Loading ...
Sorry, an error occurred while loading the content.

Re: [Caja] Re: Testing whether something is a function

Expand Messages
  • Mark Miller
    On Dec 9, 2007 8:49 AM, David Hopwood ... Mostly correct, but I would not describe ADsafe as implementing Cajita. Cajita was inspired by ADsafe and grew out of
    Message 1 of 1 , Dec 9, 2007
    • 0 Attachment
      On Dec 9, 2007 8:49 AM, David Hopwood
      <david.hopwood@...> wrote:
      > If Caja specifies whitelisting, then that would also mean that Cajita as
      > (currently) implemented by ADsafe is not a subset of Caja.

      Mostly correct, but I would not describe ADsafe as implementing
      Cajita. Cajita was inspired by ADsafe and grew out of our original
      intention that ADsafe be a compatible subset of Caja. Sadly, ADsafe
      and Cajita are similar but different. Crock and I plan to compare them
      in some detail to characterize their differences.

      ADsafe takes on a very severe design constraint: only static
      rejection, no transformation. Now that I understand the problem domain
      better, I'm astonished by how well and how simply ADsafe does what it
      does under this constraint. Cajita is a static subset of Caja, but
      does depend on the corresponding subset of the Caja translator to
      insert runtime checks. As a result (with the exception of the rules
      governing terminal underbars), Cajita's whitelisting isn't on property
      name. It's on property name as applied to some object or class of
      objects. As a result, Cajita can accept any JSON whose keys do not end
      in underbar. ADsafe rejects "{eval: 3}" which Cajita accepts. ADsafe
      accepts "{eval_: 3}" which Cajita rejects.

      --
      Text by me above is hereby placed in the public domain

      Cheers,
      --MarkM
    Your message has been successfully submitted and would be delivered to recipients shortly.