but they are ineffectual & doing amazing amounts of damage in their grasp to give us this pretend fake security. I believe they want to do something good too. Tampermonkey is a Google Chrome browser extension that allows you to write and install user scripts. with that, this v3 announcement is a week too late to hold even a drop of water. there's industrial grade js machinery we can run, free from these constraints, nested inside the web platform. but since that time, we've had a big announcement that wizer can now run spidermonkey js engine in webassembly. about a week ago maybe even it would have sounded ok. Surely the people pitching these so called security measures grok just how many dump trucks of nonsense these so called protections they offer us are. > You might be working in a JavaScript environment where eval() isn't allowed (and you have a genuinely good reason why you want to use it). Or take evaljs and preload in some html functions! This would need to be extended with some html constructs. There was a simpler example on hn within the last week or two, but for example, json-rules-engine demonstrates how json might be a dynamic program, without ever needing to call eval or Function dynamic code: so the only people hurt are the regular humans. Tampermonkey is a free browser extension and the most popular userscript manager for Blink- and. It just seems so trivial to me too build a small interpreted system that circumvents the "no dynamic JavaScript" rule.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |