On May 16, 2009, at 11:25 AM, Mark S. Miller wrote:
On Fri, May 15, 2009 at 2:26 PM, Brendan Eich
wrote:
[...] but plain old iloop DOS prevention as practiced in browsers
does *not* reload the page. And the browser APIs are full of ways
to detect
that finallys didn't run, through effects
2009/5/27 Maciej Stachowiak :
>
> I'm not sure but I think maybe the Safari behavior is a bug, as the finally
> clause could contain another infinite loop.
Indeed, if a browser respects finally clauses in the code after
terminating a too long running loop, then the following would be an
effective
2009/5/27 Igor Bukanov :
> Indeed, if a browser respects finally clauses in the code after
> terminating a too long running loop, then the following would be an
> effective DOS:
>
> javascript:Array(1e3).join('try {')+Array(1e3).join('} finally { while
> (1); }');
I meant
javascript:eval(Array(1e
On Tue, May 26, 2009 at 8:05 PM, Mark S. Miller wrote:
> To fix this problem, we need one additional bit of poison: If
> arguments.caller or bar.caller would reveal a strict function, they should
> return something harmless instead. I suggest that undefined is a perfectly
> fine harmless value.
N
Looks like the wiki skewed from the word .doc that was sent out.
The meeting is taking place on the 28th/29th only, not today, the 27th.
I've updated the wiki, sorry for any confusion. I'll be sending out
details for committee members in a bit.
- Rob
_
5 matches
Mail list logo
