From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

"Javascript hijacking"[edit]

I believe "Javascript hijacking" is no longer in use. The standardized term for this exploit is now XSSI (Cross site script inclusion). This is a variation of CSRF that is described so we should probably create an article specifically for XSSI, link to it here and in the CSRF article.

(BTW: XSSI is also a term for extended server-side includes, so YMMV on whether the current terminology is better/worse than Javascript hijacking. In any case we probably should have a separate page for one of the other as the description here is rather spartan.)

- tychay (tchay@wikimedia) (talk) — Preceding unsigned comment added by Tychay (talkcontribs) 21:59, 16 May 2012 (UTC)

Implicit and explicit delegation[edit]

I see that we have a new section called 'Implicit and Explicit Delegation'. I have used JavaScript for some years and I understand barely a word of this new material. I also see that where it is referenced, it cites [a Wordpress blog. If other editors agree that this is valid and WP:DUE article content, can someone also bring all the title capitalisation, word spacing and so on into line with WP:MoS? — Preceding unsigned comment added by Nigelj (talkcontribs) 15:38, 22 October 2013 (UTC)

No "criticism" section?[edit]

Your language is bad and you should feel bad. (talk) 17:01, 27 July 2017 (UTC)

Agreed. IMO Javascript is the worst thing to happen to web/html EVER, a relic of the Word macrovirus era when every two-bit application had its own totally overpowered scripting language. The security issues mentioned are just the top of the iceberg, in addition comes the sheer annoyances, resource wastage and privacy issues JS enables. In most cases JS is nothing but techno-masturbation and complexity for complexity's own sake, implemented by developers primarily interested in protecting their own jobs, similar to how web pages constantly demands the newest browser to work while not having showed any tangible improvements in the last 10-15 years. It's a bit like if every book was a pop-up book (complete with animated elements, flashing lights and greeting-card style sound chips), it's time for developers to realize most web pages are documents and not applications, and shouldn't behave as such. — Preceding unsigned comment added by (talk) 04:45, 6 March 2019 (UTC)


ECMAScript 2015 seems to be commonly known as ES6 which appears also to follow the ECMA announcement. e.g. here and here and here. Is there some political reason why the article doesn't mention it? Chris55 (talk) 11:55, 19 November 2017 (UTC)

Vendor-specific extensions is outdated as of Jan 2018[edit]

The vendor-specific extensions section was originally written around 2009 or so, and it's badly out of date.

Some of the features mentioned, such as the let statement, have been moved directly into ECMAScript and thus are no longer vendor-specific. Other features, such as the iterator protocol, although not directly migrated into ECMAScript, have inspired alternatives in ECMAScript. And yet others, such as array comprehensions and generator expressions, are now being removed from Mozilla's JS engine ala E4X.

Unfortunately, I'm not as well-versed with JS nowadays, so I can't update this section with absolute certainty myself.

--Maian (talk) 03:40, 22 January 2018 (UTC)

Semi-protected edit request on 6 June 2018[edit]

2409:4064:38B:C2A:0:0:2024:70A4 (talk) 15:26, 6 June 2018 (UTC)
 Not done: The request is empty. Sam Sailor 15:37, 6 June 2018 (UTC)

Security section (renamed?)[edit]

I saw that the redirect Criticism of JavaScript was directed to section 'Criticisms' which seems no longer to exist. I imagine it was renamed to 'Security', judging by the subsection titles, and I have changed it to redirect there. I would have added a courtesy comment per WP:RSECT but am not able to do that as the page is protected. (talk) 10:36, 12 June 2018 (UTC)

Bold claims[edit]

What is the meaning of this claim?

JSON, or JavaScript Object Notation, is a general-purpose data interchange format that is defined as a subset of JavaScript's object literal syntax. Like much of JavaScript (regexps and anonymous functions as 1st class elements, closures, flexible classes, 'use strict'), JSON, except for replacing Perl's key-value operator '=>' by an RFC 822[120] inspired ':', is syntactically pure Perl.
I've removed it. Even if it's true, why mention it? If a comparison with Perl is to be made, it should be done elsewhere in the article. Rp (talk) 16:33, 20 May 2019 (UTC)

More bold claims[edit]

Oh, I think I have another one: how the hell is JavaScript influenced by Scheme? It's not an expression-oriented programming language, there are no continuations, mutation is heavily encouraged and macros and regular syntax are also no-shows. — Preceding unsigned comment added by (talk) 08:28, 22 March 2019 (UTC)

In how many Netscape Navigator releases was JavaScript called LiveScript?[edit]

Right now there is the following text in the article:

the language was officially called LiveScript when it first shipped in beta releases of Netscape Navigator 2.0 in September 1995

Here are the release notes for Netscape Navigator. As you can see, in 2.0b1 it was indeed called LiveScript, but in 2.0b2 it was already JavaScript. So if it was actually only one release, I think this needs to be changed.

--MaGIc2laNTern (talk) 20:45, 25 March 2019 (UTC)