Peter 'Happy' Thomas (happypete) wrote in suggestions,
Peter 'Happy' Thomas

Allow limited access to scripting, beyond current embedding options

Allow limited access to scripting, beyond current embedding options

Short, concise description of the idea
Loosen restrictions on scripting in journals.

Full description of the idea
By disabling almost all JavaScript and IFRAMES, LiveJournal is preventing access to a large number of the advantages of the Semantic Web in the name of security. Perhaps the feature could be restricted to permanent and paid users--users with a financial stake in LiveJournal are probably a lower risk [EDITED: The stricken assertion strongly rebutted in comment-space. Read the comment threads for alternate implementation suggestions].

An ordered list of benefits
  • LJ users can take advantage of various semantic and "Web 2.0" tools, mashups, and extensions.
  • Stay competitive with Blogger, WordPress, and other platforms that allow these technologies.
  • Some tools out there automate the addition of Affiliate tags, allowing one to "monetize" links from their journal.
An ordered list of problems/issues involved
  • Harder to prevent cross-site scripting attacks and content that breaks friends pages.
  • Care must be taken to prevent "breakage" of friends and friendsfriends views.
  • Possible increase in support issues that are actually related to embedded or scripted content from other sites.

ETA: Many people have commented that $5 is not a high enough bar to prevent bad behavior. So set the bar higher [perm accounts or pre-paid annuals for example].
Tags: javascript, markup, security, § no status
  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

← Ctrl ← Alt
Ctrl → Alt →
← Ctrl ← Alt
Ctrl → Alt →