Re: [caplet] ADsafe
- Douglas Crockford wrote:
> I added setExpression to the banned method list.This is a Microsoft DOM method
It's clearly unsafe, but AFAIK, it only has an effect on objects
that represent stylesheets or that have DHTML properties.
So, shouldn't it be made inaccessible by DOM taming rather than by
the method/property blacklist? It is unsafe to give direct access to
any DOM object, as demonstrated by this and many, many other browser
misfeatures. The blacklist is, as far as I understood the ADsafe
design, for properties that have a special meaning on arbitrary
objects or functions.
- I updated the ADsafe DOM interface. Previously, a method like .getValue() could return
a single value
an array of values
depending on the number of results. Now, a method like .getValue() will return the first value that is available, or undefined if there are none. A new method, .getValues() will always return an array, possibly an empty array.