| http://cdnjs.cloudflare.com/ajax/libs/socket.io/1.7.3/socket... http://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenMax.m... Some of the Javascript is served via plain HTTP as well as HTTPS https://clickclickclick.click/bundle.js This is 14 MB of Javascript Using HTTP/1.1, the norm in 2016, I counted 233 chunks Might as well just ask the user to download a 15 MB executable, e.g., a "game", and run it Developers often refer to this idea of the "browser sandbox" but there are lots of things that are permitted inside this "sandbox" that some users would consider part of their "threat model" For example, gratuitous data collection, surveillance and advertising |