vitteaymeric at gmail.com
Sun Mar 24 03:44:39 PDT 2013
Le 22/03/2013 19:33, Mark S. Miller a écrit :
> On Fri, Mar 22, 2013 at 6:03 PM, Aymeric Vitte <vitteaymeric at gmail.com
> <mailto:vitteaymeric at gmail.com>> wrote:
> As far as I remember when I looked at it, there was a getfreevar
> function or something like this parsing the code (or I
> misunderstood, see  but don't read the proposal, it's wrong,
> even if I don't totally give up with the concept).
> Are you referring to the function atLeastFreeVarNames at
> It does scan the source using regular expressions to look for all
> possible identifiers. But it doesn't do a full parse or even lex. As a
> result, it picks up identifiers in comments and literal strings as
> well. Security only requires that the code being scanned cannot
> contain have a free (and therefore global) variable reference without
> it being included in atLeastFreeVarNames's result.
Yes, exactly, indeed it's not parsing but "rexexpeing".
> But anyway, since it will change, does it exist an official
> document about SES concepts (strawman or other) ?
> Nothing official yet. But see
Thanks, for  there is a script supposed to "tame" the page, trying to
use a kind of home-made Object.observe which just shadows some DOM
prototype properties and assign getters/setters, unexpectedly the
behavior is different in each browser, and globally this does not work
at all as such, maybe the override problem, more probably when I am back
Email : avitte at jcore.fr
iAnonym : http://www.ianonym.com
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms
Web : www.jcore.fr
Webble : www.webble.it
Extract Widget Mobile : www.extractwidget.com
BlimpMe! : www.blimpme.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the es-discuss