Feature or bug?
If your web app has require.registry or something like that and has authed secret content, any third party can get the AUTHED content.
-
-
The only reasonable way to program in JS on the web is to keep secret content OUT of JS.
-
Secret meaning something like a cookie, where a 3rd party could steal & do own requests... or just priv info, like twitter DMs?
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
