Another de-facto insecurity we need to fix in ES5
Allen.Wirfs-Brock at microsoft.com
Wed Jun 17 21:36:20 PDT 2009
>From: es-discuss-bounces at mozilla.org [mailto:es-discuss-
>Personally, I think leaving "distasteful" but cross-browser features
>like this out of the spec in the hopes that they will wither away from
>neglect is a poor approach. If browsers feel pressured to implement
>such extensions for Web compatibility then we are not doing anyone any
>favors by leaving them in the domain of mutual reverse-engineering. I
>would prefer to see such features explicitly specified (with suitable
>restrictions) or explicitly forbidden, and perhaps explicitly
>deprecate them with the plan for further limits or outright removal in
>future versions of the spec. But it seems too late to make big changes
>in this regard for ES5. Maybe in the next version.
TC39 provides a venue where I would hope we can do exactly this sort of work. In addition to actually creating new editions of the standard, there's no reason we can't create and public roadmaps, deprecation plans, specifications for common extensions that are candidates for inclusion in future editions, recommendations for implementers, or whatever we think will be helpful in evolving the language in a way that will maximize interoperability. The main thing necessary for this to happen is a agreement among the members and a commitment from them (us...) to do the work to get it done.
More information about the es5-discuss