[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Index page included debianday.js from external source for some hours


* Hans F. Nordhaug <Hans.F.Nordhaug@hiMolde.no> [2011-08-18 09:25:21 CEST]:
> I just noticed that for some hours the debian index page included
> http://homes.dcc.ufba.br/~caiosba/debianday/debianday.js - ref 
> http://anonscm.debian.org/viewvc/webwml/webwml/english/index.wml?r1=1.86&r2=1.87
> (Or maybe the change never went live?)

 It did, for a day.

> I don't object to including some (harmless) JS code, but shouldn't 
> it rather be put on the debian server so we don't open for attacks
> (through third party web sites)?

 The reason to use the external URL was to allow them to update the code
(which did happen - in the early version it only had red balloons, for a
start).  It's of course a trust issue, and for a one day event I trust
the contributors to be reasonable (it's not like it was done by just
some random person but someone known within the community).  If it would
be on the site for longer it definitely would had got copied over.

Fühlst du dich mutlos, fass endlich Mut, los      |
Fühlst du dich hilflos, geh raus und hilf, los    | Wir sind Helden
Fühlst du dich machtlos, geh raus und mach, los   | 23.55: Alles auf Anfang
Fühlst du dich haltlos, such Halt und lass los    |

Reply to: