From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=BAYES_00,FORGED_GMAIL_RCVD, FREEMAIL_FROM autolearn=no autolearn_force=no version=3.4.4 X-Google-Thread: 103376,bbe592428babd509 X-Google-NewGroupId: yes X-Google-Attributes: gida07f3367d7,domainid0,public,usenet X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news2.google.com!news2.google.com!npeer03.iad.highwinds-media.com!news.highwinds-media.com!feed-me.highwinds-media.com!nx01.iad01.newshosting.com!newshosting.com!198.186.194.249.MISMATCH!transit3.readnews.com!transit4.readnews.com!news-out.readnews.com!postnews3.readnews.com!not-for-mail Message-Id: <4bd23c72$0$2399$4d3efbfe@news.sover.net> From: "Peter C. Chapin" Subject: Re: Web browser in Ada Newsgroups: comp.lang.ada Date: Fri, 23 Apr 2010 20:38:49 -0400 References: <02c2bf63-260d-4acc-bd58-c8fb8a591ec3@b6g2000yqi.googlegroups.com> <0bf9425c-32a1-4b93-b938-ae4a4e24a761@c21g2000yqk.googlegroups.com> User-Agent: KNode/0.10.9 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7Bit Organization: SoVerNet (sover.net) NNTP-Posting-Host: 019ddd6b.news.sover.net X-Trace: DXC=QJ:G\nd8Q^l0;6AGRXOA8iK6_LM2JZB_cQaD\]7@;ilg:WUUlR<856oNBTX0LLCoIkc;87UO\TB3f X-Complaints-To: abuse@sover.net Xref: g2news2.google.com comp.lang.ada:11153 Date: 2010-04-23T20:38:49-04:00 List-Id: Gautier write-only wrote: > My impression is that a good part of vulnerabilities are indeed within > plug-ins, another good part is between the browser and a plug-in > (typically, browser X need to be patched but not the others nor the > plug-in), and the third part, important as well, is about CSS, > JavaScript, image storage or decoding, XML, HTML parsing and other > core parts of browsers. I had actually thought that building a web browser in Ada would be a nice project (if only I had more time!). I'm not sure how much of a difference in security it would make... probably some. Any browser that could be realistically used would need to support JavaScript. While an Ada JavaScript implementation might (or might not) be more secure than a C implementation, it seems to me that any vulnerability related to the JavaScript language itself would still be a risk. In any case, the real benefit of such a project would be more in the development of associated libraries and supporting code (imagine processing, HTML parsing and rendering, CSS handling, etc, etc)... and in the visibility a successful project would give to Ada. I suspect Ada was first standardized before many current web developers were born; it might be fun to see what sort of reception an Ada web browser project would get in that community. Anyway a good first step might be the implementation of an HTML 5 parser in Ada. Rather than playing catch-up that would put an Ada web browser project right in the thick of the bleeding edge of the web world. Peter