Re: Es4-discuss Digest, Vol 8, Issue 44

Doug,

Yes, I think the time has come to table the ES3+ materials.

It has been discussed on and off since April. Do you have something that describes this proposal in a material way?
How can people evaluate ES4 vs ES3+ if ES3+ is unknown and unspecified?

Michael

Yehuda Katz wrote:

Doug,

What specifically would you do in ES3+ to improve this situation?

-- Yehuda

On 10/30/07, Douglas Crockford <douglas@...> wrote:

> Brenden is also correct:  If the working group voted and
> the current
> proposal won - it is better to have a stronger, more secure
> language.
> Sure they can argue it is bloated, but SO WHAT?

The proposal is not a more secure language. It does nothing to address ECMAScript's biggest  design flaw: the insecurity caused its dependence on a global object. XSS attacks are a direct consequence of this flaw. By making the language more complex, this problem becomes even harder to reason about and fix.

I have been bringing this up since my first day in the working group. This is not a concern that is being sprung at the last minute.

The working group hasn't voted. The proposal has not won. We have agreed to disagree, developing two competing proposals in the same working group. I am pursuing with Microsoft a counter proposal for a simpler, reliable remedy to real problems. My position isn't that JavaScript doesn't need fixing. I think we need to be more selective in how we fix it. Bloat, in my view, is not good design.
_______________________________________________
Es4-discuss mailing list
Es4-discuss@...
https://mail.mozilla.org/listinfo/es4-discuss

--
Yehuda Katz
Web Developer | Procore Technologies
(ph)  718.877.1325

_______________________________________________
Es4-discuss mailing list
Es4-discuss@...
https://mail.mozilla.org/listinfo/es4-discuss
  

_______________________________________________
Es4-discuss mailing list
Es4-discuss@...
https://mail.mozilla.org/listinfo/es4-discuss