Lex Spoon has a link on his web page to a rather scary paper explaining how
(as late as 1997) JavaScript opens a security hole big enough to pass the
entire WWW through.  Until someone assures me that it has been fixed, I have
turned it off everywhere I have a browser.  Basically all your traffic can
be redirected through a rogue site [e.g. prepending its name to whatever url
you pick, ala http://www.name-of-rogue-domain.com/http://www.squeak.org]
(bypassing SSL) and JavaScript can write to the status line and location
line on your browser so you will not see the url you are passing through.  I
think I'll wait until swiki.net is Scamper-ized.

Ed

Tim Rowledge wrote:

> On Mon 13 Dec, Stephen Pair wrote:
>
> > Use of Swiki.net requires that you enable cookies and use a JavaScript
> > capable web-browser.
> Oh, Stephen, why oh why require _that_ j-word ?  What about Scamper?
>
> tim
>
> --
> Strange OpCodes: RCR: Rewind Card Reader
> Tim Rowledge:  rowledge at interval.com (w)  +1 (650) 842-6110 (w)
>  tim at sumeru.stanford.edu (h)  <http://sumeru.stanford.edu/tim>