JavaScript Inventor Speaks Out

Anonymous Coward writes "Brendan, on his mozillazine blog talks about JavaScript 1, 2, and in between in light of DHTML and AJAX. In an informal blog entry he answers frequently asked questions such as fixing Unicode in regular expressions, multi-threading, weak numeric typing, and obfuscating code."

Check your spelling

[jesup]

It's Brendan Eich, not "Brendad"

Re:Check your spelling

He's the father of Javascript.

Re:Check your spelling

[oldbenway]

Maybe he had a cold...

Re:Check your spelling

Brendad is his father, didn't you RTFA?
Oh wait...

It Would Be Nice...

[__aaclcg7560]

If the "write once, run everywhere" feature was implemented. ;)

On a related note, I had an interview at Adobe a while back and the interviewer mentioned that javascript was the scripting language for a lot of their products. I drew a blank on that one since I had no idea how use javascript for an application (and, subsequently, didn't get the job). When an application uses javascript for the scripting language, does that mean a javascript parser is also implemented into the application? Or can javascript be used in a standalone environment?

Re:It Would Be Nice...

[Zarxrax]

I'm not sure sure that Adobe is technically using javascript. The only application that I'm aware of using a scripting language is After Effects. The scripting language uses the same syntax and all as javascript, but I'm not so sure I would come right out and say that it IS javascript... you definately couldnt run your After Effects scripts in a web browser :)

Re:It Would Be Nice...

[fm6]

WORE is Java, not Javascript -- though I'm guessing you knew that. There's actually a platform-independent Java software out there. It's just that people have become too cynical about Java hype to care.

Re:It Would Be Nice...

[noblethrasher]

Acrobat also uses JavaScript explicitly as an application scripting language as I've just recently discovered. The documentation sucks however.

Re:It Would Be Nice...

As already mentioned Acrobat 7 Forms is driven by Javascript. Also apparently Illustrator has Javascript support, which is no surprise because many of the Illustrator team also worked on Adobe's SVG plugin. Overall it makes sense: throw in a Javascript interpreter, break down your document (pdf, picture, movie, etc) into XML objects (DOM), and let users write Javascript to manipulate the document. The biggest deal is to make sure users don't manipulate objects in unintended ways.

Re:It Would Be Nice...

[Datasage]

Pretty much all of their applications have some scripting interface or another. Most of them support javascript (on mac apple script is supported as well) inside or through a COM hook outside the application. (If your really want a challange, script Photoshop with php using the PHP COM extension).

I dont know how much its used. I havent really seen it used regularly anywhere. Some companies might use it internally.

Re:It Would Be Nice...

[pohl]

I think cremier was making a tongue-in-cheek comment about the dubious use of the name 'Java' in 'JavaScript'.

Re:It Would Be Nice...

[LetterJ]

PHP->COM->Photoshop is a bit of fun. At least for the few prototypes I've built for the fun of it (yes, that's the kind of sick freak I am).

Most open source scripting languages can access COM objects on Windows. Once the syntax issues are out of the way, most of them work the same way.

Re:It Would Be Nice...

ActionScript (from the Macromedia side of Adobe) is also EMCAscript based.

Re:It Would Be Nice...

[dwlovell]

Javascript is a scripting language that can be plugged into anything that has a script host for it. Dont confuse javascript with the DHTML DOM. Plenty of javascript code is perfectly valid and does not run inside a browser:

- Windows Scripting Host allows you to write shell scripts in many languages (Javascript, Perl, VBScript) You can install new script engines and it will host those languages as well. WSH gives you a object model to access the disk and other windows components. (COM, ActiveX, etc).
- Classic ASP used the Windows Script Host javascript engine so that js can be the language for ASP. (instead of the default of vbscript). Again, you could use any language that a script engine was installed for, including PERL. (see ActivePerl).
- I also believe some cgi scripts can be written in javascript.

Just because you aren't accessing the DHTML DOM objects (document, location, windows, etc) doesn't mean you aren't coding javascript!

-David

Re:It Would Be Nice...

I thought the original comment was in reference to Javascript for HTML documents, where we were hoping that we could write some HTML+Javascript, test it using any browser, and assume it would work the same way (or even just work) on all browsers. What a silly dream that was...

Re:It Would Be Nice...

Dreamweaver uses javascript extensively to do it's stuff. Many of the main functions are implemented in javascript. Flash allows macros to be written in javascript too.

Since Adobe is buying Macromedia, maybe this is what they meant.

Re:It Would Be Nice...

[prockcore]

When an application uses javascript for the scripting language, does that mean a javascript parser is also implemented into the application? Or can javascript be used in a standalone environment?

A javascript parser is included in the application. The opensource ultima online server UOX3 used SpiderMonkey (Mozilla's javascript engine) to handle server-side scripting.

It's actually not that difficult to link spidermonkey into your application. I did it once for a benchmark program (it would pull a web page, and parse the javascript banners etc and time how long it took to download every piece of data required to render the page).

Re:It Would Be Nice...

[man2525]

I'm pretty sure that Acrobat Professional allows the use of JavascrIpt when creating PDF forms with calculated fields. I'm assuming that a JS parser is built into both Pro and Reader.

Re:It Would Be Nice...

[ss122_ry]

On many applications there are some dialogs etc. which are easy to implement in html/javascript.
A scripting engine is used to load and run the script.
Downside is, it is not possible to step into the javascript code while debugging.

Re:It Would Be Nice...

[NutscrapeSucks]

It's not as bad as you make it. A couple years ago, I wrote several thousand lines of javascript primarily targetted toward IE6. I needed less than couple dozen changes to get it to run in Mozilla. And since then Mozilla has add more support for IE-DOM features, so it would be even less now.

Re:It Would Be Nice...

[Bellum+Aeternus]

As far as Abobe goes (since they recently "aquired" Macromedia), ActionScript is JavaScript based. The major difference between DHTML (HTML + JavaScript) and ActionScript is the API they use.

Some what like writting code for another OS. Even if it's the same processor the code won't run in the wrong OS.

Just instead of OS, think OE (operating environment) and you're good.

Re:It Would Be Nice...

[Maian]

JavaScript already has two open-source engines from Mozilla that can be embedded in server-side solutions:

SpiderMonkey (C++) and Rhino (Java)

Re:It Would Be Nice...

[Pieroxy]

People are confusing the language and its more popular set of libraries.

Javascript is a language

The DHTML DOM (window, document, location, etc...) is merely an API. When you code in another environment, there is another API. For exemple, when ASP uses JScript (and not JavaScript, but it's pretty similar), APIs are such as ADODB, file system access, db access, etc...

Re:It Would Be Nice...

[rjshields]

If the "write once, run everywhere" feature was implemented. ;)

You need to understand the difference between a language and an implementation of a language. Javascript is a language that is commonly implemented in web browsers. The part you have a beef with is the difference in implementation and difference in API thereof. Javascript the language is well defined and works well. There are several Javascript engines out there that can be embedded into any application.

It's a shame Javascript gets a bad name from people who don't understand the differnce between a language and an implementation.

Re:It Would Be Nice...

[AndroidCat]

In Windows, you can run javascript standalone as a text app with cscript.exe as in cscript blah.js. (Recently noticed this in an example.)

Re:It Would Be Nice...

[thehesiod]

eh, how so? I like it

Re:It Would Be Nice...

[thehesiod]

there is a JS debugger in Acrobat to do exactly this

Re:It Would Be Nice...

[Xuri]

The opensource ultima online server UOX3 used SpiderMonkey (Mozilla's javascript engine) to handle server-side scripting.

It still does:
http://www.uox3.org/

Re:It Would Be Nice...

[anopres]

Also, several soon to be acquired products from Macromedia use javascript (ECMAScript) as a development platform. Much of Dreadmweaver's interface is controlled and extensible through javascript. Additionally, ActionScript 2.0 in Flash is directly based on ECMAScript.

Re:It Would Be Nice...

I haven't seen anyone mention it, but Photoshop CS2 also supports JavaScript.

File->Scripts

Re:It Would Be Nice...

[kwoff]

The only problem with the spidermonkey interpreter is that it doesn't include the browser object model. So you can't load an HTML page and manipulate its DOM like you normally would do in javascript.

Re:It Would Be Nice...

Photoshop and ImageReady also use Javascript for Scripting in thier automation. It's actually pretty sweet, but I have found MM Fireworks implementation to be far more robust.

Re:It Would Be Nice...

[chartreuse]

Javascript as-is is pretty much in a "sandbox", for obvious (and sane) security reasons; Adobe's extended it to offer a cross-platform scripting language in addition to Visual Basic and Applescript. And yeah, it's in the application. (Dunno if the interpreter is installed only once or for each CS program.)

Re:It Would Be Nice...

[aztracker1]

As an example the BBS software I use makes an Object Model to be scripted in Javascript.. the software is called Synchronet, which many who were bbsing in the 90's may well remember... it's still around, and now a *nix as well as win32 bbs software including a rapidly improving http/html interface...

JavaScript

[nepheles]

It's a pity JavaScript rarely gets the attention it deserves as a legitimate programming language. Most guides to C begin with teaching you how compilers work; most guides to JavaScript teach you how to swap some images.

This is unfortunate as it's quite powerful: it supports first-class functions and an excellent generic object-system, not to mention the usual suspects such as dynamic memory management.

Hopefully its apparent resurgence these days (as browser vendors get their compatibility acts together) will change this.

Re:JavaScript

[superpulpsicle]

The reason so many stayed away from Javascript was the revealing code. Any browser could have you peek at the developer's work. I knew alot of developers that had a problem with that. They would rather write a slow piece of shit java applet compiled. Javascript was always lightning fast.

Re:JavaScript

[bcrowell]

There are apparently some pretty darn good disassemblers for Java bytecode. I don't think Java bytecode is really any more or less obscure than obscurified javascript.

Re:JavaScript

[Brandybuck]

Javascript never got a good rep as a language, because it was so inexorably tied to a browser. The browser is the shell and the executable. You can't run a javascript script from the command line. You can't click on an icon to run a javascript program (unless that icon is an URL). It's a great language for embedding, but it's lousy for stand alone programs.

p.s. Yes, there are ways to run javascript without a browser or some other encapsulating application. But the Javascript community has done a good job of hiding that information away.

Re:JavaScript

[khellendros1984]

I'd like to clarify, that Javascript is a scripting language, as it's name states. It isn't considered a true programming language in most respects.

Re:JavaScript

[NutscrapeSucks]

You can't run a javascript script from the command line. You can't click on an icon to run a javascript program

I guess you haven't run Windows in quite a while, because all of this works as expected. (The console command is cscript myscript.js)

Re:JavaScript

[dtfinch]

I protect my javascript with stuff like this:

// Copyright 2005 David Finch
// Don't steal

It seems to work. There must be a few people out there who still respect copyright.

I even put a BSD license on one of my scripts, essentially making it public domain, and somebody asked for permission to copy it.

shameless plug

Re:JavaScript

[bdptcob]

"There must be a few people out there who still respect copyright."

Not a chance.

Re:JavaScript

[Fragmented_Datagram]

Heck, you can even write your own Unix operating system:

JSUIX

Re:JavaScript

[Tablizer]

I'd like to clarify, that Javascript is a scripting language, as it's name states. It isn't considered a true programming language in most respects.

It is an age-old fight whether dynamicly-typed or type-free languages are "real" languages. I have yet to see good evidence that dynamically languages are inherantly flawed or limited. It seems more a matter of personaly preference and culture. Compile-time type checking may reduce some errors, but it causes other by making the code too wordy. It is true that dynamic languages seem to require more skill and discipline to use effectively, but the flip side is that such people are more productive. The most prolific developers tend to use dynamic languages.

A side note regarding JavaScript, they need to get a dedicated operator for string concentation (such as dots or ampersand in other langs). The polymorphic plus sign blows.

Re:JavaScript

[Tablizer]

Compile-time type checking may reduce some errors, but...

Speaking of errors, I found tons of typos in my message. I did proof-read it, but I guess my eyes are tired at the end of the day. Sorry bout dat.

Re:JavaScript

[Brandybuck]

Well I have run Windows in a while, they make me do it at work. But none of the FMs I have said anything at all about "cscript", including the Javascript FM. I'll have to try this tomorrow.

Re:JavaScript

I even put a BSD license on one of my scripts, essentially making it public domain, and somebody asked for permission to copy it.

Some people think it's polite. It is. It's a Good Thing.

Re:JavaScript

[rjshields]

If you're on some kind of "compiled langauges are more macho" thought, it's *much* harder to understand and write Javascript well than it is to write C badly.

Re:JavaScript

[dustmite]

Heh - interesting, I've had similar experiences. I've written a few (very) small OpenSource games - nothing major, nothing well-known. I've distributed them very clearly under either GPL, BSD or even 'public domain' licenses.

Yet people seem to have always asked my permission before using the source for anything, however tiny and insignificant the use. Some guys also asked my permission once to do a fork.

In the beginning it seemed quite weird to me, now I'm kinda used to it.

So yes, people seem to generally respect copyrights.

Re:JavaScript

Of course it works. You still have the code, so nobody has stolen it. If you wake up one day and all your Javascript is missing from your websites, then you'll know it failed, because somebody stole it.

I don't see what that has to do with the parent though. He was talking about people being able to see the code, not delete it.

Re:JavaScript

as it's name states

"its".

Re:JavaScript

[reidbold]

Care to elaborate, because you certainly haven't clarified anything.

Re:JavaScript

[swv3752]

It is probably more of a courtesy thing. It is not so much they are "asking" to use your code as politely informing you that they are using your code.

Re:JavaScript

[roman_mir]

I respect copyrights.

Re:JavaScript

[accessdeniednsp]

Good programmers write code. Great programmers steal good code.

Re:JavaScript

[Reverend528]

This is unfortunate as it's quite powerful

Of course. Have you ever tried to swap two images in a web browser with C?

Re:JavaScript

[randall_burns]

You also have stuff like Rhino that makes Javascript a _compiled_ language. You also have a .NET Jscript compiler. So, Javascript _can_ be a compiled language.

Re:JavaScript

[Mercano]

I protect my javascript with stuff like this:

// Copyright 2005 David Finch^H^H^H^H^H^H^H^H^H^H^HMatthew Geer
// Don't steal

It seems to work. There must be a few people out there who still respect copyright.

Re:JavaScript

[MikeFM]

I largely blame the poor documentation of using Javascript and incompatibilities in implementation for my wish of a better scripting language in web browsers.

I've often thought of creating a lite version of Python or Prolog that have some built-in DOM access added and all their parts that pose security issues removed. In general I think that it's a shame that we're mostly limited to one or two languages of limited compatibility for client-side web scripting. At least we can write some of that stuff in the language of our choice on the back-end now and just use JS to communicate between the browser and the server seamlessly.

I'd like to see a thin language that just lets a server-side RPC service be connected to and gives the server-side script full access to all browser events and the DOM. That'd be pretty cool. Something as simple as defining the host and then using RPC calls as if they were client-side calls.

<script type="text/xml-rpc" host="http://xmlrpc.example.com:80/" />
<span onFocus="focus">Yada yada yada.</span>

The difference between the language and...

[LetterJ]

The difference between the Javascript language and the browser objects themselves has become more and more clear to me as I've worked heavily with both more complex Javascript like AJAX (where you aren't spending much time directly interacting with browser objects, but rather staying "inside" Javascript), working with JScript.NET for commandline programs, JScript in WSH and HTA as well as Photoshop scripting.

Many of the things that bother me about "Javascript" turn out to be problems with IE or Mozilla's objects and not the language itself. Don't get me wrong, things like the Javascript date objects still bug me, but I'm growing to like the language itself much more than I used to.

If you've only ever used Javascript in a browser, you may not realize that much of what you're working with is really the browser's object model. All of the window., document., document.form, etc. interaction form.submit(), etc. are all browser object properties and methods.

I noticed before posting some questions about scripting outside the browser. In those environments, you just get a different set of objects instead of document.form, you get objects for the filesystem or an active image, just like in any other programming language that uses objects from outside (COM objects, .NET assemblies etc.)

Re:The difference between the language and...

[Hao+Wu]

Why is javascript only used in browsers? Why can't I create an independent application with it? (My secret is that I don't want to bother learning straight Java...)

Re:The difference between the language and...

Look into Microsoft HTAs, Apple Dashboard Widgets, or Mozilla XUL.

Re:The difference between the language and...

[LetterJ]

It isn't only used in browsers. I used it all of the time for other things. Granted, most of my use is on Windows workstations (such is the life of a web development consultant in Fortune 500 companies) as that's what I spend most of my day on. However, there are other alternatives out there for other OS's as well.

On Windows (if you have a workstation or server), however, you probably already have the WSH accessible containers and the cscript.exe and wscript.exe interpreters. Simply making a script.js file (remember you can't use any browser objects, so search for "Javascript WSH" to get some more info) and running "cscript.exe script.js" will run your script from the command prompt.

Beyond that, you can build WSC (Windows Scripting Components) that are Windows COM DLL's written in scripting languages. HTA's (HTML Applications) are HTML files outside the browser container. Just rename an HTML file to .hta and double-click it. HTA's have gotten a bad rap as they're ofen used in virus attacks. However, so are EXE's. With power comes the potential of abuse. HTA's leave the local access restrictions behind which means your Javascript can access local files, etc. When combined with the WSH Shell object, you can run local executables to process whatever you like. I've done little scripted apps that are HTA's that collect data via a form, save the form data to a temp file, run a commandline processor (which dumps out a resulting file), read in the results and delete the temp files. What you end up with is something like the current AJAX rage without a web server and acting like a local app, all while still using Javascript/HTML.

If you're looking for more "real" applications, JScript is a full-fledged, if not well documented, language for .NET. You can compile to DLL's and EXE's directly and they are exactly the same resulting output as if they'd been written in C# or VB.NET. JScript.NET does bring some restrictions you may not be used to, including enforcing variable declarations, etc. However, it still retains a looser backward compatibility mode, resulting in many WSH scripts compiling as-is. All the tools for working with JScript.NET are free. The .NET SDK is free and contains all of the compilers. You do NOT need VisualStudio.NET to work with .NET languages.

Re:The difference between the language and...

You realize that java and javascript are not related at all right?

Re:The difference between the language and...

[Hao+Wu]

What do you mean by "realize" and "related" and "right"?

I know that today is wednesday.

Re:The difference between the language and...

[shadow0_0]

Nice post. :)
Do you know any good links about using JScript in WSH? The main problem that I found is the lack of documentation.

Re:The difference between the language and...

[NutscrapeSucks]

Try http://msdn.microsoft.com/scripting/

Re:The difference between the language and...

[Da+VinMan]

If that's your "secret" then you need to get out more. :+) Seriously, give Ruby a try. I think it will quite easily scratch the itch you're expressing. It has none of the confusion surrounding it that JavaScript does and it's quite a worthy desktop application and web application language. Oh, and if you're going to give Ruby a try and aren't totally addicted to Emacs or vim at this point, then give the Arachno IDE for Ruby (at http://www.ruby-ide.com/) a spin. It's not free, but it is cheap.

FYI - Learning Java can also be worth your time; it's not so bad. But really, if you're going to have your application execute on the client in a browser, then Java really isn't a good choice these days. (Although I'm sure some would beg to differ; it is *possible* after all. I just don't recommend it.)

Have fun!

Re:The difference between the language and...

[m50d]

Huh? Don't get me wrong, I hate java, but it's pretty much the only decent way to put a program in a browser. What else would you use, flash?

Re:The difference between the language and...

[Da+VinMan]

Well, with OpenLaszlo, that's a decent option these days. If the browser is Mozilla based, you could also use XUL. Then there's always the DHTML/AJAX option. And then there's Curl. Etc.

Except for DHTML/AJAX all the other options (including Java) require a browser plugin. Usually, you can't trust your client to have this plugin already (including Flash if you're using newish features), so you're stuck getting your clients on to that plugin before you can deploy anyway.

As far as Java being the only decent option, I dunno about that. I've seen some very cool things done with all the above and there are options for this that I half remember but haven't bothered to look up.

Happy hunting!

Re:The difference between the language and...

[aztracker1]

Regarding JScript .Net, you're pretty damned right it isn't well documented, I spent my first month trying to learn .Net, and wanted to use JavaScript (my fav. language) ... spent a larger part of the time converting VB.Net and C# stuff, much of which didn't seem to work right (anything using dll/system/unmanaged calls, never did figure that out).. finally I broke down and learned C#, was much more neat as far as code goes, the VB-Like tie-in for declared objects kinda irked me.

'VB
Public MyObject As Object

//JS
public myObject as Object; //iirc

//C#
public Object myObject;

I just like the C# syntax a bit better.. just a personal view though. I like JavaScript in and of itself, I think the way it handles say regular expressions should be added into C#, it imho is about the biggest point that JS has over C#, since the syntax outside of declarations is about the same.

As for .Net development, with the SDK installed, can always use SharpDevelop as a free, opensource ide for .Net ... MonoDevelop is based on an earlier fork of #dev.

Beyond all this, javascript can be used in conjunction with XUL as another RAD environment, iirc the TheOpenCD uses it for it's menu/installer front end..

Re:The difference between the language and...

[aztracker1]

If you need a richer ui, then Flash is probably the best choice... if you need more client/server performance, then Java is probably better... if you want reasonable ability, and not plugin requirements, AJAX is a really nice option.. I wish that JML was used more often than XML, simply because it's less overhead, and easier to initialize into javascript... (var myobject = eval(result);) instead of having to use an xml based object model, or other alternatives.. just my $.02 here.

Re:The difference between the language and...

[aztracker1]

sorry, meant JSON (JavaScript Object Notation) not JML... my bad.. :)

Re:The difference between the language and...

[Da+VinMan]

FYI - JSON looks *very* similar in intent and execution to YAML (www.yaml.org). Both of them are a response to obese XML. As far as I can tell, the *only* advantage (aside from market inertia) that XML has over either of them is namespaces.

Re:The difference between the language and...

[aztracker1]

yeah seems similar, not familiar with it, but looking, it is interesting.. benefit to JSON is it is parsable into a JS object base, with a simple

var myobject = eval("json_data_here");

I beleive that the Ajax.Net library uses json for passing data to/from the client... was looking into that more after reading through this, came acrossed it a while back, but took another look.. :)

Re:obfuscated code as a feature?!?!

[ImaLamer]

to purposefully obfuscate code is the same as a painter purposefully maasking the meaning of a painting. it's absurd and reeks of evil.

You are pretty much on target with the rest of your thinking but that point is "off base". When painters hide the true meaning of a painting... well that is just damn cool!

Not to nitpick (I'm usually not a nitpicker)

Re:Just what I wanted!

[Mr.+Cancelled]

I'd rather use a browser configured to show me the world wide web as a bunch of hypertext documents, not as a bloated adware-infested and spyware-infested application that moves crap around inside the browser window and pops up windows.

Yes, but this is a discussion about JavaScript, not Flash.

And why not?

[Saeed+al-Sahaf]

but this stinks of DRM type shit. somewhat like that amazon fiasco that prevents the same user from viewing all the pages of a book.

Honestly. Why should you be able to? Amazon SELLS books. It's not an on-line library. That's not the service they are offering.

Re:And why not?

[KillShill]

the point is, they were using some obfuscation in addition to or in conjunction with javascript. it was defeated but they vowed to start an arms race... here's a clue.. if you don't want people to view all the pages of your book, why put them all there in the first place? why not a small sampling that tries to please everyone. the point is.. they are the problem i was speaking of in my original comment. trying to hide the way the code works to prevent something which is mostly harmless. do you think people prefer viewing pages on screen , trying to decipher the method of pseudo-DRM used and saving those low res pages to their drives in order to read a book OR buy a physical copy? in any case, i've made my point.

Re:And why not?

I suppose if you really wanted to, you could look up a list of different proxy servers. I'm sure it's more technical than that but a properly motivated person could cobble something together. :)

Re:And why not?

[Saeed+al-Sahaf]

they are the problem i was speaking of in my original comment. trying to hide the way the code works to prevent something which is mostly harmless.

It is "mostly harmless" that you want to circumvent a system that will let you look at a few pages before you buy? Why would you even want to do that? Are you dishonest? If you're not trying to scam a book, why would you care? Trying to justify bad behavior by saying that Amazon is trying "too hard" to protect their interests is no more than a scam to get something for free from someone who normally sells the same product.

Re:And why not?

Yeah, you've made your point, and it's still wrong. Nice job, cocksucker.

Re:And why not?

But the information wants to be free!

Re:And why not?

[CastrTroy]

Maybe because when I go to a brick and mortar book store, I can look at every page. Maybe I want to see if the book is really what I'm looking for. The first 10 pages sometimes don't tell you that. Maybe for novels, seeing the entire book isn't necessary, but for technical books, as well as many other types, it can be very important.

Re:And why not?

[CastrTroy]

The best are those programs that try to hide your html source using Javascript. Such as Crypt HTML. The easy way around all these programs, that I've found, is to:
1. Let The Page Load
2. Turn off Javascript
3. Ctrl-A, right click, view selection source.
Works for every method i've seen of trying to hide HTML source. I wonder if the idiots buying it know how easily the "security" is broken.

Re:And why not?

I take it you work for them.

Re:And why not?

[teh_winch]

Also there is the view rendered source firefox extension.

And for safari you can turn on the debug menu and use the DOM viewer to do the same thing.

JS is very functional

Try this site to see what I mean.
http://www.masswerk.at/jsuix/

Re:JS is very functional

[CTho9305]

Especially when combined with XUL.

Re:JS is very functional

[bcrowell]

MOD PARENT UP!!!
That has got to be the coolest thing since the invention of French kissing!

Re:JS is very functional

[kpp_kpp]

that is unbelievable.

someone has way too much time on their hands.

Re:JS is very functional

What a waste of time

Re:JS is very functional

[nevdullc]

that's kinda neat, smoothwall.org does the same sorta thing with a root login screen through a web browser for command line (emu.) for firewall management. Don't get me wrong that's a very nicely done site, but the fact remains that js is mostly bloat and fails to really work in the heat of battle and day to day-workaday tasks, for the end user it's a major pain in the arse. I can't even count the times I've sat cursing under my breath at a page of java[code/scripting] errors all spilling forth like the puke of the gods.. It makes me want to toss my monitor out the window, it isn't just one company's platform either. Maybe it's just the programmers. All I know is that is has pissed me off more than any other "top 5" languages in the work place.
--/nev/dull/c

Re:JS is very functional

I agree. Check out these cool card games.

Re:JS is very functional

[nacturation]

All I know is that [javascript] has pissed me off more than any other "top 5" languages in the work place.

And how many other languages do you use to write client-side code for web browsers? The problem is that the browsers don't all implement the same standards for their internal object models... but this is a result of using JavaScript to implement differing browser APIs, not a failure in JS itself. It's like saying that ANSI C is lousy because the same code for a graphical app will create errors if you compile it under Windows, Linux, and Mac. The language is fine it's just that those platforms, much like the browsers, implement different graphics APIs.

Re:JS is very functional

[kwoff]

This did nothing in my browser but show a page with swirly colors, a clock, and a Launch button which didn't do anything.

Re:JS is very functional

[jesterzog]

Not to mention the well-known Javascript Lemmings.

Re:JS is very functional

[enosys]

It mostly worked for me (Firefox 1.0.4 in WinXP). I ran several games and the web browser. The only thing that didn't work is the asteroids game. Very cool!

Re:JS is very functional

[CTho9305]

Were you using a gecko-based browser (Firefox, Mozilla, Camino, K-meleon)?

Re:JS is very functional

I can't even count the times I've sat cursing under my breath at a page of java[code/scripting] errors

-1, the opinion of somebody who lumps Java and Javascript together is worthless. They are completely different languages.

Re:JS is very functional

[jonadab]

I can't be certain, because I get a 404 at his URI, but the other poster was *probably* using the word "functional" in the CS jargon sense, referring to the fact that Javascript has lexical closures.

Re:JS is very functional

[kwoff]

Yes, firefox 1.04.

JavaScript Vrs. TCL

[Radical+Rad]

I was hoping he would talk about the decision to put JavaScript in the Netscape browser. I seem to remember at the time that the magazine columnists were saying Sun was upset that Netscape chose JavaScript over TCL and the fact that they chose to name it JavaScript since that confused the masses of people who generally weren't even sure what Java was yet. I guess they were in a hurry to innovate scripting into the browser before you know who did or we would have ended up with vbscript as the de facto web language. But I've always wondered why they didn't go with TCL. It probably could have been embedded and extended just as easily and there were already lots of programmers familiar with it who could have jumped right in with both feet.

Re:JavaScript Vrs. TCL

[fm6]

I think by the time Javascript came along, Sun had pretty much lost interest in TCL. I heard stories about people trying to license the Sun implementation of Tcl/Tk and getting a runaround. It's probably not a coincidence that Ousterhout left Sun (and took Tcl with him) at about the same time as Eric Schmidt, who brought Ousterhout on board in the first place.

Re:JavaScript Vrs. TCL

That is a shame really because Tcl is WAY better than Javascript.

Re:JavaScript Vrs. TCL

[dkf]

This was at the start of the period when Sun believed that all the world was Java. What is not clear is whether this was a cunning plan to persuade everyone to buy much bigger hardware, or just one of those bizarre fits of corporate Group-Think that happens from time to time when someone slips magic mushrooms into the boardroom's supply of coffee beans...

Re:JavaScript Vrs. TCL

[dwarfking]

As I understand it, Sun originally looked at TCL to be what Java became for them, a controlled language. However, when Ousterhout went to work for Sun, one of the conditions was that Sun could not take control of the language, as they do with Java.

Because of this, Sun didn't promote TCL as they could have, but jumped immediately to Java (which was Invented Here) as their platform of the future.

Java of course was originally designed to be used to control devices (much like TCL) and Sun pitched it to a set top manufacturer. The deal went south and the Java team went looking for a sponser.

During some late hour negotiations, Sun got Netscape to agree to include Java support in Navigator. This would give Java a wide audience. As part of the deal, Netscape was the only company given permission to use the Java trademark, and thus renamed LiveScript to JavaScript, even though the two have no other real connection.

Because of this, people assume that JavaScript is part of the Java family. Funny though that there are many JavaScript engine implementations in Java, but very few (actually maintained and supported) in other languages (SpiderMonkey being one of the few exceptions). From what I've seen, even the browser implementations of JavaScript are actually written in Java, or at least leverage the browsers JVM to do much of their work.

ECMAScript really should be viewed as a language of it's own, seperate from Java. It would be nice to see it grow in use as it really is a decent language.

Re:JavaScript Vrs. TCL

[fm6]

Both your theories assume that everybody at Sun has a common agenda. Not the case. When I worked there, the internecine battles were epic. To the outside world it looks like bizarre decision-making. On the inside, it's simply a matter of whoever's left standing getting to impose their particular policy.

Re:JavaScript Vrs. TCL

From what I've seen, even the browser implementations of JavaScript are actually written in Java, or at least leverage the browsers JVM to do much of their work.

Er, no. I can't think of a single browser that does that. Trident doesn't, Netscape 4 doesn't, Gecko doesn't, Opera doesn't, KHTML doesn't. As far as I know, Tasman doesn't. Most other browsers don't implement Javascript. Which browsers were you thinking of?

Re:JavaScript Vrs. TCL

[aztracker1]

Was thinking the same myself, I know for damned sure that IE doesn't use Java for it's JScript/JavaScript implimentation... though I wish they'd pushed it more for classic ASP than they did VBScript :(

Re:JavaSuck?

JScript.NET comes in the box, you know.

Javascript doesn't suck

[stevens]

As someone who'd only used Javascript in creating DHTML, I'd worked up a good hate against it. But what I'd hated was really the ridiculously incompatible implementations of the DOM in IE/Netscape. I also hated the embedded space itself--shitty delivery method (encoded or called from HTML, no #include, no namespaces).

Then I started writing extensions for firefox. I'm trying to show my company that (firefox + xul + js) > (ie + activex). I'm mostly successful, since we already have lots of XML over HTTP data services primed for XmlHttpRequest.

But it turns out that the language doesn't suck so bad. Sure the namespace problem is JS's fault, but the rest is the embedding. Using JS for firefox exntensions allows you to code to one platform; make more OO libraries, etc. I even generate classes from the DTDs I make the XML services from.

Who would've thunk it's really a decent language in the dynamic, lambda-toting, functional-ish area?

Re:Javascript doesn't suck

[rainman_bc]

I just wish that FF would let us going document.element instead of force us to write document.getElementById("element") in order to reference DOM objects. the former is less typing than the latter...

Re:Javascript doesn't suck

[stevens]

I just wish that FF would let us going document.element instead of force us to write document.getElementById("element") in order to reference DOM objects. the former is less typing than the latter...

That's not a feature, it's a bug. It's not FF, it's the w3c. And it's the right decision. Standards and all that, right?

The document object already has a shitload of properties, and this IE idea doesn't cooperate nicely, since the property namespace clobbers the id namespace. Bad browser-maker! No cookie!

Re:Javascript doesn't suck

Maybe you could recomend some good tutorials for (firefox + xul + js) since it seems to be just for Those In The Know.

Re:Javascript doesn't suck

[stevens]

Oh, shit, I wish I knew. I hated the way that you seemed to have to be a firefox hacker to know how to do this shit. But you don't -- there are lots of examples to learn from now.

Plus, I learned with help from da intarweb:

• XUL Reference
• DOM Ref
• XmlHttpRequest

And an out-of-date but still informative book (got cheap!).

Some Firefox extensions like venkman (JS Debugger) and one called "Extension Developer" which has a real-time graphical XUL eval thingy that's worth its weight in gold.

Toss in reading about how to create closures in JS (imperative for developing useful OO libraries). And about two serious weeks of sweat equity to get started.

Re:Javascript doesn't suck

[stevens]

I just wish that FF would let us going document.element instead of force us to write document.getElementById("element")

Thinking more about it, what you may want is an implementation of E4X, which looks cool. I think it's going into newer mozilla-based browsers soon.

It lets you address a parsed XML file in XPath-ish terms, like rootelement.child.text and such.

Re:Javascript doesn't suck

[dtfinch]

I just have a function el(n) { return document.all ? document.all[n] : document.getElementById(n); }, then use el("element").

Re:Javascript doesn't suck

In Javascript, you can define a string literal using single quotes, or if you feel like it double quotes... Why?? Some very decent languages give you one and only one choice and it works well, why do we need a choice with JS? Pick one and live with it, damn the poor implementation of HTML/XML. Same with end of statements, you can put a semi-colon at the end of a JS statement, or not. Why??

There are no reasons for providing these options (except for freaky historical ones from HTML days). They don't add anything to the language, they just make maintenance harder. Ease-of-maitenance is one of the biggest worries with programming languages. Because of kludges like the above, it's easy to write hard-to-maintain Javascript code, therefore Javascript sucks.

Re:Javascript doesn't suck

[NutscrapeSucks]

Hey -- it's 2005 now and we can all stop checking for IE4.0.

[Plus this code has a bug. If the element doesn't exist, you get different values (undefined or null) depending on the codepath.]

Re:Javascript doesn't suck

[stevens]

Ease-of-maitenance is one of the biggest worries with programming languages. Because of kludges like the above, it's easy to write hard-to-maintain Javascript code, therefore Javascript sucks.

Oh, hell, I've programmed Perl long enough to know that choice != hard to maintain. For your project, in your team, you pick a style standard and go with it. If your team isn't that adult, implement a lint to your liking or dust off your resume.

Re:Javascript doesn't suck

[pdo400]

var x = "JavaScript is cool...";

function f(){
return function () {alert(x)};
}

f()();

var x = "If you're careful.";

f()();

Re:Javascript doesn't suck

If your team isn't that adult, implement a lint to your liking or dust off your resume.

Ignoring the childish name-calling... there is another choice: pick a better language. :-P

Re:Javascript doesn't suck

[stevens]

var x = "JavaScript is cool...";

function f(){
var x = "It's all good";
return function () {alert(x)};
}

f()();

var x = "If you're careful.";

f()();

Re:Javascript doesn't suck

[stevens]

there is another choice: pick a better language

s/better/more restrictive/

Re:Javascript doesn't suck

[rycamor]

More fun:

z = function (k) { return k; }

z(x);

z(f);

z(f());

z(f()());

Re:Javascript doesn't suck

[rainman_bc]

FWIW though, some (many? - didn't count) of those elements that FF identifies in the document element really apply to any dom element.

Re:Javascript doesn't suck

[nacturation]

Plus this code has a bug. If the element doesn't exist, you get different values (undefined or null) depending on the codepath.

That's why we have this companion function:

function bad(n) { return n == undefined ? true : n == null ? true : false; }

Re:Javascript doesn't suck

[Vo0k]

Using JS for firefox exntensions allows you to code to one platform

Oh, yeah?

/cygdrive/d/home/mozgest/mozgest/content>grep -i platform *.js
mozgestOverlay.js: if (e && !mgGestureDone && (e.button == 2 || (navigator.platform == "MacPPC"
mozgestOverlay.js: if (navigator.platform != "Win32" && navigator.platform != "OS/2") {
mozgestOverlay.js: var isMac = navigator.platform == "MacPPC";

/cygdrive/d/home/mozgest/mozgest/cont ent>grep -i isMac *.js
mozgestOverlay.js: var isMac = navigator.platform == "MacPPC";
mozgestOverlay.js: mgButton = mgGetPref("mousebutton", "Int", (isMac ? 0 : 2), 0, 2);
mozgestOverlay.js: if (isMac && mgGetPref("modifier.meta", "Bool", false))

Sorry, platform independence in Firefox is a myth.

Re:Javascript doesn't suck

[Vo0k]

Nesting ?: syntax makes baby Jesus cry.

Re:Javascript doesn't suck

[pdo400]

I actually did a pathetic job of illustrating the point I was trying to make... (I was already staying after hours at work just to read slashdot and wanted to get the hell out of there). At any rate, this is a much better code sample:

var messages = new Array();

function addMessage(message){
messages[messages.length] = message;
}

alertMessages(){
for(var i = 0; i messages.length; ++i){
alert(messages[i]);
}
} ... code ...

function addMessages(messages){
for(var i = 0; i messages.length; ++i){
addMessage(messages[i]);
}
}

addMessages(new Array("Javascript is cool!", "If you're careful");

alertMessages();

What happens here? Well, your javascript environment 'crashes' due to out of memory before the alertMessages() call executes because of the way namespaces work.

Free variables in functions can be quite powerful (especially with functions as first class objects), but JS is the only language I've ever worked in where all the namespace pitfalls I learned about in my CS Theory courses have ever come into play.

Re:Javascript doesn't suck

> no #include
document.createElement("script");

Re:Javascript doesn't suck

[pdo400]

Exactly why "imports" don't work in javascript. Unless you are insanely meticulous about your naming conventions, even simple javascripts stuff written by your 'html guys' can have terrible reprocusions.

Re:Javascript doesn't suck

[CastrTroy]

Sometimes I think I'm going to go crazy when people want to base decisions on how much typing they have to do. I hear this so many times, even when there's autocompletion in the language. Let's call this variable g, because there's less typing. Granted, I don't like overly long variable and function names either, but people who choose to be programmers for a living, and then complian about a little extra typing really get under my skin.

Re:Javascript doesn't suck

[Darby]

Nesting ?: syntax makes baby Jesus cry.

Not really, he just kind of squints at it funny for a second, shrugs and moves on.

Re:Javascript doesn't suck

[dtfinch]

I guess I just haven't thought about in a few years. IE4 was still in the 10-20% range only about half a decade ago.

Re:Javascript doesn't suck

[David+Gould]

Nesting ?: syntax makes baby Jesus cry.

...If it's done without parentheses. Properly parenthesized (and indented, with linebreaks and everything), it can actually be kinda neat.

Re:Javascript doesn't suck

[jonadab]

> JS is the only language I've ever worked in where all the namespace
> pitfalls I learned about in my CS Theory courses have ever come into play.

Emacs lisp has serious namespace issues, for several reasons. First, and most obviously, there is no concept of package or namespace. Second, and more importantly, all your code has to play nice with all the other code ever written in the language, even code you've never seen, even code that hasn't been written yet, or it's a bug.

Consequently, everyone just builds the namespace right into the variable names, by prefixing the package name to the variable name, so that you end up with variable names like cperl-break-one-line-blocks-when-indent and mail-extr-address-text-comment-syntax-table. (Yes, really.) This works, but it's a bit ugly.

It should be noted that lexical scoping would *not* solve the problem, since most or all of these variables *need* to be globally scoped, so that they can be changed easily by other code. (Yes, you *want* other code to be able to change your variables. Really. It saves other people from needing to modify your code for no very good reason (which would otherwise happen a *lot*), and, perhaps more importantly, it saves you from having to accept a hillion jillion arguments to every function, most of which would only get used occasionally. Very frequently you incorporate variables for the express purpose of allowing other code to modify your behavior.) Dynamic scoping is very handy, but it solves a different class of problem and doesn't do anything for the namespace issue. What is needed really is a package scope mechanism like Perl has. In Perl, you can have a variable that's fully global, but code within the package (namespace) can just call it by it's simple name; whereas, code outside the namespace must use the fully qualified name with the namespace built in, e.g., in a package Foo::Bar::Baz, you can have a variable that goes locally by the name of $quux, but code outside the module must call it $Foo::Bar::Baz::quux instead. This avoids most namespace collision issues, and elisp would benefit hugely from a similar system (though I don't think double-colon would be the right syntax in elisp; I suspect common lisp probably has some more lispish syntax that could be appropriated).

Re:Javascript doesn't suck

[jonadab]

> Yes, you *want* other code to be able to change your variables. Really. It
> saves other people from needing to modify your code for no very good reason
> (which would otherwise happen a *lot*), and, perhaps more importantly, it
> saves you from having to accept a hillion jillion arguments to every
> function, most of which would only get used occasionally.

Come to think of it, it's actually even more important than that. What it really saves you from is having the end user need to modify somebody *else's* code in order to get *your* code to work differently. Because the calling code doesn't necessarily know how the code it's calling needs to behave; that might need to be determined by the caller's caller's caller, or of course by the user. So the variables absolutely must be scoped globally and/or dynamically, as opposed to lexically. But they sure could use package namespaces.

Re:Javascript doesn't suck

[jonadab]

This is true, as far as it goes, but I do think a less verbose name than getElementById might have been preferable; that *is* a lot of typing, for something that gets used stupendously often. The Perl-culture side of me says it's "bad Huffman coding" (a Wallism, IIRC). Perhaps something along the lines of document.elt("someelementid") would be reasonable.

Re:Javascript doesn't suck

[aztracker1]

or even say document.getId("someid");
agreed that getElementById is a bit much, though can't you just do something like

document.elt = document.getElementById;

Re:obfuscated code as a feature?!?!

[Eberlin]

Code obfuscation isn't really a "feature" per se. I think the main problem is what you've mentioned -- that a lot of folks don't believe in the "Open Source" philosophy and yet use such scripting languages that by their very nature, are "open source." (PERL rants aside)

It's writing code and hoping nobody else can understand, modify, improve, or possibly circumvent it. To be perfectly honest, I don't think code should be more obfuscated than it already is. The simpler and easier to understand, the better.

I did run into a vbscript worm once that did something like rotX itself when transporting (with a random shift, I believe, to try to avoid AV fingerprinting), then decode and execute upon launch. I must say that was pretty neat in a sick sort of way.

Re:JavaSuck?

[Jedbro]

Maybe because we actually know what we are talking about.

Brendan Eich worked at Netscape back when the web was pioneered.. he created Javascript while there, and wrote the entire javascript engine for the Netscape browser (version 2 or 3, can't remember).. facts are facts.. I'm sure theres more info at wikipedia.

They have.

[NoMoreNicksLeft]

It's ECMAscript. Name hasn't caught on yet. ECMA = European Computer Manufacturer's Association, I do believe. Mozilla used to have some bugs where you couldn't use that as the attribute value for a "script" element. Or maybe that was with SVG.

Re:They have.

It's ECMAscript. Name hasn't caught on yet.

That's because it sounds like the name of some long-lost aunt from West Africa.

Re:They have.

[MrFlannel]

Actually, it appears that JavaScript and ECMA aren't quite the same thing. Or at least not in the windows sense of JavaScript.

If you look in the 'windows script documentation' (a big help file for VBS and JS) you'll see two lists of features (JScript > Reference, for those following along at home, at least, in version 5.6), the ECMA compliant ones, and then additional features that aren't complaint (and presumably not in the ECMA specs).

Re:They have.

[LarsWestergren]

ECMA script is a standard. Javascript is an implementation (or tries to be) of that standard.

As for the AC comment - tiresome troll.

Re:They have.

[arkanes]

It's called "JScript" on Windows. JavaScript is a Netscape-ism. JScript is Microsofts implementation of the ECMAScript standard, and, as with all their implementations of standards, they document where they deviate from the standard. However, there are very few places where they don't implement the standard (any? I'm not sure), and ECMAScript explicitly allows for extensions. So it doesn't matter how much you add, you can't be non-standard as long as you implement what the standard has.

Re:They have.

[NoMoreNicksLeft]

Won't dispute that. It is pretty horrible, isn't it.

Re:They have.

[kwoff]

It's ECMAscript. Name hasn't caught on yet.

Always makes me think of eczema.

Re:They have.

ECMA sounds too similar to DMCA for me to like it :(

Re:I need to agree with fellow Slashdot participan

[NoMoreNicksLeft]

It's also responsible for Google Maps. That's the only big one that jumps out at me, but there are a few other uses I've seen, that I've liked. Try out greasemonkey, and make javascript work for you.

Is it just me...

[Tavor]

Or does obsfucating code and open source sound like they don't belong in the same sentence? (Yes, I did RTFA. Just curious as to the response.)

Re:Is it just me...

[The+Cookie+Monster]

Removing all unneccesary whitespace and replacing var and function names with 1 or 2 letter replacements is also a means of compression.

Open source languages are not designed to only be used on open source projects, restricting what it can be used for goes against the whole point.

Besides, nobody has a problem with GCC producing output without embedded data to make it reversable.

Re:Is it just me...

[MegaFur]

Read it again--according to my browser, the word "open" never occurs anywhere in the article.

You're right, those two things (obfuscation and open source) likely don't belong together, but I don't believe anyone was suggesting that they should be.

Re:Is it just me...

[jonadab]

> Or does obsfucating code and open source sound like they don't belong
> in the same sentence? (Yes, I did RTFA. Just curious as to the response.)

Not all websites are licensed in an open-source fashion.

Any time you have an interpreted language (or a run-time-compiled language, for that matter), people will want a code obfuscator for use with it. It's a topic that comes up with annoying frequency on Perlmonks. (I like to point them at Acme::Eyedrops...)

Re:Just what I wanted!

As long as scripts can still control my system I'm happy. REEE!

Re:Just what I wanted!

[dwlovell]

I mostly agree, but we do need Javascript. If you look at the Strict XHTML spec, there is no target="" attribute allowed on anchor tags. So if you want to open a link in a new browser, the official way to do it requires client-script (something about targetting is a browser behavior not a document structure semantic, so it should be script, not html):

<a href="http://www.slashdot.org" onclick="window.open(this.href,'_blank');return false;">Slashdot</a>

So you can argue that XHTML blows, or that you shouldn't open links in a new window, but if you decide you want to be standards compliant, you are going to need some client script. This is not the only example.

-David

Re:Just what I wanted!

No web page should ever open up a new browser window when the user clicks on a link. That's rude! The world wide web is a set of documents, not an application. Web pages should not be making decisions of that sort for the user.

Re:Just what I wanted!

what about targeting in frames?

And why not-free for me?

And his screed basically ends up as a bullet-point on some MPAA/RIAA's powerpoint slide.

If there's a "war", then we should make note of who the "warriers" are.

Anyway give people an inch (We want preview before buying!), and they'll take a mile. (We want to 'hack' the website to get the entire book so we don't have to buy it).*

*I'm reminded of that old joke: How do you know there's intelligent life out their? A) Because it hasn't come here.

Re:And why not-free for me?

[Saeed+al-Sahaf]

I don't go as far as the various trade organizations like the RIAA. But I do believe in Intellectual Property. I don't exactly know why, but it seems right to me that one should be able to own and profit from their ideas.

Re:And why not-free for me?

But what if their ideas want to be free?

Re:And why not-free for me?

[Saeed+al-Sahaf]

But what if their ideas want to be free?

Give it up. I'm not biting.

Re:I need to agree with fellow Slashdot participan

[StikyPad]

As well as GMail, the new Google Custom Frontpage (You know you can drag those boxes around?), and hmm.. well, just disable JS in your browser and see how many websites still function. It's ubiquity is why popups exist, as the GP pointed out, but the reason popup blocking software exists is because simply turning off JS would "break the internet," in the eyes of most users.

Re:obfuscated code as a feature?!?!

Painters mask the meaning of paintings all the time. If they were completely obvious art would be dull.

But seriously, it's not like a painter masking the meaning of a painting; it's like a painter masking the method of the painting -- how he achieved the results. And, really, no painter (or coder) should be _forced_ to tell you how he does his work, especially if he's trying to make a profit off the process.

Re:Just what I wanted!

Frames are evil. 'nuff said.

Re:Just what I wanted!

[nxtw]

Blah blah blah. There are situations where that's actually the most user-friendly thing to do, like when you're editing or entering information and need to display detailed instructions without losing the form, along with some other situations.

Re:obfuscated code as a feature?!?!

[Deviant+Q]

somewhat like that amazon fiasco that prevents the same user from viewing all the pages of a book.

Easy to get around... just read your five pages, then search inside the book for the last word on the 5th page, and start all over again. Sure, a bit of a pain, but certainly automatable...

Re:I need to agree with fellow Slashdot participan

Undoubtedly most browser based attacks do use Javascript. Perhaps when this guy invented it he should have thought of a security architecture that works? When you are celebrated as the inventor of something so powerful, it would just be a graceful thing to take a little responsibility for the way your invention has been abused.

Re:Just what I wanted!

[chrisbtoo]

what about targeting in frames?

The "target" attribute is specifically for frames. However, if you want to use frames, then you should be using the Frameset DTD (where it is defined) and not the Strict one.

The "target" attribute's actually defined in XHTML 1.0 Transitional, too, but the OP was talking about XHTML Strict.

Re:Just what I wanted!

If you look at the Strict XHTML spec, there is no target="" attribute

That's why you use the onclick= attribute.

Re:Just what I wanted!

[eraserewind]

It's if you decide that you want to open windows on somebody elses computer that you need client script.

The user doesn't need any such scripting to open a new window, only control freak developers ;)

Re:Why not get rid of the stupid name?

[LnxAddct]

You must be some dumb highschool kid or you've never worked in any enterprise or on any government projects. Java is *the* language of choice.
Regards,
Steve

Re:Just what I wanted!

[Paua+Fritter]

There are situations where [opening a new window is] actually the most user-friendly thing to do, like when you're editing or entering information and need to display detailed instructions without losing the form

You can do this with CSS, and without having to call back to the server for the "help" content as another web page

Define your help notes as divs which are hidden (display:none). Then you have your "help" hyperlinks point to those divs, which can then become visible (because they have the focus a different CSS rule applies and they can get display:block or whatever).

Opening new windows is almost always a bad idea. "User-friendly" depends not just on the technique but also on the user. For some people it may work, in some circumstances, but for other people (people with visual impairments, for instance) it is never friendly.

Re:Just what I wanted!

[HeroreV]

That's why you use the onclick= attribute.

That violates the separation of structure from behavior. You should set the onclick value using a method other than by including it in the HTML page. It's not that difficult if the element is labeled well.

Re:obfuscated code as a feature?!?!

[timbo234]

rediculous

<spelling-nazi>
ridiculous

Why is it that no one on slashdot can spell this word?
</spelling-nazi>

Re:What's the difference between Java and Javascri

They're two entirely different languages made by two entirely different companies for entirely different purposes that have evolved in entirely different ways.

Re:obfuscated code as a feature?!?!

[nihilogos]

I'm not sure they are thinking. Like the people who remove whitespace to 'save bytes'.

Re:Just what I wanted!

You can be standards compliant and still use target with XHTML strict. One of the bigs things about XHTML is that it is modularized and target was just moved to a module which you can import in your documents:
http://www.w3.org/TR/xhtml-modularization/DTD/xhtm l-target-1.mod

Using JavaScript for this, which people can disable or just selectively cripple, is a terrible idea and you start getting all these non-standard handlers spread around.

Re:Just what I wanted!

makes sense, thank you for saving me 30 seconds on google :)

There he is!!

[utnow]

You mean we KNOW who invented javascript and we haven't sacked him yet? Hurry! Grab the pitchforks, and lets get pop-up-ad-window on his ass!

Re:Just what I wanted!

Except you run the risk of the user clicking before the method is attached.

I hope they eventually standardize something along the lines of IE's behaviors.

Re:obfuscated code as a feature?!?!

[Tim+C]

somewhat like that amazon fiasco that prevents the same user from viewing all the pages of a book.

If Amazon didn't at least attempt to prevent you from accessing every page of each book, they'd be unable to offer the service at all as there's no way the publishers would agree to it. They'd essentially be providing a mechanism to get the text of the book for free.

If enough people piss about with it, Amazon *will* be forced to either withdraw the service, or just put up (say) five pages of each book and leave it at that, which would greatly reduce its usefulness.

Re:JavaSuck?

It was Netscape 3. Netscape 2 didn't have Javascript support. I remember, because I have an old 68K PowerBook with a copy of Netscape 2.

Re:obfuscated code as a feature?!?!

It's quite simple, really. If I were a web design consultant and thought some nifty new feature would be in order I might just go ahead and spend some time writing that.

Now, assuming the feature is implemented mainly on the client side, with some stuff running on the server, and it's a hit, competitors will be asked if they have some of the same stuff.

Suddenly, the competitors can just download the same scripts as I've spent a month writing. They get to instantly reap the benefits (of course they change it slightly, like any good cheat would do).

End result: I've spent a month bringing something new to the world, my company has spent a month's salary... the competitor can underbid us (no development cost to recoup) and might just get the sale.

Obfuscation, although not a means of stopping someone from doing the above will slow them down, which may be quite sufficient for us to recoup our costs and compete on a level playing field.

Small correction

[Pieroxy]

that can be embedded in server-side solutions

You should read:
that can be embedded in any solutions

Re:JavaSuck?

[xrissley]

To frist potser:
Java is not same as JavaScript, but who cares, because anyway you also confuse .Net ( a framework) with ASP (a dynamic page generation system based on simplified VisualBasic)

Second poster was actually ironic, maybe a bit trolling, but fairly funny in my view.

On the internet, nobody knows you are a dog.

Re:obfuscated code as a feature?!?!

Heh, I've often wondered the same. For a while I thought it was just the US spelling, with me being a Brit.

Re:obfuscated code as a feature?!?!

[mosschops]

Like the people who remove whitespace to 'save bytes'

And using short variable names too, I guess?

With interpreted languages like JavaScript it does does cut down the parsing and processing time a fraction, so why not? Check out the compact code on Google's homepage, which is downloaded a gazillion times, and benefits from the size reduction.

Re:obfuscated code as a feature?!?!

It's nothing to do with the processing time, its the size of the code. Smaller=faster downloads. If you have a million people download bloated code its gonna cost you in bandwidth, strip the white space and your variable sizes etc and the savings soon add up.

Parent is obvioulsy talking out of his uninformed asshole.

JS rocks

[famebait]

It never ceases to amaze me how people can do sometimes extensive work with JavaScript and still not spot what an elegant and powerful language it is. Sure, most of that work is about doing meaningless browser-related stuff and wrestling with bad APIs, but come on. I really do expect from an averagely talented real IT person to be able to separate that from the langauge, and be able to recognise the things it can do that their normal language can't. Its almost single-abstraction design that turns out to be able to do just about everything and still look nice and procedural and newbie-friendly totally rocks.

Re:JS rocks

[StrawberryFrog]

This may be true, but what you're saying is that although all the javaScript work that you will ever do will be as painful as hammering nails into your forehead, JavaScript itself is nevertheless really good fun. it's a rather academic distiction.

Re:JS rocks

[david.given]

It never ceases to amaze me how people can do sometimes extensive work with JavaScript and still not spot what an elegant and powerful language it is.

a = new Array();
a["width"] = 1;
a["breadth"] = 2;
a["length"] = 3;
alert(a.length()); // Aaaaah!

b = new Array();
ob1 = new Object(); // just a random object
ob2 = new Object(); // and another, different one
b[ob1] = "This is ob1";
b[ob2] = "This is ob2";
alert(b[ob1]); // what do you think this says?

Javascript has a number of nice features; I can forgive it a lot for having real closures. However, it has a number of really, really brain-dead features, the above brokenness being the main ones that irritate me. I would not call it elegant.

Re:JS rocks

[xutopia]

well any language can be written to look fugly. You can also do crazy stuff like you did there using object references as assignement in an array but what advantage would you have in doing such a thing?

I took your first example and wrote it how I would write it. Look at your code now: function Dimension(width, breadth, length){ this.width = width this.breadth = breadth this.length = length } a = new Dimension(1, 2, 3) alert(a.length)

Just like you have beautiful perl and python you can still do really crazy things in it on purpose. But why would you?

Re:JS rocks

[david.given]

I took your first example and wrote it how I would write it.

Actually, you missed the point on that example; I should have been clearer.

What I was complaining about was that array elements share namespace with array methods. Which means that once you assign array["length"] to something, array.length doesn't return what you think it does! You can't have an element called 'push' and have access to the Array.push() routine at the same time. This is mind-boggling brain-damaged.

You can also do crazy stuff like you did there using object references as assignement in an array but what advantage would you have in doing such a thing?

Because nearly all real languages allow associative arrays where you can use any arbitrary object as the key. Javascript pretends its Array objects are associative arrays, which encourages you to believe that they work like associative arrays. They don't.

Javascript Arrays key all values by string. Any value, used as a key, gets converted to a string. This means that both my objects get turned into the same value --- "object {}", I believe --- and that's used as the key.

It gets worse. a[5] is actually equivalent to a["5"]. For a class whose main purpose is to store numeric indices, this is simply mad. Trying to do an index lookup requires doing string comparisons to find a match...

Re:JS rocks

[aztracker1]

bad coder/programming != bad language.

Re:JS rocks

[aztracker1]

regarding array["length"] overriding, the alternative would be a scripting engine error, if it is/were protected, this is actually (kind of) a feature, as you can pretty much override any function/property, which is actually pretty cool, and can be usefull in other software that uses JS for scripting...

example: the bbs software I use (synchronet), has JS as a scripting language for it, an issue, ANSI display over telnet is often too fast when you have a long (>25 line) ansi artwork that you want people to see... I was able to override the function that displays an ansi, and if the ansi is more than 25 lines, it puts a short sleep after each line, which allows for proper display.. don't have any long ansis, as only used this for welcome screens, and have been revising...

Just the same, this is a definate feature.. the main thing is, that an array, and an object are treated interchangably.. you can use myobject['property'] or myobject.property ...

for your last example, I believe that "5" gets type converted to an integer, and a numeric index is used unless a non-convertable string is used.. in *any* case, you *still* have to cast/convert from the string to an integer, which is poor coding, and bad practice to assume anything.

having no distinction in form/function for an array vs. an associative array, it's not so bad...

for being able to override a method or property it is usefull.. say you want a custom toString() for your object... it's simply elegant, as it lets you do more, not the same as having a poorly trained/informed programmer writing scripts.

How about in C that you can write to any point in memory.. sure most OSes have protected memory spaces now, but that doesn't mean it *has* to be that way... protecting people from themselves is sometimes an assinine concept.. I mean, .Net and Java are great, but it's not always necessary to add that level of overhead...

Re:JS rocks

[Brendan+Eich]

JS certainly has design flaws. It was designed very quickly, and evolved under some absurd deadlines at Netscape and in ECMA committee, with the sad, stale background of the "browser wars" (MS crushing Netscape; Netscape mutilating itself with bad decisions, only some of which were due to that rarified competitive pressure).

Here's the design decision you hate: a JS object is a single-namespace collection of properties, each mapping a string to an arbitrary value. I made that decision quickly, but consciously, so I'll take blame. "Brain-dead" is too strong, though. Is Python "brain-dead" for lacking real closures (see http://store.yahoo.com/paulgraham/icadmore.html/)?

Using strings as property names helps users who commonly want to map "1" and 1 to the same value in an object (not necessarily an Array object -- any object).

If (as you seem to want) JS had mapped value to value, treating all strings of the same length and characters as a single identity, but also mapping objects, numbers, booleans, etc. according to some equivalence relation (you probably want ===, which maps -0 and 0 to the same equivalence class; you must treat all NaNs as the same not-a-number), then many users would have to say String(1) or Number("1") where today they do not. Users would have had to write anArray[Number(aForm.anInput.value)] -- a lot.

The influence I acted under came from awk. JS's design target was string-oriented processing in scripts embedded in client and server markup language processing. It seemed better to simplify the object model by defining property identifier as string-typed, with implicit conversion, than to allow arbitrary values mapped under some more complicated non-identity equivalence relation.

From your later comment, it seems you believe that this decision requires comparing string keys when looking up 1 or "1" -- not so. It's trivial to optimize non-negative integer property identifiers that fit in machine-word containers from string to int when storing, accessing via hash tables, etc. A JS Array indexing from 0 to 2^30 - 1 in the Mozilla JS engine, SpiderMonkey, requires no string storage for the element ids, only for the interned 'length' property id. Methods, as you note, are stored in the same namespace, but not in each instance -- rather, in this example, only once, in Array.prototype.

This is the result of a very few design decisions carried to their conclusions, with simplicity given greater weight than almost any other good. A mistake? Sure -- and worse, incomplete due to the rushing (as with Python, JS has had to evolve some corrections and necessary limbs). But not brain-dead.

FYI, if you want to map names such as a["width"] = 1, a["breadth"] = 2, don't use an Array. Use an Object. To count these properties, you can use __count__ in SpiderMonkey. I never got near to persuading the ECMA working group to think about standardizing this extension. Using the standard, you have to count, with a var n=0; for (var i in a) ++n; loop.

/be

The world's most misunderstood language

[rjshields]

"Lisp in C's clothing" http://www.crockford.com/javascript/javascript.htm l

Re:The world's most misunderstood language

Yeah, and unlike lisp, a success, because it was distributed without strings attached. Creating and accessing object properties is also a great deal less of a pain in the ass than it is with CLOS. Reflecting comes with absolutely no bureacracy -- when was the last time YOU wrote CLOS MOP stuff without consulting the hyperspec?

Lisp lost because no one was willing to evolve a very cumbersome syntax, and they just shrilly screamed how macros were the salvation of The One True Syntax. That and there STILL isn't a free implementation on windows worth using (though clisp is getting there).

Re:JavaSuck?

[DrSkwid]

oh well, you fell into the same trap :

ASP isn't based on visual basic, ASP just means Active Server Pages.
It would be like saying that CGI is based on Perl.

Instead of environment variables, asp provides some COM objects : request, response, session & application.

The scripting language is up to you, you can use VBScript, Perl, Python, PHP, C and probably even Brainfuck !

wooof!

Re:JavaSuck?

[xrissley]

Well, sure, meant to actually spell out A.S.P. and not go into unneeded peculiarities and details, but got carried away. was just an off the cuff reply to an obvious flamebait anyway. Thanks for completing.
(ASP is still majorly used by VisualBasic script kiddies, although the environment is quite flexible.)

Re:Just what I wanted!

[alex_podam]

IIRC, XHTML strict doesn't allow inline event-handlers (like your onclick-attrib), so the correct way to do it would be to add the event-handler after the page has loaded. Or maybe it's the next version of XHTML I'm thinking of.

Re:obfuscated code as a feature?!?!

And while we're about it, can I also complain about people using 'seemlessly' instead of 'seamlessly'?

Seemlessly isn't a word, and if it were, it would probably mean almost the opposite of seamlessly. (See 'unseemingly' in dictionary).

Relief at last!

[Qbertino]

Finally somebody who isn't a total dickhead speaks up on the Ajax craze.

"With DHTML and AJAX hot (or hot again; we've been here before, and I don't like either acronym) ..."

Bingo!
The man's right on.

Re:Relief at last!

[Unpossible]

Looks like the craze has just started...

eBay Auction

I have never understood why the name keeps changing.. it is like JavaScript has such a bad stigma attached to it that programmers that do anything intense with it (ala DHTML, AJAX, etc) want to call it something else so as to feel better about themselves. Weird.

Re:Just what I wanted!

[Qbertino]

One of the reasons Flash is so popular is because it's next to impossible to write spy- or malware with it.
Flash is extremly picky about client side security, since it's the most widespread web/internet client plattform in existance and they don't want to lose that edge.
Good reasoning if you ask me.

Re:Just what I wanted!

[AndroidCat]

And as long as scripts can still control your system, I'm happy too.

& it's uses should blossom esp. in education

[burnttoy]

I agree! javascript is wonderful. of course many will complain about the speed of the whole thing but if a zx81 could run BASIC at a reasonable speed i'm sure my Pentium-M should hold javascript together (and it does). it's text oriented, interpretive structure is a strength and should be discussed as such (interpreter ALWAYS had massive advatanges over compilers but speed is what everyone wanted)

I'm _very_ much looking forward to Firefox 1.1, javascript + SVG will open up whole new avenues. e.g. animated mathematics projects that are easily and freely distrubutable (in fact all you need is a website). biological simulations, simple chemical and physical simultations. whilst these can be done now with sprites SVG + JS will make these things shine.... and of course... more games.

Not only that but the source code is available AND the turn around time from code to testing is just an F5 away.

The only browser issure that REALLY must be sorted out is that of SOUND. I want to be able to trigger sounds like i can images... on onload, onsubmit, anywhere in my code (ususally on a timer).

At the risk of sounding preverse the only other thing i'd like would be to stop the system rendering and queue all my requests then render when i say so. preferrably on vsync ;-)

Re:Just what I wanted!

[delGrey]

Your English is infinitely better than my German, but so as to make it even better: extremely platform existence

Misuse of operators

[ajs318]

This doesn't do what you'd expect it to do:

function hrs_up() {
h = document.theform.hr.value;
if (h < 23) {
h += 1;
};
document.theform.hr.value = h;
};
function hrs_dn() {
h = document.theform.hr.value;
if (h > 0) {
h -= 1;
};
document.theform.hr.value = h;
};
function mins_up() {
m = document.theform.mn.value;
if (m < 59) {
m += 1;
};
document.theform.mn.value = m;
};
function hrs_dn() {
m = document.theform.mn.value;
if (m > 0) {
m -= 1;
};
document.theform.mn.value = m;
};

This is because someone had the {IMHO crap} idea to use the addition operator for concatenating strings. That worked OK in BASIC {in those days, almost nobody had a full set of punctuation marks on their keyboard}; but unfortunately, JavaScript doesn't know the difference between strings and numbers like BASIC used to. So you end up having to subtract negative numbers when you meant to add.

Perl and PHP don't suffer from this of course, because they use two *different* operators for two *different* operations.

Re:Misuse of operators

[CastrTroy]

VB.Net (and prior versions) have this same problem. You can either use "+" or "&" to concatenate strings. If you do "hello" + 5, it throws an exception because it can't convert "hello" to a number. If you go "hello" + "world", you get "helloworld". If you go "123" + 7 you get 130. I don't see why it would try to convert string to number, which is only possible under certain circumstances, instead of convert number to string, which is always possible. Anyway, this can be avoided by using "&" whenever you want to concatenate strings.

Re:Misuse of operators

[ajs318]

But & is already used {in C and derivatives} for bitwise AND. 7 & 4 = 4; 10 & 1 = 0, and so on. && means logical AND.

Perl and PHP use the "dot" {full stop / decimal point} for joining strings, but that is used in JS as a sort of name delimiter. In Perl, "hello" + "world" = 0, "59" + 1 = 60, 123 + "456" = 579. And "hello" + 1 = "hellp". If you want to concatenate, you use the concatenation operator. "hello" . "world" = "helloworld".

My {rather incomplete, but the rest was boring and really didn't help make the point} code sample above tended to concatenate "1" to the end of the hours or minutes when you clicked the up button instead of incrementing. {Often, you want to treat a scalar as a number}. And I've also written this improbable bit of PHP in an application involving Ordnance Survey grid references:

$easting += 1e5 * "0.$east_num"; // isn't automatic scalar typing great?
$northing += 1e5 * "0.$north_num"; // try doing *that* in Java! :-b

You'll note though that I used variable interpolation rather than explicit string concatenation. You can't even do that in JS though, because they don't have a sensible indicator that whatever follows is a variable name .....

Re:Misuse of operators

[John+Courtland]

I agree. I was writing a simple (retardedly simple) script to calculate vehicle speed from engine RPM, trans gear ratio, tire size and final drive ratio. Nothing hard, but it was ALWAYS telling me I was travelling 1000+mph. I'm used to C, so this shit was pissing me off. Of course, it was because the goddamn langauge was concatenating string representations of the numbers instead of performing addition. Who ever decided the operation of concatenating strings preceeded addition of floats in javascript is a retard. Of course, using a totally different operator would be fine as well.

Re:obfuscated code as a feature?!?!

No. It's the Retardish spelling.

Re:Just what I wanted!

[nxtw]

Yeah, you *can* do CSS tricks. There's no way to get rollover effects to work like that reliably and without problems without using some sort of JavaScript (for IE). The effort needed to do all that compared to a single window.open is not worth it.

As for people with visual impariments, I'm not concerned with helping them view my sites. I guess that makes me a horrible person.

Re: Your sig

"In this world nothing is certain but death, taxes and failed car analogies."

A failed car analogy is like a Corvair: Exciting, but dangerous.

A failed car analogy is like a Moller flying car: Everybody wants one, but they won't be available for 10 years.

A failed car analogy is like the Flintstones's car: It takes a lot to get started, but then its momentum carries it along for some distance.

A failed car analogy is like a Pacer: Its creator thinks that it's great, but everyone else thinks that it's stupid.

A failed car analogy is like the Jetsons's flying car: It folds up into a briefcase.

A failed car analogy is like a Pinto: If you hit it the wrong way, it will explode.

A failed car analogy is like a Ford Model T: Very out-of-date, and you need a special license to use it.

A failed car analogy is like a Hummer: It sounds sexy until you realize that it doesn't mean what you thought it meant.

Re:JavaSuck?

[DrSkwid]

moving jobs im stuck working on an asp project atm.

I've been in unix land since pre win2k, last working on .asp in iis4 on nt4

the biggest drawback is the lack of native associative arrays

create a few more than 100 scripting dictionaries and you get "out of memory" [though I plucked 100 from mid air, I just ran out one time when using one of my php idioms creating an array of dictionaries inside a loop, didn't bother to work out the *actual* limits]

VBscript is one of the least expressive languages.

It is a dynamically typed language that throws up type errors if you don't cast some objects with clng(object.property).

Seems they weren't very good at writing parsers

Can of worms

JS is a can of worms. I want my browser to be just a browser and not run any code any XXX site sends me. It opens many security holes and makes writting a www browser a very complicated task.

So why not disable it?
Because many sites won't run.

The only solution is if many people disable js and then sites will not use it because they'll lose visitors.

And BTW, the dude is not an "inventor".

Security?

Javascript is an attack vector; it is to exploits what a pond is to mosquitoes. I tell everyone to disable it in their browser, email reader, pdf reader, etc... I wish it would go away! Web designers/programmers that require Javascript to access their site should be hung upside down by their private parts.

Re:obfuscated code as a feature?!?!

Why is it that no one on slashdot can spell this word?

Because we're a bunch of morans.

Re:Just what I wanted!

That's ridiculous! Yes, most of web *pages* should never do that, especially the stupid concept of "oh, you're following a link into other site, you CAN'T possibly want to leave THIS site; here let me open another window for you".

There are plenty of web *applications*, however, where opening new windows is perfectly reasonable.

Javasuck

[orionware]

Javascript is a rushed to market idea in order to make some cool things happen in browsers. You can't call it a programming language and I even hesitate to call it a scripting language.

I think the inventor ought to be bound and stoned to death.

bullshit

flash is goddamn insidious in its exploitable features. if anything it's ranking should be "almost" as bad as spyware.

flash is popular because people like you can do "cool" things easily and it's been wedged in IE for a few years.

Re:bullshit

[aztracker1]

Nod, and there are exploits at least in flash6 player that allow local filesystem access (not sure on newer versions)... what my company used it for was an authorized implimentation for internal web based tools, but it's scary just the same, and the main reason I use flashblock...

Ironically, I set my security settings in IE to "high" for the internet zone, and use it for testing a "minimal" environment for what I make, working around dhtml menus, and other options for a lot of things.

Don't evolve; stay a *standard*

[mactari]

I'm sorry, but this comment simply doesn't hold:

JS is not going away, so it ought to evolve. As with sharks (and relationships, see Annie Hall), a programming language is either moving forward, or it's dead.

No, when a programming language doesn't chance, it's called a standard. Look at what we've been able to do keeping html, css, and javascript a stable target for so many years! It's like Space Invaders on the Atari 2600 -- nobody who created that console, its hardware designed specifically for playing Combat and Video Olympics, expected someone to be able to slap six sprites in a row, much less have the player shoot then down one at a time. The 'standard' that was the 2600, however, gave a stable platform for programmers to learn tricks that would give the console life well beyond its creators' expectations.

We've got something like that with javascript, and we can see what happens when we compare to something like Visual Basic 6. Developers are still upset about Microsoft's decision to drop official support for VB6 in an attempt to force people to upgrade to VB.NET. Know what? Those upset programmers have found that VB6 hasn't rusted and simply continue using it to create their apps. There are more companies than you'd know (here's one) whose major apps are/were written in VB6, the 'prototyping language'. They're not quite ready to cast the baby out with the bath.

Fix bigs in javascript? Absolutely. The issue is that we've reached a point where nearly every browser anyone uses supports a 'single' flavor of javascript and we're all familiar with how to make our code work with the few quirks that remain crossplatform. There is a standard on nearly every box on the net that coders can assume will be there for them. I wouldn't want to see anyone mess this stable delivery platform up, splitting the user base into something like what we had in the Netscape 4.x/Mozilla/IE 4 & 5 days. Now *that* was an ugly time to code.

The bottom line is that evolution is an overused metaphor. You've got two choices if you'd like to propagate your genes into the future: immortality or reproduction. Immortality was a little too difficult to accomplish for living, unique individuals. Perhaps there were little organisms that could live forever, but something squashed 'em. They're gone. That's not a problem in the digital world, folk. We can make as many exact copies of an individual as we'd like. Javascript modules are not unique. They don't need to evolve. (I mean, come on, he even mentions sharks, a design that hasn't changed in millions on millions of years!)

Javascript should shoot to become an immortal standard, not another field of play and debate.

Re:Don't evolve; stay a *standard*

[Brendan+Eich]

Hey, any analogy can become strained.

My point was that JS ought to respond to feedback in its niches, not stay unchanged for years on end (as it has, apart from bug fixes). I agree it doesn't need six legs or two heads. But "evolve" -- as in "respond to feedback from users" -- means more than "bug fixing". See my roadmap blog for more on this.

/be

Re:Just what I wanted!

[Jack9]

Fark.com is a classic example of why it's a *good idea* to open new windows. I'm really surprised /. doesn't do this.

Re:JavaSuck?

I thought it was Al Gore that claimed that?

JS book?

[sleepingsquirrel]

Can anyone recommend a good Intro-to-JS book (not an intro to programming book) that doesn't get bogged down in web-related/browser details?

Re:JS book?

[famebait]

Crockford suggests a couple on this page:
http://www.crockford.com/javascript/javascript.htm l

Re:JavaSuck?

[Arthur+Dent+75]

Nope. JavaScript was introduced with Navigator 2.0, maybe not on every platform. See the Navigator 2.0 (Windows) release notes. Wikipedia is obviously wrong on this.

Re:Just what I wanted!

[Darby]

Your English is infinitely better than my German, but so as to make it even better: extremely platform existence

Dude, now your just going to confuse the poor guy.
He's sitting there scratching his head going WTF does "extremely platform existence" mean.

Oh, and totally offtopic, but my wife just sent me a link to the coolest dog that ever lived. So we're too amazed here to be getting any work done for a few minutes.

shamelessly true!

[burnttoy]

text/javascript seems like it will always be faster than java. it doesn't have to load the virtual machine. in theory this _could_ be very fast (vanderpool/pacifica???). but... just isn't. javascript is ready to go as soon as the browser has loaded the page. tokenisation/compilation is damn near minial and strcmp isn't slow these days.

Re:Just what I wanted!

[jonadab]

> there is no target="" attribute allowed on anchor tags

Because it is frankly none of the website's business what window or tab I do or do not choose to open a link in. If cretinous idiot loser webmasters wouldn't keep pulling exactly that kind of braindead schenanighans, Javascript maybe wouldn't have such a bad name with users.

Re:obfuscated code as a feature?!?!

[jonadab]

> > ridiculous
> Why is it that no one on slashdot can spell this word?

Because it "feels" intuitively like too common and/or lowbrow a word to have Latin phonetics. You expect a word like "actuarial" to be spelled with an i, but "ridiculous", despite having four syllables, is a word most of us learned before we were in school, so we expect it to have Anglo-Saxon phonetics.

Additionally, words with i in the first syllable almost all have Anglo-Saxon phonetics. Some time when you're bored, grep -e "^[b-df-hj-np-tv-z]*i" /usr/share/dict/words | less and look for words where the i is pronounced with a Latin long i sound like "ridiculous". Discounting ones where the i is followed by a nasal ng or nk sound (which pulls the i into the very common ing phonemic combination), it's quite rare. Most such words are either pronounced with short i (as in "bitter") or the Anglo-Saxon long i (as in "bite").

Re:JavaSuck?

[aztracker1]

pretty sure it was first in v3 ... v2 didn't even have table background colors.. though I may be mistaken.. features weren't usefull for much of anything beyond form validation until v4, but the fact that ie4's model was so different (though arguably better) than netscape 4+'s was dark times for cross browser scripting indeed...

Re:JavaSuck?

[aztracker1]

you can combine JScript and VBScript in the same ASP btw, as long as you update the scripting engines (or maybe it was introduced in iis5's version... just use a script tag with a runat=server property to it, and jscript for the language... used this a lot when dealing with regexps and data that would wind up going to/from the browser for javascript, much nicer..

<script runat="server" language="jscript">
function jsescape(strIn) {
return escape(strIn);
}

function jsunescape(strIn) {
return unescape(strIn);
}
</script>

that was probably my most used thing... playing with regular expressions was another... what was really nice, if you want to pass a recordset to js, you could use the getstring function for the adorecordset, and use uncommon/unlikely characters for row/column separators, this combined with jsescape on the browser var myclientjs = unescape("");

There's plenty of other examples where jscript is far superior to vbscript in classic asp. iirc, much of the internal MS development in ASP was in jscript, I looked at a lot of the MS released asp projects (outlook web, ms project web, interdev's asp controls, etc) and a lot of it was all in jscript...

Re:Just what I wanted!

[Maian]

Although this is probably premature, the target attribute still remains and isn't deprecated in a href="http://www.w3.org/TR/2005/WD-xhtml2-20050527 /mod-hyperAttributes.html" the latest XHTML 2.0 working draft. And it's in the hypertext module, which also defines the href attribute, so it can hardly be called "transitional".

Re:Just what I wanted!

[Maian]

Oops...
working link

Re:JavaSuck?

[DrSkwid]

thanks, that's interesting.

Ruby says that they can be real languages

[leonbrooks]

Ruby would be beyond cool as a default scripting language for web browsers. It's small and light, and seems to do everything else pretty well.

Re:Ruby says that they can be real languages

[Tablizer]

Ruby would be beyond cool as a default scripting language for web browsers. It's small and light, and seems to do everything else pretty well.

The way it uses white space for indentation is troubling in a web invironment.

That's actually quite easily doable

[leonbrooks]

After all, you have the source to numerous web browsers written in C. Just add a rolloversrc attribute to the img tag.

Not supported in MSIE, of course, unless you happen to be on their developer team. (-:

Re:obfuscated code as a feature?!?!

[timbo234]

Wow, well I don't know much about phonetics but I do know that in Australia we're taught, and pronounce it, as 'ridiculous'. Ie. with the 'rid' bit pronounced like you'd say 'rid' in "get rid of it", not "get red of it". Maybe its an American thing, I dunno.

Re:obfuscated code as a feature?!?!

[jonadab]

> Wow, well I don't know much about phonetics but I do know that in Australia
> we're taught, and pronounce it, as 'ridiculous'. Ie. with the 'rid' bit
> pronounced like you'd say 'rid' in "get rid of it", not "get red of it".

More like "get reed of it", as if it were spelled "rediculous", with the e long (since only one consonant separates it from the next vowel). It usually comes out a little less distinct than "reed", though, due to the emphasis' generally being placed on the second syllable, so that it has more in common, pronunciation-wise, with "redecorate", "reduplicate", or "redundant".

If the i were pronounced like the e in red, that would be really bizarre (although there are stranger things in the English language). I've heard a number of different accents, most of them American (but a couple of others), and as far as I am aware the first i in ridiculous, as far as I'm aware, is always pronounced with the Latin long i sound, like the e in regard or the i in pita (which follows the Latin phonetics because it's a quite recent import from a foreign language). I suspect this may be because pronouncing it like the i in "ride" (which is really a dipthong) would be too difficult, but, with only one consonant following, it wants a long sound. If it were pronounced with the short i sound as in rid, you'd expect it to be spelled riddiculous. (Not that all spelling and pronunciation in English are fully regular, or anything...)

I have had significant exposure to several Commonwealth accents, notably the mumbly one used by BBC commentators, but it is possible that I have missed hearing the word "ridiculous" pronounced in them.

On a side note, a word that caught be utterly by surprise recently, in terms of the spelling, is paraphernalia. I checked three dictionaries before I had myself convinced that was right. I am quite certain I have never *EVER* heard anyone pronounce it with two r sounds.

Re:obfuscated code as a feature?!?!

[timbo234]

People in Australia don't pronounce 'get reed of it'.

http://dictionary.reference.com/search?q=ridiculou s
http://dictionary.reference.com/search?q=rid
http://dictionary.reference.com/search?q=reed

Both ridiculous and rid have the same pronunciation for their rid part. According to the Pronunciation Key this is how you'd use the 'i' in 'pit'. Reed has a different pronunciation entirely which is given as being like 'bee' in the Key.

It looks to me like its an accent thing.