This link appeared in WDRL 148 on .
Of Course I’ll Let You Execute Arbitrary Javascript Code in My Users’ Browsers
“Add this JS-snippet to the project.”—a common request that developers hear quite often. Kevin J. Dolan shares his eye-opening experience with a QA-person on why it’s a very, very bad idea to follow such requests blindly and explains why you shouldn’t include external third-party JavaScript references without extensive reviews.