couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Paul Joseph Davis (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (COUCHDB-1397) Function expressions, evals in SpiderMonkey
Date Fri, 03 Feb 2012 16:41:54 GMT

    [ https://issues.apache.org/jira/browse/COUCHDB-1397?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13199838#comment-13199838
] 

Paul Joseph Davis commented on COUCHDB-1397:
--------------------------------------------

Firstly, I'm not thinking of eval, I'm thinking of JS_CompileScript/JS_CompileUCScript which
is where this restriction is actually applied. Secondly, I didn't say transforms are out of
the question, I said they are heavily discouraged. The reason for discouraging them is because
they break shit as demonstrated by all the people that wrote in to tell me I broke shit with
the simple paren wrapping approach not to mention that this is the sort of engineering that
leads to SQL injection.

Just because it's the easy answer for some folks doesn't necessarily mean its the right call.
                
> Function expressions, evals in SpiderMonkey
> -------------------------------------------
>
>                 Key: COUCHDB-1397
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-1397
>             Project: CouchDB
>          Issue Type: Bug
>          Components: JavaScript View Server
>    Affects Versions: 1.2.1
>         Environment: All
>            Reporter: Jason Smith
>
> New SpiderMonkey releases do not eval() a sole anonymous function expression. That is
not a valid JavaScript statement, and so it is not a valid JavaScript script.
> COUCHDB-1302 addressed this for 1.1 and the 1.1.x branch. This ticket is for 1.2. (Sorry
to spam COUCHDB-1302. I saw "Unassigned" and read "Unresolved.")

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message