Y
Hacker News
new
|
ask
|
show
|
jobs
by
RobotToaster
62 days ago
anything loaded from a third party domain shouldn't be allowed to run scripts.
3 comments
pas
62 days ago
facebook.com does this as a first party site, shit sites trying to squeeze eyeball time from visitors should be put on Google's malware sites list, but apparently those are the best sites nowadays... :/
link
lxgr
62 days ago
That restriction would both be trivial to circumvent by malicious advertisers and annoying for many legitimate web concepts.
link
bell-cot
62 days ago
Maybe it's not quite your meaning - but there are browser plugins which allow per-domain blocking of js. I use one, with the default set to deny js.
link