Right, that is somewhat reassuring. However, the callback URL is configurable, right, so it could potentially be directed somewhere else, right? So, multiple sites could pool the callback to track users?
Also, if the same site has both sensitive and not-so-sensitive content, then it could use this to track users where users would otherwise use a incognito mode?
I got a step further. When I previewed, clicking on the execute button printed
alert(“foo”)
in the box below, so I suppose that what’s front end mean in this context. Makes sense. I haven’t gotten the code to run, though…
