|
Google parsing document.write()'s? by Acidus at 9:53 pm EDT, Jun 23, 2009 |
This could be interesting... |
|
RE: Google parsing document.write()'s? by Hijexx at 11:27 am EDT, Jun 24, 2009 |
Acidus wrote: This could be interesting...
Looks like putting munging logic in a separate .js is a workaround... for now. |
|
| |
RE: Google parsing document.write()'s? by Acidus at 4:25 pm EDT, Jun 24, 2009 |
Hijexx wrote: Acidus wrote: This could be interesting...
Looks like putting munging logic in a separate .js is a workaround... for now.
Email munging failing is only a mildly cool side effect of a much more fundamental issue. If this is true (and it might not be), its a sign that Google is toying with JavaScript execution, most likely in an effort to crawler the deeper, JavaScript-focus web apps of today. As someone who has spend 4 years or so writing tokenizers, parsers, interpreters, machine controlled dynamic execution logic, and static analysis frameworks for JavaScript, this is extremely interesting. There's an enormous amount of IP in that space, things that all fall in that stuff I love but cannot chat about box. I'd like to see how the PhD stud field that is Google R&D tackled some of these issues. |
|
| | |
RE: Google parsing document.write()'s? by Hijexx at 5:50 pm EDT, Jun 24, 2009 |
Acidus wrote: Hijexx wrote: Acidus wrote: This could be interesting...
Looks like putting munging logic in a separate .js is a workaround... for now.
Email munging failing is only an mildly cool side effect of a much more fundamental issue. If this is true (and it might not be), its a sign that Google is toying with JavaScript execution, most likely in an effort to crawler the deeper, JavaScript-focus web apps of today. As someone who has spend 4 years or so looking at writing tokenizers, parsers, interpreters, machine controlled dynamic execution logic, and static analysis frameworks for JavaScript, this is extremely interesting. There's an enormous amount of IP in that space, things that all fall in that stuff I love but cannot chat about box. I'd like to see how the PhD stud field that is Google R&D tackled some of these issues.
It irks me that JavaScript obfuscation is still such a problem to detect. The first security gateway SaaS vendor to really lick this problem on a distributed scale wins. I don't see throwing hardware at the problem as feasible for most IT orgs alone unless you're talking Google scale distributed deployments. |
|
|
|