[development] jQuery 1.2 is released

David Metzler metzlerd at metzlerd.com
Sat Sep 15 01:30:32 UTC 2007

That's a bit unfair.  I was talking about the risk of compromising  
the site and operating system protection etc.   I thought we were  
having a discussion about risk vs. benefit, and I was trying to make  
a point that compromised javascript code does not have the same risk  
factor as compromised php code.   Particularly if you're talking  
about the ability to propagate from host to host, etc. Some in this  
thread seemed to be implying that this was the same level of risk.

Javascript operates in a security sandbox.  PHP doesn't.

On Sep 14, 2007, at 9:02 AM, Earl Miles wrote:

> David Metzler wrote:
>> But I also agree with the concept that jQuery plugins aren't the  
>> same as PHP code., cause they don't execute server side.
> Right, because endangering your users is better than endangering  
> your own site.

More information about the development mailing list