Request for Mozilla Position on an Emerging Web Specification Specification Title: Web Environment Integrity API Specification or proposal URL (if available): https://rupertbenwiser.github.io/Web-E...
Let’s just go back to the good old days when the web worked without JS. That would remove a massive amount of attack surface. Might seem a bit shit without the interactivity, though.
Is there any way to make JS safer? E.g. limiting the scope of its access to specific functions (e.g. visual/DOM changes, posting/querying a server only but no local function), or is it just inherently unsafe?
Is there any way to make JS safer? E.g. limiting the scope of its access to specific functions (e.g. visual/DOM changes, posting/querying a server only but no local function), or is it just inherently unsafe?
Let’s just go back to the good old days when the web worked without JS. That would remove a massive amount of attack surface. Might seem a bit shit without the interactivity, though.
Is there any way to make JS safer? E.g. limiting the scope of its access to specific functions (e.g. visual/DOM changes, posting/querying a server only but no local function), or is it just inherently unsafe?
Is there any way to make JS safer? E.g. limiting the scope of its access to specific functions (e.g. visual/DOM changes, posting/querying a server only but no local function), or is it just inherently unsafe?