SoylentNews is people
SoylentNews
http://www.tomshardware.com/news/chrome-deprecates-pnacl-embraces-webassembly,34583.html
Google announced that its Portable Native Client (PNaCl) solution for making native code run inside the browser will be replaced by the new cross-browser web standard called WebAssembly.
Around the same time Google introduced Chrome OS in 2011, it also announced Native Client (NaCl), a sandboxing technology that runs native code inside the browser. This was initially supposed to make Chrome OS a little more useful offline compared to only running web apps that required an internet connection. Two years later, Google also announced PNaCl, which was a more portable version of NaCl that could work on ARM, MIPS, and x86 devices. NaCl, on the other hand, only worked on x86 chips.
Even though Google open sourced PNaCl, as part of the Chromium project, Mozilla ended up creating its own alternative called "asm.js," an optimized subset of JavaScript that could also compile to the assembly language. Mozilla thought that asm.js was far simpler to implement and required no API compatibility, as PNaCl did. As these projects seemed to go nowhere, with everyone promoting their own standard, the major browser vendors seem to have eventually decided on creating WebAssembly.
(Score: 2) by tibman on Saturday June 03 2017, @03:57AM (2 children)
That's not "no-script". That's no client script. There is still a web developer writing code to validate your comment, store it, and render the dynamic document. That's a long way away from the original quote "the question remains why the web is anything more than a document system". You'd have to redefine document to mean anything rendered to the screen.
I totally agree that the current state of chat really sucks. I remember when people were using libaim and similar libraries to write their own chat client that communicated over open-ish protocols.
SN won't survive on lurkers alone. Write comments.
(Score: 2) by frojack on Saturday June 03 2017, @04:57PM
Well DUH!.
The thread started with a condemnation of the practice of foisting all manor processes to run on the client side.
Client side scripting is, after all, the root of all hacks. Sandboxes have been historically a majestic failure as each successive pwn2own proves over and over again.
We've been doing this stuff for going on to 30 years now, and it has gotten progressively more risky each year. Not just because the stakes got higher (on line banking, remote control of machinery, etc), but also because the attack vectors are expanding with each new gotta-have feature, and each new browser plugin.
Serious browser induced exploit announcements use to occur maybe once a year. Now they are revealed once a month.
Yet we continue to add stupid extensions to browsers. Now my browser can manipulate to my blue tooth. Who ever thought that was a good idea deserves a 38 caliber vasectomy.
No, you are mistaken. I've always had this sig.
(Score: 2) by JNCF on Saturday June 03 2017, @05:24PM
In this context, the term "NoScript" [wikipedia.org] is just concerned with the client.
The distinction being drawn is whether or not there is arbitrary logic happening in the browser. You can have an embedded video and still be "just a document," if your video is embedded using a DOM element. If you roll your own video player, that's "more." You can deliver a document with comment boxes and submit buttons, and as long as they're only making requests which redirect the browser the original page is still "just" a document. If there's a client-side script involved in processing the form data it becomes "more."