Hacker News new | ask | show | jobs
by mkjones 5320 days ago
That's a good idea, and we actually thought about that. But assuming we need those APIs, what's to keep them from calling our wrappers around them?

Put another way, how do we determine if the caller of some of our js is malicious or is us?
1 comments
jQueryIsAwesome 5320 days ago
It just needs to be non-predictable. Give the wrapper object and ALL his methods a random name for every session.
link