raven ioctl


ioctl.org : jan's home page : javascript


Doug Crockford's far more eloquent than I could ever be on why Javascript is such a nice little language (that's often let down by its implementation).

Anyway, there are a few Javascript implementations around. One of those is Rhino, an embeddable Javascript interpreter for the Java platform. I recently had some headaches embedding Javascript into someone else's application to permit the execution of untrusted, third-party scripts in a safe fashion. Most of these problems stemmed from the fact that the application in question - like most Java, in fact - wasn't written with the possibility that it might be running under a restrictive SecurityManager in mind. When it comes to it, Java's security model is a pretty good one (although I was cursing the lack of nestable SecurityManagers for a long time). So I have a writeup of cheesy Rhino security for third-party applications and untrusted scripts which really is just a workaround, and a pretty lame one at that. This (security) is probably the most compelling argument for aspect-oriented programming that I've come across. It's better than the old chestnut "logging," anyway.