Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You can import malicious client side plugins irrespective of if it’s an SPA or server rendered. I’d much rather a silly plug-in be limited to client side JavaScript (which is sandboxed) over server side logic, which is not.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: