Creating JavaScript based crypto is possible but risky
Javascipt nur mit wenigen non alphanummerischen Zeichen coden
Viele Wege führen an einer Blacklist vorbei. Unterschiedliche Darstellungsformen für JavaScript
Intranets are intended to be secured from the outside by way of firewalls and other networking devices. Unfortunately, there has been a move towards non-routable address space as a method of protection, rather than other methods of protecting private IP space. This paper will outline a number of flaws that can be exploited by an adversary because of the use of well known non-routable IP address spaces.
Fast symmetric cryptography in Javascript
Most interestingly, however, Facebook allows you to do this by executing your code on *.facebook.com. What this means is your code has privileges to do whatever any of Facebook's code can do -- if you can make it happen...
Link to a PDF taking about which JS Frameworks help against JS hijacking and how JS hijacking works