As Yahoo’s new application platform YAP that allows you to run small apps in My Yahoo and the Yahoo homepage uses Caja there was an immediate need to make YUI work. The YUI team and the YAP engineers put their heads down and now announced that YUI has been cleaned up and made compatible.
As Caja doesn’t allow for
script with a
src inside a container this restriction has been lifted for the official YUI locations. Read more details about the changes to YUI on the YDN blog and here are the links to the docs and the forum where I’d encourage you to report any bugs you find:
This is a great step towards secure apps that can be built easily. There were a few earlier attempts to “fix” prototype to become Caja compliant and I would love that to come to fruition. Furthermore, a Caja compliant jQuery and Mootools would rock, too. The official whitelisted endpoint for inclusion could be the Google Ajax Libraries API.
Posted by Chris Heilmann at 11:48 am