There is another ADsafe demonstration widget at http://adsafe.org/sudoku.html...
254
Ben Laurie
benlaurie2000
Oct 8, 2008 5:49 pm
... Doesn't seem to work correctly in Chrome (for example, no play button). -- http://www.apache-ssl.org/ben.html http://www.links.org/ "There is no...
255
Alan Karp
alanhkarp
Oct 8, 2008 9:59 pm
Works for me in Chrome. -- Alan Karp...
256
Bill Frantz
frantz@...
Oct 8, 2008 11:31 pm
... Seems to work on Safari. Cheers - Bill ... Bill Frantz |"We used to quip that "password"; is the most common 408-356-8506 | password. Now it's...
257
Ben Laurie
benlaurie2000
Oct 9, 2008 8:41 am
... Hmm. On second attempt it worked for me, too. Odd. -- http://www.apache-ssl.org/ben.html http://www.links.org/ "There is no limit to what a man...
258
Alan Karp
alanhkarp
Oct 9, 2008 3:15 pm
I've noticed that Chrome gets addled if it's been open for many days. This morning mine lost its ability to talk to the network, but I've seen other symptoms....
259
Douglas Crockford
douglascrock...
Oct 23, 2008 6:02 pm
I implemented PPK's focus hack (http://www.quirksmode.org/blog/archives/2008/04/delegating_the.html) in ADsafe, so focus and blur events may now be delegated....
260
marcel.laverdet
Oct 25, 2008 12:41 am
Live Labs has released a public preview of their Javascript sandbox. http://websandbox.livelabs.com/ See the clock sample: ...
261
Mark S. Miller
erights@...
Nov 6, 2008 10:34 pm
The EcmaScript 3.1 draft standard is rapidly congealing towards an official standard. The Kona version at < ...
262
Douglas Crockford
douglascrock...
Jan 3, 2009 4:59 pm
I added another sample page. This one shows two simple widgets that coexist. http://adsafe.org/roman.html...
263
Mark Miller
capsecure
Jan 5, 2009 9:14 pm
The w3c Technical Architecture Group (TAG) discuss ocaps for the web starting at http://www.w3.org/2001/tag/2008/12/10-minutes#item03 teaser sample: 'DO: SW...
264
Bill Frantz
frantz@...
Jan 5, 2009 10:35 pm
... For me, the highlight was, "Crockford says add a switch in Firefox to disable non-adSafe ads". If this feature gets adopted, and used, we'll see an...
265
Tyler Close
tjclose
Jan 6, 2009 12:17 am
At the end of the minutes, it looks like the TAG is casting about for a next step. One useful step would be to consider amending the web-arch document's...
266
Mark S. Miller
erights@...
Jan 6, 2009 2:35 am
http://apps.yahoo.com/-yNmsEV4q/ I'm "ocap capo". It (and therefore Caja) also work on an iPhone. Thanks to the Yahoo! and Zynga folks! -- Cheers, --MarkM...
267
Larry Koved
larrykoved
Jan 18, 2009 2:38 am
This is announcement of the call for papers for the third in a series of successful workshops on topics related to security and privacy for Web 2.0. This...
268
Mark Miller
capsecure
Jan 20, 2009 6:15 pm
At http://wiki.ecmascript.org/doku.php?id=ses:ses_proposal_working_draft is posted a very rough first draft for a "Secure ECMAScript" standard, derived from...
269
Kris Zyp
kriszyp
Jan 21, 2009 3:10 pm
... Hash: SHA1 Do you have an overview of the differences between SES and ES3.1 (or maybe it is easier to define the differences between SES and Cajita)? I see...
270
Mark S. Miller
erights@...
Jan 25, 2009 6:55 am
... Three synergies between ES3.1 strict and SES: * Better target: Easy to translate SES to ES3.1-strict * Better source: Easier to translate ES3.1-strict to...
271
David-Sarah Hopwood
david.hopwood@...
Feb 9, 2009 5:16 pm
Consider the following JavaScript source: [ /[/]/ /foo]/ + bar According to the ES3 spec, this is interpreted as: [ new RegExp("[") ] / new RegExp("foo]") +...
272
Marcel Laverdet
marcel.laverdet
Feb 9, 2009 5:43 pm
From what I remember this started out as a bug in IE and then Firefox followed suit for compatibility which left the other browsers with no choice. I can't...
273
Brendan Eich
brendaneich
Feb 9, 2009 6:55 pm
... No, other browsers followed suit first. ... https://bugzilla.mozilla.org/show_bug.cgi?id=309840 Quoting from comment 0: Description From Jesse Ruderman...
274
Douglas Crockford
douglascrock...
Feb 9, 2009 9:17 pm
... ADsafe rejects [ /[/]/ /foo]/ + bar. Just because ECMAScript says its ok doesn't mean that ADsafe must. ADsafe insists that all internal / must have \....
275
Mike Samuel
mikesamuel
Feb 10, 2009 3:02 am
2009/2/9 Douglas Crockford <douglas@...> ... Cajita disallows regex literals, but Valija uses the ES3.1 rule for lexing regexs and rewrites [ /[/]/...
276
Marcel Laverdet
marcel.laverdet
Feb 10, 2009 7:32 am
My apologies....
277
Brendan Eich
brendaneich
Feb 10, 2009 9:07 am
No need to apologize, and I did not aim to blame Opera or Safari in citing the record. This was not a situation where anyone fielding a browser compatible...
278
David-Sarah Hopwood
david.hopwood@...
Feb 10, 2009 2:12 pm
... I could, if I knew that there were no more bugs like this. Note that lexical confusion attacks of this kind can easily be turned into complete breaks of a...
279
David-Sarah Hopwood
david.hopwood@...
Feb 10, 2009 2:34 pm
... <https://bugzilla.mozilla.org/show_bug.cgi?id=309840#c12> # This fixes a highly dup'ed IE compatibility bug. It's an extension # to ECMA syntax that's...
280
David-Sarah Hopwood
david.hopwood@...
Feb 10, 2009 2:44 pm
... I'm confused -- how does it know that the middle '/' in "/[/]/" is "internal";? Is it lexing according to the intersection of Pattern from section 15.10.1,...
281
Brendan Eich
brendaneich
Feb 10, 2009 7:13 pm
... You're right, but so what? The IE bug and monopoly combined to create a de-facto standard. Appealing to the de-jure standard does you no good, and...
282
Mike Samuel
mikesamuel
Feb 11, 2009 2:36 am
... Plenty. But I suspect you know of them. There's conditional compilation comments /* @cc_on */, and there's the newlines in block comments thing return /*...
