Es4-discuss Digest, Vol 8, Issue 44
Cedric at OpenDomain.Org
Tue Oct 30 17:30:26 PDT 2007
Thank you! I asked for a clear message, and you gave me one!
Don't we need the global object to be compatible?
Can you point to a suggestion of what use mere mortals may do to
influence the proposals? (Other than this on this list)
We may all agree that 'bloat' is bad. We might not all say that ES4 is
bloated. Do you want to use EcmaScript.Net as a place for your counter
proposal (yet another OpenDomain - when I am passionate about an idea, I
go all the way)
Politics is the art of compromise: let us DIFF your proposal with ES4
and negotiate adding at least half the new features. Can you agree to
that? Will Microsoft put up a bond they will deliver the same on a
fixed date? What would be in that pool of features you WOULD accept?
What would be the features Mozilla would accept dropping?
Thank you for your reply, but I see we missed one important question: Can
you please make a statement to the effect that, to your knowledge Yahoo
On 10/31/2007, "Douglas Crockford" <douglas at crockford.com> wrote:
>> Brenden is also correct: If the working group voted and
>> the current
>> proposal won - it is better to have a stronger, more secure
>> Sure they can argue it is bloated, but SO WHAT?
>The proposal is not a more secure language. It does nothing to address ECMAScript's biggest design flaw: the insecurity caused its dependence on a global object. XSS attacks are a direct consequence of this flaw. By making the language more complex, this problem becomes even harder to reason about and fix.
>I have been bringing this up since my first day in the working group. This is not a concern that is being sprung at the last minute.
>Es4-discuss mailing list
>Es4-discuss at mozilla.org
More information about the Es4-discuss