Hacker Newsnew | comments | show | ask | jobs | submit login

In order to get to that modal message, you first have to go and enable remote debugging, which is not something normal people would do. And in general, even though we can (and already have) come up with even more mitigations for the potential threat, the sad truth is that security and usability are fundamentally a tradeoff, so you have to strike a balance at some point.



And, I understand that. But, the drawbacks of the security implications of your development/developer browsers being thus weakened is, IMO, a decision heavily weighted in favour _against_ this feature.

Personally, I would love it. It would make my life easier to have a full IDE within a browser. However, I would never be comfortable with the security tradeoff and would never enable it.

-----




Guidelines | FAQ | Support | API | Lists | Bookmarklet | DMCA | Y Combinator | Apply | Contact

Search: