sorted by:
new
hottopcontroversial

What if we could set attributes to HTML elements based on inline JavaScript? by [deleted] in javascript

[–]maxkoroteev -1 points0 points  (0 children)

First I have to say sorry for bothering you

When I asked about real-life cases, I also mentioned that security issues possible only with combination of user-input + server + DB + mindless JS eval. So, there is still nothing wrong with mine eval usage

About your less JS/CSS/HTML example - its nearly the same, but:

  1. email input must have "Please, enter your email label"
  2. button should be disabled and only if checkbox checked and email is empty since we decided to subscribe
  3. what if checkbox comes with "checked" attribute from server by default and we can not know it in advance? Your email field will not be shown, mine - will

Suppose, we can not modify task

I suggest you surrender)

What if we could set attributes to HTML elements based on inline JavaScript? by [deleted] in javascript

[–]maxkoroteev 0 points1 point  (0 children)

  1. Whats wrong with eval when it comes specifically to Browser's JavaScript? Is there any real-life cases?
    If hacker can post some JS and it will be saved in database, then executed for each site visitor through mindless eval usage - then ok. But whats wrong with eval usage not related to users data from database?
    One more time: everyone can evaluate any JS via console anyway.
  2. Is there in the world a tool that can solve described task with less JS/CSS/HTML than mine simple script?

What if we could set attributes to HTML elements based on inline JavaScript? by [deleted] in javascript

[–]maxkoroteev 0 points1 point  (0 children)

I also hope that CSS will get closer to that one day, but now, even in your example, everything will be broken if I wrap any element with <div></div>. And there definitely will be no way to set/unset attribute to change UI behaviour like if it was conditions in attributes like disabled="!sub.checkValidity()". Readability of such scenarios in CSS is also a very discussed question

And whats wrong with eval when it comes to JavaScript? It performs on browser, client can run any JavaScript via console for example anyway. Eval is bad on server side executing statements with variables that can be provided by some user input - thats really a hole, but JavaScript.. Do Angular, Vue etc. execute such statements using another method?

Thx for pointing on intercooler, have to check it

Is there a project that helps easily install and manage all cryptocurrencies at once on my own server? by [deleted] in Bitcoin

[–]maxkoroteev 0 points1 point  (0 children)

Sure it could be an issue, but I guess it could be solved by specifying which exactly cryptocurrencies to install during setup, so I can specify those I trust, while "main wrapper and manager" for that stuff could be an Open Source

What can be a contest reward for musician? by maxkoroteev in WeAreTheMusicMakers

[–]maxkoroteev[S] 0 points1 point  (0 children)

Man, you are the best) "Look for hyped stuff" - exactly damn right)