Allowing arbitrary non-Ascii characters in programming languages will make it more difficult
to detect malicious code.
If the author really intends to deceive potential readers he will succeed.
Programming languages like JS should at least implement exclusion rules from the "Unicode Confusables Characters" list.
Otherwise such programming languages ought to be black-listed.
Albrecht.
Von: Unicode [mailto:unicode-bounces_at_unicode.org] Im Auftrag von "Jörg Knappen"
Gesendet: Montag, 20. Juli 2015 17:47
An: Unicode Public
Betreff: Security concerns: OGHAM SPACE MARK
I stumbled over a very strange snippet of javascript code, where an apparent
minus sign is interpreted as a space here:
http://stackoverflow.com/questions/31507143/why-does-2-40-equal-42
Imagine such kind of behaviour in bank transactions ...
--Jörg Knappen
Received on Tue Jul 21 2015 - 04:13:11 CDT
This archive was generated by hypermail 2.2.0 : Tue Jul 21 2015 - 04:13:11 CDT