Sagacious Himself — brevity in circumlocution: never blague — suffering genius

July 23, 2013

wp cross domain content privacy breach

Filed under: AYBABTG — Sagacious Himself @ 4:43 pm

requiring google maps JS to enable editing fields on newly created post?  That’s a tad abusive.  Whatever JS you need to enable post creation/editing should ONLY reside within WP owned domains.

These ‘free’ services merely better enable cross-domain tracking of users.

suggested:

for third party hosted bits like fonts.google, google api, yahoo api  CACHE THEM LOCALLY.  Update your cache when remotes bit changes.

fonts.google.cache.wp.com
*.googleapis.cache.wp.com
*.yahooapis.cache.wp.com

That is IFF you value user security?

[snip]

Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a civil reply. We strongly recommend you always adblock the interweb [uBlock Origin]. You have no right to be published here. Abuse will be redacted or transmogrified. Post your Jabber Texting info (xmpp jid) should you prefer a different kind of interaction. Please refer to CONTACT page for terms, details, or special considerations such as private comments: himself.wordpress.com/contact/

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: