nick at virus-l.demon.co.uk
Fri May 7 05:37:24 BST 2010
Christian Sciberras wrote:
> This is a seriously flawed argument.
> JS == plain text. Full Stop.
...but that has nothing to do with the reasons why.
First, because it is simply wrong (FSVO "plain text").
anything like anything normally considered "plain text":
yet it runs as designed (and there's no need for anyone to provide an
explanation of what it is, what it does, how it works, etc).
specifically in this case, the colloquial "plain text" is generally
expected to be material that can be safely transferred across the
internet under text/plain character encoding. While the above example
may survive that on a binary-clean transport (like HTTP) it just might
not on other common internet protocol transports.
And, FWIW, the ECMAScript standard says, in the first sentence of
Section 6 ("Source Text"):
ECMAScript source text is represented as a sequence of characters
in the Unicode character encoding, version 3.0 or later.
Again, close-minded as it is, Unicode and "plain text" typically do NOT
mean the same thing on the Internet (an oversight that will probably be
"fixed" within another generation or so).
I think you confused "plain text" with "necessarily scrutable", or
Full-Disclosure is hosted and sponsored by Secunia.