Hello, Consider a blog apps like Blogger, you have a site like
http://abc.blogspot.com each time, you want to leave a comment for an article, you will be redirected to another page under the blogger domain, e.g. https://www.blogger.com/comment.g..... I think one of the reason why Blogger don't embed the comment box into the user's blogspot page directly is related to security (XSS? I am not sure) my questions: 1. Will there be any securty threats if I create an iframe, and put the blogger comment page directly into the user page (i.e. https://www.blogger.com/comment.g) 2. Can the security be improved by using jQuery / Ajax approach ? Thanks.
