Talk:JavaScript

From Wikipedia, the free encyclopedia

This is the talk page for discussing improvements to the JavaScript article.
Please sign and date your posts using four tildes (~~~~). New discussion topics go at the bottom of the page; click here to start a new topic. New to Wikipedia? Welcome! Frequently asked questions. This is not a forum for general discussion about the article's subject.	Talk page guidelines Be polite Assume good faith No personal attacks Don't bite the newcomers!

To-do list for JavaScript:	edit · history · watch · refresh
Useful URLs to use for further work [1] and Inheritance through Prototypes

/Archive 1: Dec 2001 - Jun 2005

/Archive 2: Jun 2005 - Aug 2006

Contents 1 Web client-side JS usage section too verbose 2 Security risks 3 JScript in WSH 4 Actionscript 5 Refs section

[edit] Web client-side JS usage section too verbose

There's no need to elaborate on how to open popups, validating forms, etc. in JS in this article. DOM-related stuff is also not needed (since DOM is language neutral). All this info should go in Client-side JavaScript instead. --Maian 18:38, 13 August 2006 (UTC)

[edit] Security risks

The following attack does not use any error, exploit or backdoor. Should wikipedia include this kind of information? What about this specific case where it is not a flaw but something inherent to the way javascript works?

From: http://www.spidynamics.com/spilabs/education/articles/JS-portscan.html

Imagine visiting a blog on a social site or checking your email on a portal like Yahoo’s Webmail. While you are reading the Web page JavaScript code is downloaded and executed by your Web browser. It scans your entire home network, detects and determines your Linksys router model number, and then sends commands to the router to turn on wireless networking and turn off all encryption. Now imagine that this happens to 1 million people across the United States in less than 24 hours. This scenario is no longer one of fiction.

The fact that JavaScript is involved in much security-related discussion seems worth mentioning in wikipedia. The particular example is only one of many. Wikipedia, and this article, do not seem to me the right place to hold a detailed discussion of such risks, and I'm not sure it can be properly understood without that. Likewise, public discussion of vulnerabilities is most clearly appropriate when it's done in a way that encourages and facilitates their repair; in this case, given the unreasonability of expecting general users to follow the discussion, a browser-vendor security forum seems more appropriate. Jackrepenning 23:01, 20 November 2006 (UTC)

[edit] JScript in WSH

I think some mention of the use of JScript in Windows Scripting Host should be made. One can effectively write full-blown application using JScript. -SharkD 13:49, 24 October 2006 (UTC)

[edit] Actionscript

Along with some copy editing, I changed the reference to ActionScript. It obviously does conform to the ECMAscript standard, otherwise Mozilla wouldn't have adopted the ActionScript VM code the other day. Chris Cunningham 01:12, 11 November 2006 (UTC)

[edit] Refs section

This seems indiscriminate. These should be moved into ref tags if directly relevant to the article. Chris Cunningham 14:58, 24 November 2006 (UTC)