Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #103888

Re: Speaking of Javascript [was Re: Everything good about Python except GUI IDE?]

Path csiph.com!fu-berlin.de!uni-berlin.de!not-for-mail
From Chris Angelico <rosuav@gmail.com>
Newsgroups comp.lang.python
Subject Re: Speaking of Javascript [was Re: Everything good about Python except GUI IDE?]
Date Thu, 3 Mar 2016 04:46:48 +1100
Lines 21
Message-ID <mailman.107.1456940817.20602.python-list@python.org> (permalink)
References <64a6599c-fae1-469d-bcee-875165b3cc7d@googlegroups.com> <mailman.172.1456574862.20994.python-list@python.org> <56d294f8$0$1604$c3e8da3$5496439d@news.astraweb.com> <naupig$upg$1@dont-email.me> <234a398e-1b0f-467b-a8cb-d7ca748f8062@googlegroups.com> <naur90$58b$1@dont-email.me> <84922f24-3e00-4a23-b26d-5e6c0d8e7e04@googlegroups.com> <87y4a5c58i.fsf@elektro.pacujo.net> <e805ec03-82dd-40bc-9a44-344620d435a9@googlegroups.com> <87twksdg9c.fsf@elektro.pacujo.net> <ioi7dbtldo5fej0i41gugcv0pa9pj04j58@4ax.com> <87d1rgca58.fsf@elektro.pacujo.net> <c0c563c0-1caf-4d3b-93f8-c62db864b5a3@googlegroups.com> <87h9grorcb.fsf@elektro.pacujo.net> <mailman.4.1456734787.20602.python-list@python.org> <56d5c6fa$0$1595$c3e8da3$5496439d@news.astraweb.com> <mailman.75.1456855654.20602.python-list@python.org> <56d64e83$0$1588$c3e8da3$5496439d@news.astraweb.com> <56d71d5f$0$1619$c3e8da3$5496439d@news.astraweb.com>
Mime-Version 1.0
Content-Type text/plain; charset=UTF-8
X-Trace news.uni-berlin.de owEClBhjpzwg1NC6hJQ5YwEiv76rcdn1bIlH3KfMi6bQ==
Return-Path <rosuav@gmail.com>
X-Original-To python-list@python.org
Delivered-To python-list@mail.python.org
X-Spam-Status OK 0.028
X-Spam-Evidence '*H*': 0.94; '*S*': 0.00; 'received:209.85.223': 0.03; 'subject:Python': 0.05; 'cc:addr:python-list': 0.09; 'url:blog': 0.10; 'subject: \n ': 0.15; 'thu,': 0.15; '2016': 0.16; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'received:io': 0.16; 'received:psf.io': 0.16; 'subject:GUI': 0.16; 'subject:Javascript': 0.16; 'yay': 0.16; 'wrote:': 0.16; 'cc:2**0': 0.20; 'cc:addr:python.org': 0.20; 'fix': 0.21; 'controlled': 0.22; 'url:02': 0.22; 'am,': 0.23; 'header:In-Reply- To:1': 0.24; 'message-id:@mail.gmail.com': 0.27; 'declared': 0.29; 'subject: [': 0.29; "i'm": 0.30; "d'aprano": 0.33; 'steven': 0.33; 'gets': 0.35; 'received:google.com': 0.35; "isn't": 0.35; 'but': 0.36; 'there': 0.36; 'received:209.85': 0.36; 'subject:: ': 0.37; 'say': 0.37; 'received:209': 0.38; 'save': 0.60; 'real': 0.62; 'listings': 0.63; 'more': 0.63; 'here:': 0.63; 'mar': 0.65; '"oh,': 0.84; 'chrisa': 0.84; 'ebay': 0.84; 'listings,': 0.84; 'subject:good': 0.84; 'url:2016': 0.84; 'vulnerable': 0.84; 'to:none': 0.91
DKIM-Signature v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:cc; bh=w78LUibBDcMaG/cMC5A5x5VsLM2vFE2hl0dcptDve1Q=; b=cxNjUXeyCOdCwh0bkLqihixXkElKE6uYnikL8Trbptp9h0BmxI+OpWocZfQqOK63QF 0B5xEQR3PPv/UY3V696i+0PusoDG6sSRCj0HQ69e5VPoWG278lz8dgFxAbykrrDWZgxV qIaLLfMPmgULnIdAQQOCQndlJXs9W1kpZLwXWjZM9PmficfHtZ6LwOdfu7g5irnG38aQ u5uMFG7JGpZpM3HNqleq0jp4yeQ51+uFSoDTGuQxdvm6ooxvGvqoIMJolsJqCjZNSVnP sMkL+GU11BvCQDbA/BMoRWadtlIFBwFylepYYzB5lfOzGifkFrIqpfzDSQF75UBHcPNe romg==
X-Google-DKIM-Signature v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:cc; bh=w78LUibBDcMaG/cMC5A5x5VsLM2vFE2hl0dcptDve1Q=; b=bW0sY9SXur3aMwuU3Fs+qzRcilYRa0lJ1aYXqUAvujKRCXPzQpQefY/Zabaq3SiZZ4 tg19RwhUWUhZs+B5O/myABOyPmNTAWD+rkCM2uABO4tioRtBBjF0qwwexXnAXHToVWfs NC4PcExRvH36Xh8F4rCEP8Kl6ZiNitaBL5FEJ1VfFpvGsaL5rEnDcDEVjSmtiGh1rZul G4Ih3xoI8983IvL21xN07CzgysgPZUbzvhVnOddG3E4RD7VtAdqCkOIHAE1G6jEOQKGL Mt2n63XCKloHe07Pa1RD5PkHVEC07b331n6xueK3IhXQosVbNJ9VX/EMF5NUXRn8gvwp XBVQ==
X-Gm-Message-State AG10YOQwwbOA6AwnI660y+MSiop21T3hRjiFF7ZwnMdyM0CJdGEwHMuLsjSA6tQ/EKJWGVrq2UYf30LSaFdyAw==
X-Received by 10.107.158.20 with SMTP id h20mr31008337ioe.31.1456940808268; Wed, 02 Mar 2016 09:46:48 -0800 (PST)
In-Reply-To <56d71d5f$0$1619$c3e8da3$5496439d@news.astraweb.com>
X-BeenThere python-list@python.org
X-Mailman-Version 2.1.21
Precedence list
List-Id General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive <http://mail.python.org/pipermail/python-list/>
List-Post <mailto:python-list@python.org>
List-Help <mailto:python-list-request@python.org?subject=help>
List-Subscribe <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Xref csiph.com comp.lang.python:103888

Show key headers only | View raw

On Thu, Mar 3, 2016 at 4:05 AM, Steven D'Aprano <steve@pearwood.info> wrote:
> Speaking of Javascript exploits:
>
> http://thedailywtf.com/articles/bidding-on-security
>
>
> This is a real exploit, and Ebay have refused to fix it. Yay them!
>
> More here:
>
> http://blog.checkpoint.com/2016/02/02/ebay-platform-exposed-to-severe-vulnerability/

To be fair, this isn't a JS exploit; it's a trusting-of-trust issue -
eBay has declared that you can trust them to sanitize their sellers'
listings, and so you trust eBay, but this exploit gets past the
filter. You're no more vulnerable looking at one of those listings
than you would be going to a web site entirely controlled by the
attacker, save that (particularly on mobile devices) there are a lot
of people out there who'll say "Oh, it'e eBay, I'm safe".

ChrisA

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Everything good about Python except GUI IDE? wrong.address.1@gmail.com - 2016-02-27 03:18 -0800
  Re: Everything good about Python except GUI IDE? Steven D'Aprano <steve@pearwood.info> - 2016-02-27 22:36 +1100
  Re: Everything good about Python except GUI IDE? Rustom Mody <rustompmody@gmail.com> - 2016-02-27 04:02 -0800
  Re: Everything good about Python except GUI IDE? Chris Angelico <rosuav@gmail.com> - 2016-02-27 23:07 +1100
    Re: Everything good about Python except GUI IDE? Steven D'Aprano <steve@pearwood.info> - 2016-02-28 17:34 +1100
      Re: Everything good about Python except GUI IDE? Rustom Mody <rustompmody@gmail.com> - 2016-02-27 23:39 -0800
        Re: Everything good about Python except GUI IDE? Chris Angelico <rosuav@gmail.com> - 2016-02-28 19:49 +1100
      Re: Everything good about Python except GUI IDE? Chris Angelico <rosuav@gmail.com> - 2016-02-28 19:44 +1100
        Re: Everything good about Python except GUI IDE? Rustom Mody <rustompmody@gmail.com> - 2016-02-28 02:25 -0800
          Re: Everything good about Python except GUI IDE? Chris Angelico <rosuav@gmail.com> - 2016-02-28 21:34 +1100
            Re: Everything good about Python except GUI IDE? Gordon Levi <gordon@address.invalid> - 2016-02-29 00:08 +1100
              Re: Everything good about Python except GUI IDE? Rustom Mody <rustompmody@gmail.com> - 2016-02-28 05:13 -0800
                Re: Everything good about Python except GUI IDE? Gordon Levi <gordon@address.invalid> - 2016-02-29 00:24 +1100
                Re: Everything good about Python except GUI IDE? Rustom Mody <rustompmody@gmail.com> - 2016-02-28 05:49 -0800
                Re: Everything good about Python except GUI IDE? Chris Warrick <kwpolska@gmail.com> - 2016-02-28 15:00 +0100
                Re: Everything good about Python except GUI IDE? Rustom Mody <rustompmody@gmail.com> - 2016-02-28 06:11 -0800
                Re: Everything good about Python except GUI IDE? Chris Warrick <kwpolska@gmail.com> - 2016-02-28 15:26 +0100
                Re: Everything good about Python except GUI IDE? Rustom Mody <rustompmody@gmail.com> - 2016-02-28 08:50 -0800
                Re: Everything good about Python except GUI IDE? Steven D'Aprano <steve@pearwood.info> - 2016-02-29 11:39 +1100
                Re: Everything good about Python except GUI IDE? Chris Angelico <rosuav@gmail.com> - 2016-02-29 11:54 +1100
                Re: Everything good about Python except GUI IDE? Ben Finney <ben+python@benfinney.id.au> - 2016-02-29 12:05 +1100
                Re: Everything good about Python except GUI IDE? Chris Angelico <rosuav@gmail.com> - 2016-02-29 12:13 +1100
                Lineendings (was Everything good about Python except GUI IDE?) Rustom Mody <rustompmody@gmail.com> - 2016-02-28 17:39 -0800
                Re: Lineendings (was Everything good about Python except GUI IDE?) Chris Angelico <rosuav@gmail.com> - 2016-02-29 12:49 +1100
                Re: Lineendings (was Everything good about Python except GUI IDE?) Rustom Mody <rustompmody@gmail.com> - 2016-02-28 17:55 -0800
                Re: Lineendings (was Everything good about Python except GUI IDE?) Chris Angelico <rosuav@gmail.com> - 2016-02-29 13:02 +1100
                Re: Lineendings (was Everything good about Python except GUI IDE?) Rustom Mody <rustompmody@gmail.com> - 2016-02-28 18:08 -0800
                Re: Lineendings (was Everything good about Python except GUI IDE?) Ben Finney <ben+python@benfinney.id.au> - 2016-02-29 13:35 +1100
                Re: Lineendings (was Everything good about Python except GUI IDE?) Rustom Mody <rustompmody@gmail.com> - 2016-02-28 20:48 -0800
                Re: Everything good about Python except GUI IDE? Mark Lawrence <breamoreboy@yahoo.co.uk> - 2016-02-28 17:09 +0000
                Re: Everything good about Python except GUI IDE? Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2016-02-28 11:56 -0500
                Re: Everything good about Python except GUI IDE? Gordon Levi <gordon@address.invalid> - 2016-03-02 20:44 +1100
        Re: Everything good about Python except GUI IDE? Steven D'Aprano <steve@pearwood.info> - 2016-02-28 23:50 +1100
          Re: Everything good about Python except GUI IDE? Chris Angelico <rosuav@gmail.com> - 2016-02-29 04:53 +1100
            Re: Everything good about Python except GUI IDE? Steven D'Aprano <steve@pearwood.info> - 2016-02-29 13:22 +1100
              Re: Everything good about Python except GUI IDE? Gregory Ewing <greg.ewing@canterbury.ac.nz> - 2016-02-29 17:40 +1300
      Re: Everything good about Python except GUI IDE? "Sven R. Kunze" <srkunze@mail.de> - 2016-02-28 13:23 +0100
      Re: Everything good about Python except GUI IDE? BartC <bc@freeuk.com> - 2016-02-28 12:38 +0000
        Re: Everything good about Python except GUI IDE? Rustom Mody <rustompmody@gmail.com> - 2016-02-28 04:54 -0800
          Re: Everything good about Python except GUI IDE? BartC <bc@freeuk.com> - 2016-02-28 13:07 +0000
            Re: Everything good about Python except GUI IDE? Rustom Mody <rustompmody@gmail.com> - 2016-02-28 05:20 -0800
              Re: Everything good about Python except GUI IDE? Marko Rauhamaa <marko@pacujo.net> - 2016-02-28 15:51 +0200
                Re: Everything good about Python except GUI IDE? Rustom Mody <rustompmody@gmail.com> - 2016-02-28 06:03 -0800
                Re: Everything good about Python except GUI IDE? BartC <bc@freeuk.com> - 2016-02-28 14:29 +0000
                Re: Everything good about Python except GUI IDE? Steven D'Aprano <steve@pearwood.info> - 2016-02-29 11:49 +1100
                Re: Everything good about Python except GUI IDE? BartC <bc@freeuk.com> - 2016-02-29 11:56 +0000
                Re: Everything good about Python except GUI IDE? Terry Reedy <tjreedy@udel.edu> - 2016-02-28 19:49 -0500
                Re: Everything good about Python except GUI IDE? Marko Rauhamaa <marko@pacujo.net> - 2016-02-28 17:08 +0200
                Re: Everything good about Python except GUI IDE? Rustom Mody <rustompmody@gmail.com> - 2016-02-28 08:41 -0800
                Re: Everything good about Python except GUI IDE? Marko Rauhamaa <marko@pacujo.net> - 2016-02-28 23:38 +0200
                Re: Everything good about Python except GUI IDE? Gordon Levi <gordon@address.invalid> - 2016-02-29 15:47 +1100
                Re: Everything good about Python except GUI IDE? Marko Rauhamaa <marko@pacujo.net> - 2016-02-29 08:18 +0200
                Re: Everything good about Python except GUI IDE? Rustom Mody <rustompmody@gmail.com> - 2016-02-28 23:20 -0800
                Re: Everything good about Python except GUI IDE? Chris Angelico <rosuav@gmail.com> - 2016-02-29 19:20 +1100
                Re: Everything good about Python except GUI IDE? Marko Rauhamaa <marko@pacujo.net> - 2016-02-29 10:37 +0200
                Re: Everything good about Python except GUI IDE? Grant Edwards <invalid@invalid.invalid> - 2016-02-29 15:43 +0000
