Apparently some browser developers like being able to tell whether a given method can be called from JS. It's weird; I like being able to tell whether a given method can call _into_ JS (because then it might explode your world), but haven't really cared about the other...
-
-
Replying to @really_bz @bz_moz
Both matter, for different reasons. Security may depend on some C++ method never being callable however indirectly from JS, no?
1 reply 0 retweets 2 likes
Replying to @BrendanEich
The person in question was pretty clearly mostly worried about direct calls.... But yes, if you have a "disable security" method it's good to prove that JS can't trigger it.
7:20 AM - 8 Aug 2019
0 replies
0 retweets
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.