Sagacious Himself — brevity in circumlocution: never blague — suffering genius

July 23, 2013

wp cross domain content privacy breach

Filed under: AYBABTG — Sagacious Himself @ 4:43 pm

requiring google maps JS to enable editing fields on newly created post?  That’s a tad abusive.  Whatever JS you need to enable post creation/editing should ONLY reside within WP owned domains.

These ‘free’ services merely better enable cross-domain tracking of users.

suggested:

for third party hosted bits like fonts.google, google api, yahoo api  CACHE THEM LOCALLY.  Update your cache when remotes bit changes.

fonts.google.cache.wp.com
*.googleapis.cache.wp.com
*.yahooapis.cache.wp.com

That is IFF you value user security?

[snip]

Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a civil reply. We strongly recommend you always adblock the interweb. You have no right to be published here. Abuse will be redacted or transmogrified. Please refer to CONTACT page for terms, details, or special considerations such as private comments: himself.wordpress.com/contact/

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: