Remote-code-execution as a feature just isn't a good idea. Sandboxes can (and Murphy's Law says they will) be broken out of. There are many documented browser-exploits and basically all newer ones that are actually a…
I also think that Twine/Client-Side-JS isn't the worst choice here. It takes unnecessary load from the server and is easy to use, at least for the one creating the game. It's just so frustrating to watch how having…
> Just wish I can only give authorization to certain JS api. This is already implemented in any browser I know, but for some reason it is available only to some functionality (microphone, camera etc.) but not for eg.…
Thats what cookies are for.
Remote-code-execution as a feature just isn't a good idea. Sandboxes can (and Murphy's Law says they will) be broken out of. There are many documented browser-exploits and basically all newer ones that are actually a…
I also think that Twine/Client-Side-JS isn't the worst choice here. It takes unnecessary load from the server and is easy to use, at least for the one creating the game. It's just so frustrating to watch how having…
> Just wish I can only give authorization to certain JS api. This is already implemented in any browser I know, but for some reason it is available only to some functionality (microphone, camera etc.) but not for eg.…
Thats what cookies are for.