HP3000-L Archives

February 2000, Week 3

HP3000-L@RAVEN.UTC.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: JavaScript risks (was: Wordperfect)
From:
Lars Appel <[log in to unmask]>
Reply To:
Lars Appel <[log in to unmask]>
Date:
Sun, 20 Feb 2000 21:52:46 +0100
Content-Type:
text/plain
Parts/Attachments:
text/plain (21 lines) 
Tracy wrote...

> (I have an innate fear of hostile Javascripts.)

Regarding "hostile JavaScript code"... Can anybody enlighten me/us
about the risks associated with JavaScript compared to Java applets?

As far as I understand, Java applets run inside a "sandbox" (unless
digitally signed and granted more access by the user) and thus should
be quite limited in their capabilities (as long as the implementation
of the Java VM inside the browser "plays by the rules" and does not
have any holes or backdoors). But what about JavaScript? I have next
to zero knowledge about it, but my impression is that it is a kind of
"remote control" for the browser and allows the web page designer to
to all kinds of weird things. For example, I have seen web pages that
allow me to "upload" a file. Can this be done behind my back, too?

Lars "hoping for education"

(Java is from Sun, whereas JavaScript is from Netscape, IIRC)

ATOM RSS1 RSS2