*it's orthogonal to browser sandboxing* Not at all, the owner of a website shoul... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		gaius on June 3, 2018 \| parent \| context \| favorite \| on: One year of C it's orthogonal to browser sandboxing Not at all, the owner of a website should not be able to coerce your browser to anything but display the page.

floatboth on June 3, 2018 [–]

"Displaying the page" has meant "running arbitrary application code" since Netscape. If you don't agree, disable JavaScript completely and enjoy the 100% working pages everywhere ;)

gaius on June 4, 2018 | [–]

There is a big difference between executing a little JS to do a button rollover, and performing arbitrary computation!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact