[e-lang] Fwd: [Caja] secure string interpolation in javascript
Mark Miller
erights at gmail.com
Wed Jan 30 00:12:28 EST 2008
Like quasiliterals for JavaScript, but better.
---------- Forwarded message ----------
From: Mike Samuel <mikesamuel at gmail.com>
Date: Jan 29, 2008 8:15 PM
Subject: [Caja] secure string interpolation in javascript
To: Google Caja Discuss <google-caja-discuss at googlegroups.com>
http://google-caja.googlecode.com/svn/changes/mikesamuel/string-interpolation-29-Jan-2008/trunk/src/js/com/google/caja/interp/index.html
describes a scheme for adding string interpolation to javascript.
This is meant to allow open-social application developers to write XSS-
free code, should provide an API that's easily understood by PHP
developers, and should provide an easy migration path away from code
that uses string += to compose html.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to
http://groups.google.com/group/google-caja-discuss
To unsubscribe, email google-caja-discuss-unsubscribe at googlegroups.com
-~----------~----~----~----~------~----~------~--~---
--
Text by me above is hereby placed in the public domain
Cheers,
--MarkM
More information about the e-lang
mailing list