Re: Are you interested in doing dynamic analysis of JS code?

Tainting could also be of use in a particular problem area for Content Security Policy (CSP): allowing modifications to CSP-protected pages caused by add-ons or bookmarklets. At the moment, such modifications (e.g. an add-on injecting tags into a page) are indistinguishable from malicious content i

"Content Security" module proposal

Hello platform! I've sent a proposal to governance [0] to create a new module for content security policies like Content Security Policy (CSP), the Mixed Content Blocker, and Safe Browsing. Please comment on that thread if you have questions or concerns. [0] https://groups.google.com/forum/#!top

Re: JavaScript Style Guide. Emacs mode line.

On 01/08/2014 12:25 AM, ishikawa wrote: > That vim mode line is useless for a large percentage of user > community is a news to me. (But I don't use vim myself.) It's disabled by default because it's a security concern (modelines can execute arbitrary vimscript, IIRC). Can an emacs modeline exec