Embed JavaScript in GitHub README.md

Allowing javascript from third parties directly on a website has huge XSS attacks implications. Someone could use javascript code for example to grab the cookies associated to any visitor's github accounts and forward them to a malicious entity.

There's also the nuisance potential, as having access to javascript means having access to the CPU of the visitor and being able to do things like pop-ups or blinking text.

As such it's natural that javascript isn't supported in READMEs. Markdown may have a way of doing it, but it'll never be allowed on a website like GitHub.

However, you can do it on your project's github page, if you have one, since it doesn't belong to the main github website and the domain is not the same.


As a follow up to coyotte508's answer (sorry, not enough points to reply directly):

If Github were to enable such a feature they could use iFrames as an effective measure against XSS in the same way ReadTheDocs does.

EDIT: Also you might want to check out readthedocs.org as an alternative to a Github README.md. They support embedding javascript in rst files.