To nitpick, no it doesn't: there's some difference between "evaluation" and "interpretation;" not to mention JS scopes and such :)
However, "load, parse and execute this resource, statically referenced in a SCRIPT tag" doesn't raise quite as many red flags as "execute this _obfuscated_ code".
Sure, you could de-obfuscate it (as someone already did in the discussion) and check that it doesn't do anything nasty (e.g. "like" a few dozen pages for you); but the decision is heavily weighted towards "eh, don't bother."
12 comments
[ 2.0 ms ] story [ 32.2 ms ] threadInvalidCharacterError: 'atob' failed: The string to be decoded is not correctly encoded.
However, "load, parse and execute this resource, statically referenced in a SCRIPT tag" doesn't raise quite as many red flags as "execute this _obfuscated_ code".
Sure, you could de-obfuscate it (as someone already did in the discussion) and check that it doesn't do anything nasty (e.g. "like" a few dozen pages for you); but the decision is heavily weighted towards "eh, don't bother."