I was asked about the paradoxical nature of CodePen itself recently. CodePen needs to be safe and secure, yet we accept and gleefully execute user-authored code, which is like don’t-do-that 101 in web security. Marie and I hop on the show to talk this through as an update from quite a long time ago. It’s wonderfully-terribly complicated. Part of what complicates it is that there are many different kinds of worrisome code, from malicious, to distasteful, to spam, and they all need different treatment. This is a daily and never-ending war.

Time Jumps

  • 00:27 Listener question
  • 04:09 Browsers have gotten safer
  • 06:18 Sandboxing
  • 09:31 Sound in the browser
  • 11:19 Sponsor: Notion
  • 12:21 It’s not always bad actors, but sometimes it is
  • 15:35 SEO spam
  • 19:27 The threat of Google blocking
  • 20:31 Tooling to stop bad behaviour

Sponsor: Notion

Notion is an amazing collaborative tool that not only helps organize your company’s information but helps with project management as well. We know that all too well here at CodePen, as we use Notion for countless business tasks. Learn more and get started for free at notion.com. Take your first step toward an organized, happier team, today.