It would be nice if people could lay off the script injections. It's clearly insecure, but that's not really the point. It makes the experience worse for everyone if you alert(), etc.
The failure is the lesson. The previous version was a clever hack written by a clever person. This is ignorance, and the lesson is that allowing users to run arbitrary code on other user's computers is bad idea.
I'm pretty sure that OP knew the issue, not just you, so it's not ignorance. And it's not the moment to cite The Good Parts either.
There is no failure here to be seen. There is a clever hack to make a spreadsheet shared quick and dirty.
Just a reminder that all the JS code you run, in particular on jsFiddle, is untrusted and is part of the security model of the JS engine in your browser that evil JS code must not be able to do any harm. If it did, report it to the browser vendor and earn a bounty.
Almost certainly someone is stealing cookies and this should be taken down soon. However, I actually enjoyed this post and was really informative all around.
Nice. I look forward to the full office suite in 60 lines of JS, the email client/server in 75 lines of JS, and of course the bitcoin exchange web app in 90 lines of JS.
<h1>Alabama</h1>
<p>Please call 205-XXX-XXXX for more information.</p>
<h1>Alaska</h1>
<p>Please call 907-XXX-XXXX for more information.</p>
<h1>Arizona</h1>
<p>Please call 480-XXX-XXXX for more information.</p>
<h1>Arkansas</h1>
<p>Please call 479-XXX-XXXX for more information.</p>
...
that's the spirit ! seriously it would be an awesome idea to create a website with challenges like that. create a substractive synthesizer in js in less than 1k, like old demos
I think the title should warn users of the various remote injection vulnerabilities present in the script. It took about 5 seconds for the page to change to xhamster
WARNING: Could there be some kind of script attack ? My Safari browser freezes with 'foo' alert message from this site and it has placed itself as default website so whenever I reopen safari it freezes again.
Now I really love the feature of Chrome, "Prevent this window from creating new dialog box" ( or something like that ).
Some *$%#@ put alert in the cell.
I like the craziness that this devolved into. It's funny when a bunch of people are all editing like mad.
I had the thought that it'd be fun to have a contest using jsfiddle to start from some point, like the excel (lite) clone in 30 lines, and add the best/coolest feature in some limit of lines.
I wonder if a collaborative drawing app could be made with this, using canvas.. I keep trying to figure out exactly how it works but then sparkleponies and alerts everywhere...
You'd have to parse the cells as some sort of DSL that only allows mathematical tokens, as opposed to eval which allows access to the full arsenal of the JS language. But I think excel is Turing complete
