if the JavaScript is located on your own web server, won't it be possible to change the script once people have it on their Google/ig page? will this also mean the ability for people to code pop-up pages on google's own pages, URL re-directs, div pop-ups with ads, or maybe more malicious scripts? |
The potentially dangerous modules (basically all of them at this point) are run in iframes |
When i say all of them i mean all the ones that are going to be created. Google's own ones run inline. its all in the documentation |
Obvious shot at Yahoo! Widgets. |
Interesting. They're using a Gmodules.com domain in those Iframes, I suppose to prevent cross-site scripting from malicious widgets. The domain's robots.txt disallows any kind of spidering, too. gmodules.com/robots.txt
The API is incredibly easy to use so far, but even with the developer widget (developer.xml) the cache disabling doesn't seem to work... I need to add a random query string to force my test widgets out of the Google cache. E.g. ..../helloworld.xml?cache=32902309 |
Creating a widget is very simple. Just add + Show Flash to your Google Homepage (Add content --> Create section).
What else would you need? ;) |
Animated clock: + Show Flash
Grid Game: + Show Flash
Flickr slideshow (not perfect yet): + Show Flash
|
Google is down for me this minute... |
Music recommendations: andrewhitchcock.org/musicmobs/ ... |
I made an example that uses asynchronous JS and regular expressions. See somanyschemes.com/2005/12/14/d ... |
Here's a simple html one. it ads alternate search boxes for answers, catalogs, etc
base.google.com/base/a/CalebEg ... |