Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Maybe it's just me, but isn't JavaScript still looked down on? There's a reason languages are being written on top of it, and lots of frameworks to patch up the terrible usability of it. Just because it's popular doesn't mean it's great.


Yeah, somewhat. However, despite frameworks like Node, JavaScript is a client-side language. So even if you fuck up horribly with it, the damage you cause will be minimal. Not so with PHP.


JavaScript is commonly used for writing server software or even systems software nowadays.

Also, an exploitable XSS in your web application can be just as damaging as a server compromise.


Can XSS be used to drop your Users table?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: