logo

Live Production Software Forums


Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Options
Go to last post Go to first unread
luffy99  
#1 Posted : Friday, January 21, 2022 10:37:22 PM(UTC)
luffy99

Rank: Newbie

Groups: Registered
Joined: 1/20/2022(UTC)
Posts: 1
Angola
Location: ittaly

Reading about some recent WordPress vulnerabilities, it got me thinking about trusting 3rd party tools. I'm not a JS dev.

If I'm building a website for users to track projects, I'll have some 3rd party JS to handle things like client-side validation (of course, there's server-side validation going on). For example, I'll use Swal (SweetAlert).

What if the SweetAlert dev decided to bury some code in his library that does a document.write of cookies, or sends other form data? I'm not a JS dev, and often these libraries are huge. How could I know if a library is doing nefarious things?

Thanks!
Users browsing this topic
Guest
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.