The DOM and 3rd party javascript - still insecure | Dark Hacker News