domenic at domenicdenicola.com (2014-10-15T18:34:55.850Z)
On Fri, Oct 3, 2014 at 10:04 AM, Erik Arvidsson <erik.arvidsson at gmail.com> wrote: > I don't know why Waldemar thought this would be a security issue for > parseInt? I wasn't at that meeting and the notes do not cover that. The security concern was for validating user input and any reliance on the existing semantics being broken.
On Fri, Oct 3, 2014 at 10:04 AM, Erik Arvidsson <erik.arvidsson at gmail.com> wrote: > Number has always been able to handle the full NumericLiteral. In ES5.1 it > can handle '-1', '-0', '0xff', '0XFF', '1e2', '-1E-2', 'Infinity'. Breaking > that consistency was unwanted. > > This means that it is a change to existing semantics. We think we can get > away with it though. > > ES5.1: Number('0b10') === NaN > ES6: Number('0b10') === 2 > > I don't know why Waldemar thought this would be a security issue for > parseInt? I wasn't at that meeting and the notes do not cover that. > The security concern was for validating user input and any reliance on the existing semantics being broken. Rick -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20141003/2789b40b/attachment.html>