Loading ...
Sorry, an error occurred while loading the content.

Re: [caplet] Re: ADsafe

Expand Messages
  • David Hopwood
    ... Better: foo.set(bar, foo.get(bar) + 1); and undo the conflation of objects with arrays and dictionaries, by defining get and set only for the latter.
    Message 1 of 36 , Sep 30, 2007
    • 0 Attachment
      David Hopwood wrote:
      > collin_jackson wrote:
      >> Square brackets are clearly problematic, as they allow access to eval.
      >> I suggest you deny them entirely and (optionally) allow authors use
      >> the ADSAFE API to proxy their array indexing.
      >>
      >> Instead of
      >> foo[bar] = foo[bar] + 1;
      >> Use
      >> ADSAFE.setIndex(foo, bar, ADSAFE.getIndex(foo, bar) + 1);
      >>
      >> The ADSAFE getIndex and setIndex API could ensure that "bar" is a
      >> number or safe string.
      >
      > This is a case where conciseness matters for the acceptability of
      > the restriction, so I suggest something like:
      >
      > SET(foo, bar, GET(foo, bar) + 1);
      >
      > instead.

      Better:

      foo.set(bar, foo.get(bar) + 1);

      and undo the conflation of objects with arrays and dictionaries, by
      defining 'get' and 'set' only for the latter.

      --
      David Hopwood <david.hopwood@...>
    • Douglas Crockford
      I updated the ADsafe DOM interface. Previously, a method like .getValue() could return undefined a single value an array of values depending on the number of
      Message 36 of 36 , Nov 11, 2010
      • 0 Attachment
        I updated the ADsafe DOM interface. Previously, a method like .getValue() could return

        undefined
        a single value
        an array of values

        depending on the number of results. Now, a method like .getValue() will return the first value that is available, or undefined if there are none. A new method, .getValues() will always return an array, possibly an empty array.
      Your message has been successfully submitted and would be delivered to recipients shortly.