Doug, What specifically would you do in ES3+ to improve this situation? -- Yehuda
On 10/30/07, Douglas Crockford <[EMAIL PROTECTED]> wrote: > > > Brenden is also correct: If the working group voted and > > the current > > proposal won - it is better to have a stronger, more secure > > language. > > Sure they can argue it is bloated, but SO WHAT? > > The proposal is not a more secure language. It does nothing to address > ECMAScript's biggest design flaw: the insecurity caused its dependence on a > global object. XSS attacks are a direct consequence of this flaw. By making > the language more complex, this problem becomes even harder to reason about > and fix. > > I have been bringing this up since my first day in the working group. This > is not a concern that is being sprung at the last minute. > > The working group hasn't voted. The proposal has not won. We have agreed > to disagree, developing two competing proposals in the same working group. I > am pursuing with Microsoft a counter proposal for a simpler, reliable remedy > to real problems. My position isn't that JavaScript doesn't need fixing. I > think we need to be more selective in how we fix it. Bloat, in my view, is > not good design. > _______________________________________________ > Es4-discuss mailing list > Es4-discuss@mozilla.org > https://mail.mozilla.org/listinfo/es4-discuss > -- Yehuda Katz Web Developer | Procore Technologies (ph) 718.877.1325
_______________________________________________ Es4-discuss mailing list Es4-discuss@mozilla.org https://mail.mozilla.org/listinfo/es4-discuss
