On Wed, Feb 15, 2012 at 3:19 AM, Ryan Lane <rlane32(a)gmail.com> wrote:
3. jQuery drop
down menu - I wanted to implement this functionality on
every page. I had seen the SignUP API & wanted this universally. If there
are security issues with AJAX, then there is no need to even implement the
jQuery alongside. (Idea dropped)
Well, just because it would be insecure the way the Wikimedia sites
are configured doesn't mean it isn't useful for others. Any site that
is either 100% http or 100% https could use this.
The security issues I was referring to (And Dantman kinda pointed were
slightly non issues) was any JS can be run on those pages (so people
could do things to the login forms) where as on the separate login
page, We are a lot more restrictive about what JS can be run thus
slightly mitigating that risk.