This project is not maintained anymore. You can still view and search the archives.

Of Course I’ll Let You Execute Arbitrary Javascript Code in My Users’ Browsers

This link appeared in WDRL 148 on 05.08.2016.

“Add this JS-snippet to the project.”—a common request that developers hear quite often. Kevin J. Dolan shares his eye-opening experience with a QA-person on why it’s a very, very bad idea to follow such requests blindly and explains why you shouldn’t include external third-party JavaScript references without extensive reviews.