Security concerns: OGHAM SPACE MARK

David Starner prosfilaes at
Tue Jul 21 00:05:11 CDT 2015

It's a confusable. There's a lot of them in Unicode. Auditing source code
is hard, and if it's a concern, I suggest filtering out all non-ASCII

If you really think it's a concern, let's be specific; what do you mean
this kind of behavior in bank transactions? If you're worried about the
bank's JavaScript, you already have to trust code written for OS/360 that
the bank considers proprietary and to be keep deeply hidden, as if you
could read GOTO-laden PL/I anyway.

On Mon, Jul 20, 2015 at 8:49 AM "Jörg Knappen" <jknappen at> wrote:

> I stumbled over a very strange snippet of javascript code, where an
> apparent
> minus sign is interpreted as a space here:
> Imagine such kind of behaviour in bank transactions ...
> --Jörg Knappen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Unicode mailing list