Finally you had time to be clear about that. You should had do that 18 responses before. Anyway and going back to the point itself, lets do another resume: 1. allowing jquery plugins to be installed by the user through Drupal, would have the same problems that we have today, allowing the user to upload anything he wants through Drupal. 2. allowing javascript to be installed at *install time* (in any some folder) by the administrator has the same problems that we have today when he installs Drupal. 3. automatically downloading a file ****at user/admin request**** (and ALWAYS with user/admin knowledge) from a *remote server* has the same problems has the user going to the remote server and downloading/installing the file itself. 4. already discussed was the option to create valid/authentic packages. With the upcoming functionality "update/version status", if Drupal server is compromised, you think it's a different situation from the one you are trying to create? So, it's time to start thinking about "signing" of Drupal core/contrib/(eventually)plugins packages! Regards, Fernando On 9/14/07, Jeff Eaton <jeff@viapositiva.net> wrote:
This is very true. The concern that sparked this discussion revolved around *automatically downloading* javascript files from a *remote server* and automatically including them in Drupal's output to end- users. Compromising remote servers in that scenario (as happened with Wordpress) could easily result in jillions of Drupal sites auto- downloading a compromised version of a js file and 'reflecting' it out to all of their users.