From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=BAYES_00,FORGED_GMAIL_RCVD, FREEMAIL_FROM autolearn=no autolearn_force=no version=3.4.4 X-Google-Thread: 103376,bbe592428babd509 X-Google-NewGroupId: yes X-Google-Attributes: gida07f3367d7,domainid0,public,usenet X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news2.google.com!news1.google.com!border1.nntp.dca.giganews.com!nntp.giganews.com!nx02.iad01.newshosting.com!newshosting.com!198.186.194.249.MISMATCH!transit3.readnews.com!news-out.readnews.com!postnews3.readnews.com!not-for-mail Message-Id: <4bd47989$0$2371$4d3efbfe@news.sover.net> From: "Peter C. Chapin" Subject: Re: Web browser in Ada Newsgroups: comp.lang.ada Date: Sun, 25 Apr 2010 12:24:04 -0400 References: <02c2bf63-260d-4acc-bd58-c8fb8a591ec3@b6g2000yqi.googlegroups.com> <0bf9425c-32a1-4b93-b938-ae4a4e24a761@c21g2000yqk.googlegroups.com> <4bd23c72$0$2399$4d3efbfe@news.sover.net> <4f0f26e0-d5f4-46e4-8204-b3b012d33533@v14g2000yqb.googlegroups.com> User-Agent: KNode/0.10.9 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7Bit Organization: SoVerNet (sover.net) NNTP-Posting-Host: 187e5a6f.news.sover.net X-Trace: DXC=O9ajTT1iTLTjT:G\be_IU]K6_LM2JZB_S><9hL1oPCF^:WUUlR<856_n7N\m7cnR7Y9S=N@cYCjPX X-Complaints-To: abuse@sover.net Xref: g2news2.google.com comp.lang.ada:11174 Date: 2010-04-25T12:24:04-04:00 List-Id: Gautier write-only wrote: > Maybe it is a bit naive, but I have the impression that JavaScript's > vulnerability can be limited to the interaction with the surronding > operating system: file I/O and code execution (this includes starting > a plug-in). I don't know much about JavaScript at the moment, honestly. It sounds like you are saying that current insecurities in JavaScript are in its interface to the rest of the world. If so, a more secure implementation of the language itself might help (depend on what "more secure implementation" really means, exactly). > Just kidding. It is a very good idea, especially that the W3C > specification gives also hints about the parsing. Another potential benefit is that the W3C is, as I understand it, currently looking for implementation feedback on the proposed specification. So the time seems ripe to think about an HTML 5 implementation. Peter