Board Thread:General Discussion/@comment--20150814190019/@comment-11842624-20150815185026

DaNASCAT wrote: Custom, user-written, executable JavaScript simply doesn't make sense on today's internet. no comments

Entire JS pre-check is radical method. post-check does not create a delay. How VSTF works: they deal with real consequences. roll back in case of vandalism. of course the really serious security problem - the theft of user data is not visible, however you can go through the collection of statistics on the server: as soon as you encounter a malicious script you will have full information about log ins, log outs, passwords changes, mail changes, the changes in the contribution of the participant. /based on these data, it is possible to make specific conclusions (I'm sure there are a couple dozen possible scenarios of what is happening) and to prevent the loss of accounts./ you assert that not a single line of code can't be trusted and that the script that is written by ordinary participants are meaningless? do you realize how silly that sounds in the wiki-realities?
 * Yandex translate
 * JS need take under control, but not in "total control" manner
 * hey and most still have a mobile phone for emergencies
 * but still to check scripts will need a lot of people, the sharing of scripts between members and global access to scripts for malware removal. global administration of js namespace (closer to wiki-realities). very responsible, selfless and interested in reading thousands of codes.