[Previous] [Next] [Index]
[Thread]
No Subject
anyone know more about the security of java/livescript (mocha, whatever)?
i've already heard of a big flaw that was plugged for the latest 2.0beta
that would allow a javascript author to save a history of the
clients travels on the web. are there any other potential dangers?
i really don't like the fact that this java script is not something
that cannot be chosen to be turned off by the browser, can be embedded in
html pages, etc.
i came across a page once that popped up a (frivolous) error dialog
(some silly words(*)(), but if one were to have a dialog that said something like
"System error, shut down your system now!!!" a naive user may be
taken by surprise, perhaps actually shutting down the machine (thinking
they caught a virus) and losing valuable data, and "that ain't cool".
so,
any more thoughts on this?
j.
(*) here is the relevant source:
<!--
//alert("Get these flesh eating Yoshies off my face!!")
document.write("<CENTER>\n\t<small>Thanks for loading ", Document.location)
--
jon madison, se--. mailto:jm@sgi.com,
URLs:
http://circle-slide.indianapolis.sgi.com (in)
http://reality.sgi.com/employees/jm (out)
Follow-Ups: