Thursday, January 18, 2007

Medireview

This is an oldy, but a goody.

Some years ago, Yahoo added a "security" feature to Yahoo mail. If you wrote a "rich text" (that is, HTML) email, Yahoo scans your email and changes certain words (like eval) that have special meaning to web browsers to more innoculous equivalents.

Unfortunately, they don't limit themselves to changing words in contexts where a web-browser will attempt to run them as code (such as within HTML script tags) but anywhere in your email, including embedded in words -- a clear case of simple-minded programming committing overkill for supposed "security".

And so medireview was born, from medieval.

While Yahoo won't reveal what words are replaced, tests show that at least the following replacements are made:

eval to review
mocha to espresso
expression to statement
javascript to java-script
livescript to live-script

More details here.

No comments: