- From: Wysebee <zxu@wysebee.com>
- Date: Thu, 15 Jun 2023 15:22:02 -0400
- To: Paul Belfanti <pbelfanti@gmail.com>
- Cc: public-publishingcg@w3.org
- Message-ID: <1bfb2ae6-f6ad-c4e0-c1dd-deaa6ee08817@wysebee.com>
Yeah, the "safer" here is more about the security concern of using javascript inside digital book (epub). For kids book or more interactive book (quiz book or so) it is essential to enable javascript. However javascript is a security concern and it is difficult to white list or black list in detail (for example let javascript inside epub to be able to reach certain backend server to provide learning process or storing score). Cheers, Zheng On 2023-06-15 11:00, Paul Belfanti wrote: > Zheng, > > What do you mean by "safer"? Are we talking protection against illegal > downloads? PII safety? Other? > > Best, > > *Paul* > > > On Wed, Jun 14, 2023 at 11:37 PM Wysebee <zxu@wysebee.com> wrote: > > Hey folks, > > > I found this js library https://github.com/NeilFraser/JS-Interpreter > could potentially provide a safer javascript runtime. > > It seems can let book only run whitelisted JS API defined by digital > book reading system. Hence, no unnecessary DOM manipulation, no > unnecessary web access. > > So I am thinking maybe this could be a good solution to provide > safer JS > runtime environment for interactive books such as Kids book. > > But also thinking to let digital books use something like this it > will > need some consensus from reading system about what functionality > to provide. > > > What do you think? Anyone interested in explore a little more? > > > Cheers, > > Zheng > > >
Received on Thursday, 15 June 2023 19:22:10 UTC