                Re: Everything good about Python except GUI IDE? Chris Angelico <rosuav@gmail.com> - 2016-03-01 03:17 +1100
                Re: Everything good about Python except GUI IDE? Grant Edwards <invalid@invalid.invalid> - 2016-02-29 18:17 +0000
                Re: Everything good about Python except GUI IDE? Chris Angelico <rosuav@gmail.com> - 2016-03-01 05:31 +1100
                Re: Everything good about Python except GUI IDE? Marko Rauhamaa <marko@pacujo.net> - 2016-02-29 10:25 +0200
                Re: Everything good about Python except GUI IDE? Chris Angelico <rosuav@gmail.com> - 2016-02-29 19:33 +1100
                Re: Everything good about Python except GUI IDE? Marko Rauhamaa <marko@pacujo.net> - 2016-02-29 10:46 +0200
                Re: Everything good about Python except GUI IDE? Steven D'Aprano <steve@pearwood.info> - 2016-03-02 03:44 +1100
                Re: Everything good about Python except GUI IDE? Chris Angelico <rosuav@gmail.com> - 2016-03-02 05:07 +1100
                Re: Everything good about Python except GUI IDE? Steven D'Aprano <steve@pearwood.info> - 2016-03-02 13:22 +1100
                Speaking of Javascript [was Re: Everything good about Python except GUI IDE?] Steven D'Aprano <steve@pearwood.info> - 2016-03-03 04:05 +1100
                Re: Speaking of Javascript [was Re: Everything good about Python except GUI IDE?] Chris Angelico <rosuav@gmail.com> - 2016-03-03 04:46 +1100
                Re: Speaking of Javascript [was Re: Everything good about Python except GUI IDE?] Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-03-02 18:29 +0000
                Re: Speaking of Javascript [was Re: Everything good about Python except GUI IDE?] Chris Angelico <rosuav@gmail.com> - 2016-03-03 07:55 +1100
                Re: Speaking of Javascript [was Re: Everything good about Python except GUI IDE?] Jon Ribbens <jon+usenet@unequivocal.co.uk> - 2016-03-02 22:01 +0000
                Re: Everything good about Python except GUI IDE? Terry Reedy <tjreedy@udel.edu> - 2016-02-29 21:33 -0500
                Re: Everything good about Python except GUI IDE? Chris Angelico <rosuav@gmail.com> - 2016-03-01 15:31 +1100
                Re: Everything good about Python except GUI IDE? Gordon Levi <gordon@address.invalid> - 2016-03-02 20:44 +1100
                Re: Everything good about Python except GUI IDE? Marko Rauhamaa <marko@pacujo.net> - 2016-03-02 13:57 +0200
                Re: Everything good about Python except GUI IDE? Steven D'Aprano <steve@pearwood.info> - 2016-02-29 11:14 +1100
            Re: Everything good about Python except GUI IDE? Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2016-02-28 12:08 -0500
        Re: Everything good about Python except GUI IDE? Steven D'Aprano <steve@pearwood.info> - 2016-03-02 03:35 +1100
          Re: Everything good about Python except GUI IDE? Marko Rauhamaa <marko@pacujo.net> - 2016-03-01 20:06 +0200
            Re: Everything good about Python except GUI IDE? wxjmfauth@gmail.com - 2016-03-01 11:30 -0800
              Re: Everything good about Python except GUI IDE? wxjmfauth@gmail.com - 2016-03-01 11:39 -0800
            Re: Everything good about Python except GUI IDE? Steven D'Aprano <steve@pearwood.info> - 2016-03-02 12:51 +1100
              Re: Everything good about Python except GUI IDE? Chris Angelico <rosuav@gmail.com> - 2016-03-02 13:15 +1100
              Re: Everything good about Python except GUI IDE? Marko Rauhamaa <marko@pacujo.net> - 2016-03-02 07:41 +0200
