Comments inline
On Fri, Mar 4, 2016 at 11:08 PM, Domenic Denicola wrote:
> From: es-discuss [mailto:es-discuss-boun...@mozilla.org] On Behalf Of Ron
> Waldon
>
>> Are there CSP benefits for other JavaScript environments (e.g. Node.js)?
>
> Yes; it is something that could in
From: es-discuss [mailto:es-discuss-boun...@mozilla.org] On Behalf Of Ron Waldon
> Are there CSP benefits for other JavaScript environments (e.g. Node.js)?
Yes; it is something that could in theory be exposed through Node's vm module
(i.e. Realm creation API), which would help certain
Are there CSP benefits for other JavaScript environments (e.g. Node.js)?
Would there be benefits in applying CSP at the module level? e.g. module A
has been vetted and can do these things, whilst module B is less trusted
and has strict limitations
___
From: es-discuss [mailto:es-discuss-boun...@mozilla.org] On Behalf Of Andrea
Giammarchi
> Can anyone explain with few words what does this change actual mean for JS ?
It means that JS will now specify how it has been implemented already in every
browser, in a more rigorous way that allows the
I'm not sure it's easy to understand what is this about, but if I read eval
and Function as no-op under CSP I imagine the joy of Angular framework
users since both version 1 and version 2 have various bits based on
evaluation ( example:
At https://github.com/tc39/ecma262/issues/450 we have started discussing
whether a discussion is warranted. Perhaps a discussion is not warranted,
in which case a thread on es-discuss is not needed, as some claim. However,
since we are now discussing this very question, the question of whether we
6 matches
Mail list logo