| ▲ | RobotToaster 9 hours ago | |
anything loaded from a third party domain shouldn't be allowed to run scripts. | ||
| ▲ | lxgr 5 hours ago | parent | next [-] | |
That restriction would both be trivial to circumvent by malicious advertisers and annoying for many legitimate web concepts. | ||
| ▲ | pas 8 hours ago | parent | prev | next [-] | |
facebook.com does this as a first party site, shit sites trying to squeeze eyeball time from visitors should be put on Google's malware sites list, but apparently those are the best sites nowadays... :/ | ||
| ▲ | bell-cot 7 hours ago | parent | prev [-] | |
Maybe it's not quite your meaning - but there are browser plugins which allow per-domain blocking of js. I use one, with the default set to deny js. | ||