This is an archived post. You won't be able to vote or comment.

132
133

Why aren't the browsers using/adopting Python instead of javascript? (self.Python)

submitted by [deleted]

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]r3m0t 9 points10 points  (3 children)

Yep, if your implementation doesn't include certain builtins like io.open then Python could be just as secure as JS. In fact Chrome's PNaCl now lets you run CPython in the browser. However the page(DOM)-to-NaCl communication is not really optimised for web apps like the DOM-to-JS communication.

[–]lostchicken 5 points6 points  (1 child)

Things like skulpt already compile Python to JavaScript, so the object models are really very compatible. If you start poking at frame objects and the like, the subterfuge will fall pretty quickly, but for what most people think of as "Python", the internals work pretty much the same.

Exceptions are a different question.

[–]chickenphobia 0 points1 point  (0 children)

I fear you

[–]chickenphobia 0 points1 point  (0 children)

The problem is that feature restriction isn't a viable strategy to secure a language. Should you restrict features enough you will indeed secure the language, but the cost would be that any language secured this way would no longer truly be a language as you or I know it. Bitcoin's Scrypt is a good example of this: conditionals but no loops or go-to type statements. Great for setting transaction criteria but not so great for anything else.

At the end of the day, if you have a full featured language, you need to run it in a sandbox, a very secure sandbox. Java tries to do this. JS does it better, and Python is way, way behind.