AW: Security concerns: OGHAM SPACE MARK

Dreiheller, Albrecht albrecht.dreiheller at siemens.com
Tue Jul 21 04:12:00 CDT 2015


Allowing arbitrary non-Ascii characters in programming languages will make it more difficult
to detect malicious code.
If the author really intends to deceive potential readers he will succeed.

Programming languages like JS should at least implement exclusion rules from the "Unicode Confusables Characters" list.
Otherwise such programming languages ought to be black-listed.

Albrecht.

Von: Unicode [mailto:unicode-bounces at unicode.org] Im Auftrag von "Jörg Knappen"
Gesendet: Montag, 20. Juli 2015 17:47
An: Unicode Public
Betreff: Security concerns: OGHAM SPACE MARK

I stumbled over a very strange snippet of javascript code, where an apparent
minus sign is interpreted as a space here:

http://stackoverflow.com/questions/31507143/why-does-2-40-equal-42

Imagine such kind of behaviour in bank transactions ...

--Jörg Knappen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://unicode.org/pipermail/unicode/attachments/20150721/fc17c543/attachment.html>


More information about the Unicode mailing list