec 13, 2009
    • 0 Attachment
      If you go in YUI 3 Configurator the Result page provides a script to copy
      and paste to include remotely the library.

      If you go in Google Ajax libraries you will find external URIs to use third
      part hosts as trusted safe and secure host with updated libraries.

      If you are using dojo library you probably know about AOL:

      What am I saying is that we are not everybody under https and we trust, for
      whatever reason, some external domain.
      Not everybody could have followed the "alert story", I can already imagine
      developers called 6am in the morning about an alert in the website that does
      not use alerts at all.
      These devs could have quickly solved the problem nullifying the alert
      without caring about why the alert was there and, in the worst case
      scenario, blaming you to have forgot an alert inside your library and
      feeling cool to have solved an unexpected alert problem forever (so try with
      prompt or confirm ...)

      Since the message as is could sound more like you were testing something and
      you forgot an alert, I would rather change the alert message with a link
      that points WHY there is an alert.

      I totally agree with you and it could often be about developers laziness (in
      YUI case they did not use the php loader, etc etc) but at the same time:

      1 - every website could benefit about common external resources thanks to
      distributed cache for common libaries
      2 - this message is not perfectly clear since somebody, YUI! itself, is
      suggesting external resources while you, a Yahoo! engineer, are saying that
      this is so bad that anybody should avoid this technique

      Do you see what I mean?


      On Sun, Dec 13, 2009 at 6:38 PM, Douglas Crockford <douglas@...>wrote:

      > --- In json@yahoogroups.com <json%40yahoogroups.com>, Andrea Giammarchi
      > <andrea.giammarchi@...> wrote:
      > >
      > > Douglas, I think this move was brilliant, but as I have twitted, I
      > > wonder how many devs wrote a:
      > >
      > > window.alert = function(){};
      > >
      > > before including external resources, rather than get the real/original
      > > message
      > The point I was making was that if you care about reliability, security,
      > and performance, then you shouldn't load scripts directly from third party
      > servers. Are you suggesting that it is ok if you stub out alert first?

      [Non-text portions of this message have been removed]
    • Show all 9 messages in this topic