Paul Hummer writes: > I don't know if you security folks are up for that or not, but I do it for > many of my sites. Pulling unauthenticated JavaScript into a security context is insane. I hope your sites don't host any important data.