[Greasemonkey] gmdetect.js

Jeremy Dunck jdunck at gmail.com
Tue Jul 19 18:01:12 EDT 2005


On 7/19/05, Mark Pilgrim <pilgrim at gmail.com> wrote:
> > Mind if I link directly to it on the DiG site?
> 
> I generally prefer that people copy it to their own servers (actually,
> I generally forbid them from hotlinking with .htaccess).  But given
> the severity of this situation, I will make an exception to my general
> rule and allow people to hotlink it if they are unable to host it
> themselves.

I imagine his motivation is that the detector can be updated should
alternate exploits be discovered.

> Note that hotlinking a remote script creates a security risk for you.
> If someone took over my site, or if I turned evil, the script could
> suddenly be replaced with something malicious and your visitors would
> be affected.

But if you keep whitehatting and he gets free updates, then it's
better.  Funny world.


More information about the Greasemonkey mailing list