

Get your GitHub badge now - berkerpeksag
http://githubbadge.appspot.com/

======
johns
Total project followers is more interesting to me than how many follow me
directly.

~~~
BYK
Added, thanks for the suggestion! =)

------
javery
Why use an iframe? Async javascript would be better all around. Also - when
you click you name in the badge it opens the link inside the small iframe.

~~~
ryanpetrich
iframes don't block the outer page from loading or expose the page's security
context (cookies, etc) to the external domain.

~~~
javery
Async JS doesn't block either - and cross-domain scripting rules are strict
enough that it is pretty safe. The iframe code has an async Google Analytics
script in it - perhaps that is the reason for the iframe (to use google
analytics for tracking usage).

~~~
JoshTriplett
Curious what you mean about cross-domain scripting rules and safety. Normally,
loading a third-party script via a script tag lets that script do anything the
page can do, which makes it decidedly unsafe.

Personally, I greatly prefer the iframe.

~~~
javery
You're correct - it can do just about anything. Technically it can't make ajax
calls back to a domain other than where the page was served from - but you
could get around that by just inserting more javascript tags.

iFrames do offer a little more security here - but in this case I would still
go for just script since I don't see that the downsides outweigh the added
security. (you can still do a whole ton of damage from an iframe)

~~~
JoshTriplett
What damage can you do from an iframe? You don't have any of the permissions
of the site containing the frame.

~~~
javery
You can deceive the user pretty easily with content that looks like the main
page and prompts them to do something you want them to do. (like login to the
parent app even though they are logging into your app, anti-phishing stuff
won't take effect if you keep it all in the iframe)

You could also just execute whatever JS you want if there is a browser
vulnerability you want to take advantage of.

------
t4nkd
Number of times I've commented on an HN story: 0

Number of times I've followed up on GitHub related news, anywhere: n +
rand(50..100) # => always

Times I've thought that Github is growing sickeningly commercial, that my
attempt at best practice and code sharing is equating to (millions of) dollars
in their pocket, and that other seemingly like-minded individuals want to
capitalize on their successes to achieve notice: At least twice.

At least when Dr. Nic made this widget, it seemed original.

~~~
BYK
This is a pet project and we gain nothing but experience. We were not aware of
any similar projects when starting. In terms of capitalizing, please keep in
mind that there are no ads and we do not intend to add any so it will cost us
in the contrary when more people start to use this.

~~~
Mathnerd314
You could add a (small) donation link

~~~
BYK
We may when the service actually starts to cost us =) Thanks ;)

------
lee337
Nice work! With this, coderwall and all my soccer trophies/medals... my
parents' fireplace will never be the same again :-)

------
gus_massa
In IE8 the badge is a few pixels too wide and an horizontal scroll bar
appears.

------
jamesbritt
Will this help me write more or better code, or release more often?

~~~
mtogo
Not everything is about releasing more often.

~~~
DrJ
firefox/mozilla's product managers disagrees :(

------
vmind
It seems to choke if you have a hyphen in your username.

~~~
BYK
It's already fixed. Thanks for reporting! =)

------
bltavares
Really awesome. It's on my page already

------
ahmetalpbalkan
awesome project

