[Mailman-Users] What would your dream Mailman web interface look like?
Jim Popovitch
jimpop at gmail.com
Thu Apr 9 14:55:33 CEST 2015
On Wed, Apr 8, 2015 at 9:07 PM, Steven D'Aprano <steve at pearwood.info> wrote:
> On Wed, Apr 08, 2015 at 09:29:23AM -0400, Jim Popovitch wrote:
>
>> So, you do want to see the HTML content before it is interpreted by
>> your computer? :-)
>
> As HTML is not executable code, "interpreted" is a misleading word to
> use. But taking it in the loosest possible way, no, of course not. I
> have no desire to see raw HTML content, I want my browser to render it,
> I never said differently.
HTML can load swf and jar files (which themselves are bytecode that
you can't easily interpret with the naked eye.)
>> Look, your JS vs HTML argument is cloudy at best. :-)
>
> I'm sorry that neither I, nor the existence of Javascript malware, have
> not been able to convince you that there is a large difference between
> rendering a HTML document and executing code.
Javascript malware pales in comparison to swf, jre, wmf, and ocx (oh
my!) payloads (all delivered via rich HTML...) but I'm not here to
convince you about the bigger security picture.
> I am happy for you to continue allowing Javascript to run in your
> browser, and you should be happy to allow me to disable it by default
> even if you think I'm being silly.
You are misinterpreting my remarks if you think I allow carte blanche
javascript, the truth is that I don't. All I've done is point out
that your obsession with .js apparently has no throttle for anything
rendered via pure HTML (or at least that's what you've indicated in
this thread ... "I want my browser to render it,", etc.)
> All I asked for is that Mailman's web UI should degrade gracefully
> when Javascript is turned off. Is that so wrong?
I agree 100% with that, but if there is some Mailman admin-side
javascript functionality that needs to run I'd be happy to whitelist
it in my browser. That said, I'm working on a simple FTS
Mailman+MongoDB search patch that absolutely requires Javascript for
query results (i.e. "Found 123 results matching 'query xzy'") as well
as continuous pagination (i.e.
while(obj&&obj.firstChild){obj2.appendChild(obj.firstChild)}) and
search suggestions... so I'm a bit more familiar with working with and
using javascript appropriately.
-Jim P.
More information about the Mailman-Users
mailing list