Allowing arbitrary non-Ascii characters in programming languages will make it more difficult to detect malicious code. If the author really intends to deceive potential readers he will succeed.
Programming languages like JS should at least implement exclusion rules from the "Unicode Confusables Characters" list. Otherwise such programming languages ought to be black-listed. Albrecht. Von: Unicode [mailto:[email protected]] Im Auftrag von "Jörg Knappen" Gesendet: Montag, 20. Juli 2015 17:47 An: Unicode Public Betreff: Security concerns: OGHAM SPACE MARK I stumbled over a very strange snippet of javascript code, where an apparent minus sign is interpreted as a space here: http://stackoverflow.com/questions/31507143/why-does-2-40-equal-42 Imagine such kind of behaviour in bank transactions ... --Jörg Knappen
