AST in JSON format

David-Sarah Hopwood david-sarah at
Tue Dec 8 20:49:40 PST 2009

Oliver Hunt wrote:
> On Dec 8, 2009, at 7:30 PM, Breton Slivka wrote:
>> Right now there are projects to do this (caja, adsafe), but to do a
>> runtime check requires that the user download a full JS parser, and
>> validator. If part of the parsing task was built into the browser,
>> there would be less code to download, and the verification would run
>> much faster. This has real implications for users and developers, and
>> would enable new and novel uses for JS in a browser, and distributed
>> code modules.
> Providing an AST doesn't get you anything substantial here as the
> hard part of all this is validation, not parsing.

That's not entirely accurate. In implementing Jacaranda, I estimate
the split of effort between validation/parsing has been about 60/40.
ECMAScript is really quite difficult to lex+parse if you absolutely
need to do so correctly.

David-Sarah Hopwood  ⚥

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 292 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the es-discuss mailing list