This is the last of my ideas for prevention of Cross-Site Scripting, and in a way the most radical. I was having a shower this morning, when I was struck by a great idea. What if the entire Internet was under the same domain? This radical move would prevent Cross-Site Scripting at a stroke! We could change the DNS servers of the world to only resolve a single domain, and move all other websites under it. There’s be no way to do cross-site anything at all.
So, which company or group is worthy of the honour and responsibility of watching over such a valuable community resource? Much as I’d like to suggest mozilla.org, I’m not sure we have the bandwidth. So, having seen the good job they’ve done with newsgroups, I think it’s time that we recognised that inevitability of GWorld Domination and handed over control of the entire Internet to Google, Inc. Instead of “The Internet”, we’d have “G-Internet” (catchy, huh?). It would give all websites a new subdomain of the main google.com domain – for example, www.gerv.net.g-internet.google.com. No more Cross-Site Scripting!
Putting the entire Internet under Google’s control has a number of great side benefits. For a start, it would be a lot easier to search – Google having the master copy of the web would help them to spider it much more quickly, and keep their index up to date. Then, of course, all web apps would be automatically upgraded by Google’s New Service Gnomes to use XmlHttpRequest and other modern web application technology. I can certainly see a lot of people appreciating Hotmail getting such a makeover.
But lastly and most importantly, it would be a great help in the War on Terror. (This is a clinching argument because no-one can object because they’ll get accused of being soft on terrorists, and therefore it requires no justification.) I, for one, look forward to this brave new world! Viva G-Internet!