                Re: Everything good about Python except GUI IDE? Chris Angelico <rosuav@gmail.com> - 2016-03-02 16:58 +1100
                Re: Everything good about Python except GUI IDE? Marko Rauhamaa <marko@pacujo.net> - 2016-03-02 10:20 +0200
                Re: Everything good about Python except GUI IDE? Christian Gollwitzer <auriocus@gmx.de> - 2016-03-02 23:00 +0100
                Re: Everything good about Python except GUI IDE? Marko Rauhamaa <marko@pacujo.net> - 2016-03-03 00:36 +0200
      Re: Everything good about Python except GUI IDE? Dietmar Schwertberger <maillist@schwertberger.de> - 2016-02-28 13:38 +0100
        Re: Everything good about Python except GUI IDE? cl@isbd.net - 2016-02-28 12:52 +0000
          Re: Everything good about Python except GUI IDE? Dietmar Schwertberger <maillist@schwertberger.de> - 2016-02-28 14:19 +0100
      Re: Everything good about Python except GUI IDE? Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2016-02-28 12:03 -0500
      Re: Everything good about Python except GUI IDE? Dietmar Schwertberger <maillist@schwertberger.de> - 2016-02-28 18:41 +0100
  Re: Everything good about Python except GUI IDE? BartC <bc@freeuk.com> - 2016-02-27 13:35 +0000
  Re: Everything good about Python except GUI IDE? MWS <miragewebstudio12@gmail.com> - 2016-02-27 20:05 +0530
  Re: Everything good about Python except GUI IDE? Dietmar Schwertberger <maillist@schwertberger.de> - 2016-02-27 15:20 +0100
    Re: Everything good about Python except GUI IDE? wrong.address.1@gmail.com - 2016-02-27 10:13 -0800
      Re: Everything good about Python except GUI IDE? Chris Angelico <rosuav@gmail.com> - 2016-02-28 05:29 +1100
      Re: Everything good about Python except GUI IDE? Marko Rauhamaa <marko@pacujo.net> - 2016-02-27 20:35 +0200
      Re: Everything good about Python except GUI IDE? Dietmar Schwertberger <maillist@schwertberger.de> - 2016-02-27 19:51 +0100
      Re: Everything good about Python except GUI IDE? Dietmar Schwertberger <maillist@schwertberger.de> - 2016-02-28 00:20 +0100
      Re: Everything good about Python except GUI IDE? Gordon Levi <gordon@address.invalid> - 2016-02-28 16:49 +1100
      Re: Everything good about Python except GUI IDE? Sibylle Koczian <nulla.epistola@web.de> - 2016-02-28 11:46 +0100
      Re: Everything good about Python except GUI IDE? Virgil Stokes <vs@it.uu.se> - 2016-02-28 12:26 +0100
      Re: Everything good about Python except GUI IDE? Sibylle Koczian <nulla.epistola@web.de> - 2016-02-28 11:46 +0100
      Re: Everything good about Python except GUI IDE? mm0fmf <none@invalid.com> - 2016-02-28 18:47 +0000
        Re: Everything good about Python except GUI IDE? Dietmar Schwertberger <maillist@schwertberger.de> - 2016-02-28 20:09 +0100
      Re: Everything good about Python except GUI IDE? Michael Torrie <torriem@gmail.com> - 2016-02-28 18:24 -0700
      Re: Everything good about Python except GUI IDE? Mike S <mscir@yahoo.com> - 2016-03-02 23:27 -0800
  Re: Everything good about Python except GUI IDE? Marco Kaulea <marco.kaulea@gmail.com> - 2016-02-27 18:57 +0100
  Re: Everything good about Python except GUI IDE? Anthony Papillion <anthony@cajuntechie.org> - 2016-02-27 13:45 -0600
  Re: Everything good about Python except GUI IDE? Mark Lawrence <breamoreboy@yahoo.co.uk> - 2016-02-27 20:52 +0000
  Re: Everything good about Python except GUI IDE? MRAB <python@mrabarnett.plus.com> - 2016-02-27 21:35 +0000
  Re: Everything good about Python except GUI IDE? Mike <termim@gmail.com> - 2016-03-01 19:46 -0800

csiph-web