Loading ...
Sorry, an error occurred while loading the content.

Re: [caplet] Re: ADsafe, Take 3

Expand Messages
  • Adam Barth
    Another situation you may or may not have considered is the following: (function(){ throw hi! ; })(); This brings up the issue of what exactly is ADsafe
    Message 1 of 17 , Oct 6, 2007
    • 0 Attachment
      Another situation you may or may not have considered is the following:

      (function(){
      throw "hi!";
      })();

      This brings up the issue of what exactly is ADsafe guaranteeing its
      users. One simple guarantee is that the JavaScript is unable to read
      or write any global variables and is unable to call any global
      function (except as mediated by the ADSAFE object). This fails here
      because this code is able to call the global "onerror" function.

      The simplest solution is to require ADsafe code to be written using
      the following idiom:

      ADSAFE.call(function(){
      ...
      });

      Here the supplied JavaScript does not actually invoke the anonymous
      function it declares but asks the ADSAFE object to call the function.
      The ADSAFE object can then call the function inside a try ... catch
      block and expose an interface, like ADSAFE.onerror, to embedding
      applications to handle exceptions from ADsafe JavaScript.

      This idiom might be useful for other ADsafe features as well as the
      ADSAFE object would have a pointer to the JavaScript function.

      Adam
    Your message has been successfully submitted and would be delivered to recipients shortly.