[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security concerns with minified javascript code

Hi,
On Mon, Aug 31, 2015 at 09:50:05AM +0200, Raphael Hertzog wrote:
> On Mon, 31 Aug 2015, Simon Josefsson wrote:
> > How would someone rebuild the minified javascript files from the
> > missing-sources files?
> 
> They would not?
> 
> The modified non-minified files are perfectly usable even if they are a
> bit larger than the minified ones.
> 
> >   The included JavaScript file is minified and thus not readily
> >   modifiable, but source code exists in debian/missing-sources/
> >   directory and can be rebuilt into the minified version by doing X.
> 
> ...and can be installed over the minified files if you actually need to make
> changes in those files.

Couldn't we just use the non-minified versions in most situations? A
heavily loaded wordpress site might not be good example but e.g. doxygen
documentation probably doesn't suffer much from non minified JS.

Cheers,
 -- Guido
Reply to: