I'm not a Javascript programmer, and I have a basic question about how
scripts may make use of libraries in Javascript. I thank everyone for
humouring me.
Do all of the libraries required by a script have to reside in the
host environment, or may a custom library be bundled with the script
itself?
I ask because I am trying to assess the significance of Alexander
Sotirov's <a href="http://www.determina.c om/security.resear ch/
presentations/bh-eu07/bh-eu07-sotirov-paper.html">Hea pLib </a>
library, which provides functionality for manipulating the IE heap.
The library makes it easier to run exploits against IE, but that won't
matter much if those exploits require that HeapLib be installed in the
target environment beforehand.
My thanks to anyone who can help clarify this point for me. 2  1516  cr***********@g mail.com wrote:
I'm not a Javascript programmer, and I have a basic question about how
scripts may make use of libraries in Javascript. I thank everyone for
humouring me.
Do all of the libraries required by a script have to reside in the
host environment, or may a custom library be bundled with the script
itself?
I ask because I am trying to assess the significance of Alexander
Sotirov's <a href="http://www.determina.c om/security.resear ch/
presentations/bh-eu07/bh-eu07-sotirov-paper.html">Hea pLib </a>
library, which provides functionality for manipulating the IE heap.
The library makes it easier to run exploits against IE, but that won't
matter much if those exploits require that HeapLib be installed in the
target environment beforehand.
My thanks to anyone who can help clarify this point for me.
After giving that URL a quick glance to make sure this "library" was not
in the form of an OCX, DLL, or other such binary file, my conclusion is
this:
Anytime a UA or browsing device accesses a web page that contains a
SCRIPT tag, and has JavaScript enabled in that device will immediately
load, and possibly execute whatever it finds included in the page.
SCRIPT tags are not like header files in C/C++. They are more akin to
includes in any of several server-side languages. Once included, then
accessed by the page that does the inclusion, the content of said
include (SCRIPT) is loaded into memory and utilized however the script
or code specifies.
I could be a little off in the semantics, but overall you should have
your answer.
--
-Lost
Remove the extra words to reply by e-mail. Don't e-mail me. I am
kidding. No I am not.
On Jun 5, 1:03 pm, -Lost <maventheextraw o...@techie.com wrote:
craig.burr...@g mail.com wrote:
I'm not a Javascript programmer, and I have a basic question about how
scripts may make use of libraries in Javascript. I thank everyone for
humouring me.
Do all of the libraries required by a script have to reside in the
host environment, or may a custom library be bundled with the script
itself?
I ask because I am trying to assess the significance of Alexander
Sotirov's <a href="http://www.determina.c om/security.resear ch/
presentations/bh-eu07/bh-eu07-sotirov-paper.html">Hea pLib </a>
library, which provides functionality for manipulating the IE heap.
The library makes it easier to run exploits against IE, but that won't
matter much if those exploits require that HeapLib be installed in the
target environment beforehand.
My thanks to anyone who can help clarify this point for me.
After giving that URL a quick glance to make sure this "library" was not
in the form of an OCX, DLL, or other such binary file, my conclusion is
this:
Anytime a UA or browsing device accesses a web page that contains a
SCRIPT tag, and has JavaScript enabled in that device will immediately
load, and possibly execute whatever it finds included in the page.
SCRIPT tags are not like header files in C/C++. They are more akin to
includes in any of several server-side languages. Once included, then
accessed by the page that does the inclusion, the content of said
include (SCRIPT) is loaded into memory and utilized however the script
or code specifies.
I could be a little off in the semantics, but overall you should have
your answer.
--
-Lost
Remove the extra words to reply by e-mail. Don't e-mail me. I am
kidding. No I am not.
Thank you. That does help to clarify my question. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Matt Kruse |
last post by:
Since this topic has come up several times in other threads, I thought I'd
make a separate thread and gather opinions from (hopefully) a more varied
range of newsgroup participants.
What are your thoughts on the development and use of generalized, reusable
javascript libraries?
Discussion points:
1) Is the overhead of a 25k (for example) .js file too much for a typical
|
by: Matt Silberstein |
last post by:
Are there any good qualities libraries out there, free or for
"reasonable" cost?
--
Matt Silberstein
Do something today about the Darfur Genocide
http://www.beawitness.org
|
by: MikeB |
last post by:
I've been all over the net with this question, I hope I've finally
found a group where I can ask about Visual Basic 2005.
I'm at uni and we're working with Visual Basic 2005. I have some books,
- Programming Visual Basic by Balena (MS Press) and
- Visual Basic 2005 by Willis (WROX),
but they don't go into the forms design aspects and describing the
various controls at all. What bookscan I get that will cover that?
|
by: bjarne.herland |
last post by:
Greetings.
My company makes a tool which generates (among other things) PHP
client-side bindings to WebServices. We have also implemented a
collection of PHP-code required by these bindings ("runtime
libraries"). Our tool creates a file containing the PHP-bindings, but
the runtime libraries should also be placed somewhere where it will be
picked up by the PHP-engine.
Is there a common/standard way or to do this in the PHP-community? I...
|
by: walterbyrd |
last post by:
With PHP, libraries, apps, etc. to do basic CRUD are everywhere. Ajax
and non-Ajax solutions abound.
With Python, finding such library, or apps. seems to be much more
difficult to find.
I thought django might be a good way, but I can not seem to get an
answer on that board.
I would like to put together a CRUD grid with editable/deletable/
| | |
by: pedrito |
last post by:
I have a regex question and it never occurred to me to ask here, until I saw
Jesse Houwing's quick response to Phil for his Regex question.
I have some filenames that I'm trying to parse out of URLs.
(href=("|')http://.www\.thesite\.com/.{1,7}/)(?<filename>.)
This generally works, but the problem is some of the image files have
..th.jpg at the end to indicate thumbnails. I want to exclude those. I just
want the ones that don't have...
|
by: Benjamin |
last post by:
Hello, I'm writing a Python/PyQt application. For my Mac distribution.
I would like to include all the needed libraries in the Mac bundle.
How should I go about doing this?
|
by: Randall Smith |
last post by:
I'd like to bundle Python with my app, which will be targeted at Linux,
Windows and Mac. Discussions I've found about this tend to lead to
py2exe, freeze, etc, but I'd like to do something rather simple and am
seeking advice.
What I'd like to do is just copy the standard libraries and
executable(s) and adjust the paths in the environment variables. The
libraries and executable(s) would reside in the same directory with the
application...
|
by: Newbie |
last post by:
Hi,
I am just starting to learn to use XML, so this is a really basic question.
I have managed to write my XML document to disk, and now want to read it
back, and get the values from the XML file. My XML file is at the bottom. I
am assuming that its correct (but I could be wrong)
What I want to be able to do is just get parts of the xml document, for
example I only want to get the fields for the content type 'sample1' (the
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| | |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
| | |
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
