Last December 7th, Tom Liston, a Senior Security Consultant at Intelguardians, submitted a post to the Diary of the Internet Storm Center.
While I agree that the code was not very smart but what is particularly amusing (or annoying) about this post is that he refered to JavaScript as a “toy language” and JavaScript programmers as “wanna-be-big-boy-programmers”.
Has this guy seen what JavaScript can do? Does he not know the power of Firefox extensions completely written in JavaScript? For a Security Specialist, he seem a bit out of place running a “toy browser” called Internet Explorer. I know most professionals in this field use the big boy’s browsers: Firefox, Opera and Safari.
Turns out, it was the JavaScript jockey who wasn’t so clever. Dude…
if you’re out there and reading this, take some notes, ok? You can’t
access a string using array notation: “a[c]” doesn’t work. Here’s how
you fix it: you need to replace “a[c]” with “a.substr(c, 1)”
Now, it is safe to confirm that he is indeed using IE. Because he is correct, you cannot access a string using array notation in IE. It doesn’t necessarily mean that if something doesn’t run on your browser, it will fail in all other browsers because array notaion works perfectly with Firefox and Opera. Tried, tested and proven. 😛
Hey Abbi…
Just an FYI – I tagged you in a game of blog tag.
http://www.episteme.ca/index.php?/archives/196-Blog-Tag-Top-Ten-Security-Trends-for-2007.html
I figured you’d have an interesting perspective.
-Mike
Thanks, Mike! 🙂
I’ll be posting it soon. 🙂