Security concerns: OGHAM SPACE MARK
David Starner
prosfilaes at gmail.com
Tue Jul 21 00:05:11 CDT 2015
It's a confusable. There's a lot of them in Unicode. Auditing source code
is hard, and if it's a concern, I suggest filtering out all non-ASCII
characters.
If you really think it's a concern, let's be specific; what do you mean
this kind of behavior in bank transactions? If you're worried about the
bank's JavaScript, you already have to trust code written for OS/360 that
the bank considers proprietary and to be keep deeply hidden, as if you
could read GOTO-laden PL/I anyway.
On Mon, Jul 20, 2015 at 8:49 AM "Jörg Knappen" <jknappen at web.de> wrote:
> I stumbled over a very strange snippet of javascript code, where an
> apparent
> minus sign is interpreted as a space here:
>
> http://stackoverflow.com/questions/31507143/why-does-2-40-equal-42
>
> Imagine such kind of behaviour in bank transactions ...
>
> --Jörg Knappen
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://unicode.org/pipermail/unicode/attachments/20150721/36638c01/attachment.html>
More information about the Unicode
mailing list