I believe they want to do something good too. with that, this v3 announcement is a week too late to hold even a drop of water. there's industrial grade js machinery we can run, free from these constraints, nested inside the web platform. but since that time, we've had a big announcement that wizer can now run spidermonkey js engine in webassembly. about a week ago maybe even it would have sounded ok. Surely the people pitching these so called security measures grok just how many dump trucks of nonsense these so called protections they offer us are. > You might be working in a JavaScript environment where eval() isn't allowed (and you have a genuinely good reason why you want to use it). Or take evaljs and preload in some html functions! This would need to be extended with some html constructs. There was a simpler example on hn within the last week or two, but for example, json-rules-engine demonstrates how json might be a dynamic program, without ever needing to call eval or Function dynamic code: so the only people hurt are the regular humans. It just seems so trivial to me too build a small interpreted system that circumvents the "no dynamic JavaScript" rule.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |