Talk:Security tips: Difference between revisions

From GreaseSpot Wiki
Jump to navigationJump to search
No edit summary
 
m (Reverted edits by 46.17.96.204 (talk) to last revision by Arantius)
 
(8 intermediate revisions by 6 users not shown)
Line 1: Line 1:
I propose un-doing [http://wiki.greasespot.net/index.php?title=Security_tips&curid=1532&diff=1752&oldid=1751&rcid=254 this revision].  GreaseMonkey scripts always have a wrapper function. See [http://greasemonkey.devjavu.com/projects/greasemonkey/browser/trunk/src/components/greasemonkey.js greasemonkey.js] line 250.
I propose un-doing [http://wiki.greasespot.net/index.php?title=Security_tips&curid=1532&diff=1752&oldid=1751&rcid=254 this revision].  GreaseMonkey scripts always have a wrapper function. See [http://greasemonkey.devjavu.com/projects/greasemonkey/browser/trunk/src/components/greasemonkey.js greasemonkey.js] line 250.
[[User:Arantius|Arantius]] 15:26, 15 March 2007 (EDT)
[[User:Arantius|Arantius]] 15:26, 15 March 2007 (EDT)
: -1. The fact that Greasemonkey wraps scripts in an anonymous function is an irrelevant arcanum. <code>return</code> outside a function, even though it eventually ends up inside a function, is unclear. --[[User:Ldrhcp|Ldrhcp]] 18:16, 15 March 2007 (EDT)
: +-0. I made that change (the one that was undone in the linked revision). While I think that bailing early is good and needless nesting is bad, I also think perhaps the nesting way is more clear, as an example. It also fits better with the fact that you might well have additional "else if" branches. We ''could'' give two examples, but that'd probably hurt more than it'd help. --[[User:81.225.78.42|81.225.78.42]] 07:27, 20 March 2007 (EDT)
:: It's a matter of aesthetics whether nesting code is "needless" or "bad". Do it as you please in scripts, but for pedagogical purpose, especially when the nested "code" is just a one line comment, I think nesting is better. Also, there is no reason to have an "else if" block, since the purpose of the example is to narrow down the include rule, not do arbitrary logic. --[[User:Ldrhcp|Ldrhcp]] 15:49, 20 March 2007 (EDT)
----
----
The page suggests using &#104;ttp://, &#104;ttps:// or http*://. Is the latter in fact safe? What about <code>&#104;ttp://evil.example.com/#://</code>? --[[User:81.225.74.254|81.225.74.254]] 13:35, 1 April 2007 (EDT)
: +1 (remove the star version) [[User:Arantius|Arantius]] 00:09, 9 April 2007 (EDT)

Latest revision as of 03:17, 22 March 2012

I propose un-doing this revision. GreaseMonkey scripts always have a wrapper function. See greasemonkey.js line 250. Arantius 15:26, 15 March 2007 (EDT)

-1. The fact that Greasemonkey wraps scripts in an anonymous function is an irrelevant arcanum. return outside a function, even though it eventually ends up inside a function, is unclear. --Ldrhcp 18:16, 15 March 2007 (EDT)
+-0. I made that change (the one that was undone in the linked revision). While I think that bailing early is good and needless nesting is bad, I also think perhaps the nesting way is more clear, as an example. It also fits better with the fact that you might well have additional "else if" branches. We could give two examples, but that'd probably hurt more than it'd help. --81.225.78.42 07:27, 20 March 2007 (EDT)
It's a matter of aesthetics whether nesting code is "needless" or "bad". Do it as you please in scripts, but for pedagogical purpose, especially when the nested "code" is just a one line comment, I think nesting is better. Also, there is no reason to have an "else if" block, since the purpose of the example is to narrow down the include rule, not do arbitrary logic. --Ldrhcp 15:49, 20 March 2007 (EDT)




The page suggests using http://, https:// or http*://. Is the latter in fact safe? What about http://evil.example.com/#://? --81.225.74.254 13:35, 1 April 2007 (EDT)

+1 (remove the star version) Arantius 00:09, 9 April 2007 (EDT)