[e-lang] Fwd: [Caja] secure string interpolation in javascript

Mark Miller erights at gmail.com
Wed Jan 30 00:12:28 EST 2008


Like quasiliterals for JavaScript, but better.


---------- Forwarded message ----------
From: Mike Samuel <mikesamuel at gmail.com>
Date: Jan 29, 2008 8:15 PM
Subject: [Caja] secure string interpolation in javascript
To: Google Caja Discuss <google-caja-discuss at googlegroups.com>



http://google-caja.googlecode.com/svn/changes/mikesamuel/string-interpolation-29-Jan-2008/trunk/src/js/com/google/caja/interp/index.html
describes a scheme for adding string interpolation to javascript.
This is meant to allow open-social application developers to write XSS-
free code, should provide an API that's easily understood by PHP
developers, and should provide an easy migration path away from code
that uses string += to compose html.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to
http://groups.google.com/group/google-caja-discuss
To unsubscribe, email google-caja-discuss-unsubscribe at googlegroups.com
-~----------~----~----~----~------~----~------~--~---




-- 
Text by me above is hereby placed in the public domain

    Cheers,
    --MarkM


More information about the e-lang mailing list