client: remove comment we merged in by mistake

Hacker0x01 · Jul 21, 2016 · 7b6d247 · 7b6d247
1 parent f40c959
commit 7b6d247
Showing 1 changed file with 1 addition and 11 deletions.
diff --git a/lib/assets/client.js b/lib/assets/client.js
@@ -88,17 +88,7 @@ function topLevelRedirect (url) {
   if (window === top) location.href = url
   else parent.postMessage('slackin-redirect:' + id + ':' + url, '*')
   // Q: Why can't we just `top.location.href = url;`?
-  // A: Ah, the halcyon days, when scripts in iframes could just arbitrarily
-  //    fuck with parent windows' globals. I'm afraid that in this day and
-  //    age of [sandboxes][] and [Content Security Policies][CSP], it's all
-  //    too common for meddling idiots to try to stop us from doing whatever
-  //    we please with their globals---how dare they trample on our rights.
-  //    I mean we're still allowed to do almost anything to their globals,
-  //    the only global we're not allowed to change now is the location URL
-  //    (seriously). I momentarily hoped that explicit permission from the
-  //    parent of the iframe could ensure this privilege that we deserve of
-  //    redirecting the parent, but [nope][].
-  //
+  // A:
   // [sandboxing]: http://www.html5rocks.com/en/tutorials/security/sandboxed-iframes/
   // [CSP]: http://www.html5rocks.com/en/tutorials/security/content-security-policy/
   // [nope]: http://output.jsbin.com/popawuk/16