1 comment

[ 3.1 ms ] story [ 10.0 ms ] thread
You should consider putting the JS in an iframe using srcdoc so that you can sandbox it from XSS attacks.