No; no I wouldn't.

Please? ;-)

I'm pretty surprised that Google was allowing such blatantly obvious XSS attack vectors.

How would a client make use of the Python code? By eval'ing it?

Yeah, exactly. From the docs:

Access the same data as Python for Python clients. This can be parsed into Python object as eval(urllib.urlopen("...").read()) and the resulting object tree is identical to that of JSON. However, when you do this, beware of the security implication. If you are connecting to a non-trusted Hudson, the server can send you malicious Python programs.

Strawman. No one said anything about this ad being an indication of us being in the midst of a bubble.

I think the article was at least trying to _imply_ that the ads indicate that we are in the midst of a bubble. Otherwise, why would they repeatedly bring up the Super Bowl ads from the last bubble?

Did anyone else have the misfortune of seeing the halftime show? The biggest stage in the world, and they get the black eyed peas to perform?

This is getting out of control. Why do people insist on using on using every framework under the sun because it's the "cool" thing to do?

Amazing work, thanks for this!