Re: [caplet] ADsafe
- On 05/04/2008, Mark Miller <erights@...> wrote:
> On Sat, Apr 5, 2008 at 8:02 AM, Douglas Crockford <douglas@...> wrote:
> > I relaxed the restriction on the [ ] operator slightly. It will now
> > accept subscript values that are number literals or string literals
> > that are not legal identifiers.
> I recommend also accepting all so-called "stringified numbers", i.e.,
> all x for which
> x === String(Number(x))
> all these are implicitly and necessarily whitelisted by Caja. For
> Caja, this has the benefit that when we can statically infer that i is
> a number, we can translate x[i] to x[i] without a dynamic whitelist
> I think the only difference this makes to your existing rule is to
> also accept "NaN" and "Infinity".
> Text by me above is hereby placed in the public domain
- I updated the ADsafe DOM interface. Previously, a method like .getValue() could return
a single value
an array of values
depending on the number of results. Now, a method like .getValue() will return the first value that is available, or undefined if there are none. A new method, .getValues() will always return an array, possibly an empty array.