jdunck at gmail.com
Tue Jul 19 18:01:12 EDT 2005
On 7/19/05, Mark Pilgrim <pilgrim at gmail.com> wrote:
> > Mind if I link directly to it on the DiG site?
> I generally prefer that people copy it to their own servers (actually,
> I generally forbid them from hotlinking with .htaccess). But given
> the severity of this situation, I will make an exception to my general
> rule and allow people to hotlink it if they are unable to host it
I imagine his motivation is that the detector can be updated should
alternate exploits be discovered.
> Note that hotlinking a remote script creates a security risk for you.
> If someone took over my site, or if I turned evil, the script could
> suddenly be replaced with something malicious and your visitors would
> be affected.
But if you keep whitehatting and he gets free updates, then it's
better. Funny world.
More information about the Greasemonkey