On 16 February 2013 20:36, Allen Wirfs-Brock al...@wirfs-brock.com wrote:
On Feb 14, 2013, at 11:46 AM, Andreas Rossberg wrote:
On 14 February 2013 01:05, Allen Wirfs-Brock al...@wirfs-brock.com wrote:
Where do without, means replaced with set/getIntegrity traps and objects
have explicit
Le 18/02/2013 11:10, Claus Reinke a écrit :
I'm looking forward to any recommendation you'd have to improve this
guide, specifically about the runtime errors where I said something
about 100% coverage test suite and I'm not entirely sure about that.
Talking about 100% coverage and catching
On 18 February 2013 01:24, Norbert Lindenberg
ecmascr...@lindenbergsoftware.com wrote:
Actually, it's not just case that users want to ignore. In many use cases,
users search for something similar to their search string, and the
definition of similar can vary substantially. For example, an
Le 18 févr. 2013 à 12:29, David Bruant bruan...@gmail.com a écrit :
snip
# On older browser not running strict mode
I was precisely going to write that it is missing an important explicit advice
to produce code that runs both under strict and non-strict mode.
That point is a very valid
Talking about 100% coverage and catching all errors is never a
good combination - even if you should have found an example of
where this works, it will be an exception.
There are a couple of things I'm sure of. For instance, direct eval
aside (eval needs some specific work anyway because its
I think this proposal gets it right from privacy side of things, but the
interaction with proxies is not good. Proxies would have to treat any
symbol as potentially naming a private property, and therefore all symbols
used by the object would have to be added to the proxy's whitelist when
Le 18/02/2013 16:48, Claus Reinke a écrit :
Talking about 100% coverage and catching all errors is never a
good combination - even if you should have found an example of
where this works, it will be an exception.
There are a couple of things I'm sure of. For instance, direct eval
aside (eval
Le 18 févr. 2013 à 00:56, Biju bijumaill...@gmail.com a écrit :
On 16 February 2013 20:26, David Bruant bruan...@gmail.com wrote:
Le 17/02/2013 00:58, Biju a écrit :
Also, it doesn't seem that hard to implement:
String.prototype.startsWithI = function(s){
this.match(new
Kevin Smith wrote:
If you added just one symbol to the internal interface of an object,
the whitelists at all trusted proxy-creating sites would also have to
be updated.
Not arguing with your larger point, but this is why the whitelist is a
live object, that is, the proxy code consults it by
David Bruant wrote:
...
Security is very loaded with emotions of people afraid to have their
password stolen and cyber attacks. It's also loaded with the notion of
human safety and human integrity which, as human beings are sensitive to.
Maybe I should start using a different word...
Great
The guide looks really good. Well done!
One thing I learned when trying to convince others to use strict mode
is a tool to help catching the syntax errors. Scanning a large app
code by hand is tedious and error prone. This is one of the reasons I
built an online validator:
as a high-integrity function:
var freeze = Object.freeze,
push = Function.prototype.call.bind(Array.prototype.push);
function makeTable() {
var array = [];
return freeze({
add: function(v) { push(array, v); },
store: function(i, v) { array[i 0] = v;
Claus Reinke wrote:
Careful there, you're not done!-) With nodejs, adding the following
var table = makeTable();
table.add(1);
table.add(2);
table.add(3);
var secret;
Object.defineProperty(Array.prototype,42,{get:function(){ secret = this;}});
table.get(42);
console.log(secret);
Out of curiosity, what does your favorite test coverage tool report
for the source below? And what does it report when you comment
out the directive?
:-p Ok, there are exceptions if your code depends on semantic changes
described in the third section of the article (dynamic
On Mon, Feb 18, 2013 at 2:27 PM, Nathan Wall nathan.w...@live.com wrote:
Claus Reinke wrote:
Careful there, you're not done!-) With nodejs, adding the following
var table = makeTable();
table.add(1);
table.add(2);
table.add(3);
var secret;
15 matches
Mail list logo
