On 23 Sep 2017, at 17:15, John Levine wrote: > In this kind of application I'd make the DNS calls back to wherever I got the page with the Javascript, which has a very straightforward security model. (If it lies about the DNS responses, it can equally well send out Javascript that lies in the pages it constructs.) Can not whoever develops Javascript develop some correct libraries for usage of domain names? Patrik
Attachment:
signature.asc
Description: OpenPGP digital signature