From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

"Javascript hijacking"[edit]

I believe "Javascript hijacking" is no longer in use. The standardized term for this exploit is now XSSI (Cross site script inclusion). This is a variation of CSRF that is described so we should probably create an article specifically for XSSI, link to it here and in the CSRF article.

(BTW: XSSI is also a term for extended server-side includes, so YMMV on whether the current terminology is better/worse than Javascript hijacking. In any case we probably should have a separate page for one of the other as the description here is rather spartan.)

- tychay (tchay@wikimedia) (talk) — Preceding unsigned comment added by Tychay (talkcontribs) 21:59, 16 May 2012 (UTC)

Implicit and explicit delegation[edit]

I see that we have a new section called 'Implicit and Explicit Delegation'. I have used JavaScript for some years and I understand barely a word of this new material. I also see that where it is referenced, it cites [a Wordpress blog. If other editors agree that this is valid and WP:DUE article content, can someone also bring all the title capitalisation, word spacing and so on into line with WP:MoS? — Preceding unsigned comment added by Nigelj (talkcontribs) 15:38, 22 October 2013 (UTC)

No "criticism" section?[edit]

Your language is bad and you should feel bad. (talk) 17:01, 27 July 2017 (UTC)


ECMAScript 2015 seems to be commonly known as ES6 which appears also to follow the ECMA announcement. e.g. here and here and here. Is there some political reason why the article doesn't mention it? Chris55 (talk) 11:55, 19 November 2017 (UTC)

Vendor-specific extensions is outdated as of Jan 2018[edit]

The vendor-specific extensions section was originally written around 2009 or so, and it's badly out of date.

Some of the features mentioned, such as the let statement, have been moved directly into ECMAScript and thus are no longer vendor-specific. Other features, such as the iterator protocol, although not directly migrated into ECMAScript, have inspired alternatives in ECMAScript. And yet others, such as array comprehensions and generator expressions, are now being removed from Mozilla's JS engine ala E4X.

Unfortunately, I'm not as well-versed with JS nowadays, so I can't update this section with absolute certainty myself.

--Maian (talk) 03:40, 22 January 2018 (UTC)

Semi-protected edit request on 6 June 2018[edit]

2409:4064:38B:C2A:0:0:2024:70A4 (talk) 15:26, 6 June 2018 (UTC)
 Not done: The request is empty. Sam Sailor 15:37, 6 June 2018 (UTC)

Security section (renamed?)[edit]

I saw that the redirect Criticism of JavaScript was directed to section 'Criticisms' which seems no longer to exist. I imagine it was renamed to 'Security', judging by the subsection titles, and I have changed it to redirect there. I would have added a courtesy comment per WP:RSECT but am not able to do that as the page is protected. (talk) 10:36, 12 June 2018 (UTC)