Web Assembly has reached the browser preview milestone. This means that popular web browsers will soon ship support for it.
What is web assembly? Web assembly means that instead of having to run a script in JavaScript on the browser, you instead run assembly code which is in a common instruction set that browsers can decode.
Why is this useful? Instead of having to use JS on a web browser, you can compile C, C++, CPython, and other languages to a format that can execute in a web browser. Make scripts for a website in any language you want!
Doesn't this mean that browsers can run arbitrary compiled code on your web browser? Isn't that a huge security risk?
Grayson Watson
delet this
Matthew Reyes
I can't wait to write super easy exploits and get in people's devices, nice
William Harris
>ActiveX sage
Lincoln Anderson
kek samefag fail
Kevin Kelly
I'm also concerned about this Isn't assembly harder for third parties to audit for security?
Aaron Nelson
It's not actual assembly. It seems it is actual bytecode, though, which means they will have to run some verifications on it. Hopefully that doesn't kill loading times in the end...
Evan Myers
it is.
Besides this, webassembly only replaces JS with something more aggressive. This means, it is shit anyways.
Joseph Diaz
>Besides this, webassembly only replaces JS with something more aggressive. This means, it is shit anyways.
I don't follow.
Kayden Fisher
Is it possible to run verifications on bytecode to make sure that it doesn't do anything bad or access data in a harmful way?
Isaac Carter
You can already compile languages like sepples and python to js.
Tyler Rodriguez
No. It's a bytecode format that compilers can target. Think of it like pre-processed JavaScript. It skips the parsing and optimizing stages and is strongly and statically typed and thus faster.
Don't think it will actually replace JavaScript, though. It won't. The only thing webassembly can do in the browser is provide functions that run webassembly code. And those functions can only take numbers and return number. You want to do any kind of side effect, like attaching event listeners, doing XHRs, manipulate the DOM? You can't. Not from WebAssembly. You still need JS for that and you probably always will. As far as I know, not even strings are part of WebAssembly. Neither are objects. Web-Assembly functions take numbers and return numbers and they can't influence anything outside. It's great for muh games and other applications that rely on lots of calculations that need to be done fast, but worthless for the average website.
Andrew Sullivan
but why does it exist when JS is the best language
Benjamin Morales
>"""compiling""" languages to JS Why not just cut out the middleman?
Blake King
haram
Asher Barnes
As far as exploiting the VM is concerned, it should be possible, if you design the instruction set the right way. It's apparently far from trivial, though.
That's why I hoped earlier that it would actually store an AST, but the docs seem to imply otherwise.
Joseph Ortiz
No harder than minified JavaScript.
Lincoln White
And Typescript
Ahahahha, no
Wyatt Turner
You can easily de-minfy minified js. Hell, even chrome console can do it.
Samuel Bell
You can easily decompile Java too. What's your point?
Lincoln Harris
Congratulations, you know how to identify basic security risks!
John Collins
In the same way that javascript is. Webasm runs in the same sandbox as javascript. No net gain or loss as far as security, just trading one language for another.
Java applets were awesome as today there is no better game them runescape
Bentley Watson
>Java applets were awesome Also insecure in the way of
Jackson Mitchell
I still play runescape sometimes.
William Perry
I believe this is one prime motivation for webassembly.
Having to compile to JS has a lot of shortcomings, most languages only support certain language subsets (like Haskell with Fay, or C++ with emscript) because of JS limitations. Also the generated code is always slower than regular JS.
Webassembly would fix these issues.
Wyatt Kelly
I hope it will be possible to control js and wasm permissions separately using uMatrix.
Samuel Powell
With Firefox, anything is possible!
William Nelson
RIP JS I P
J S
Joshua Jackson
revert 2 leddit with your pondered and appreciable analysis, un-virgin
Michael Sullivan
If it means I can write C++ with an API for DOM manipulation and threading, it sounds great.
JS is such fucking cancer that I'd never consider touching web dev stuff, and no, writing something that gets translated to JS is not in any sense better.
Josiah Cruz
N-No! I swear I belong here, wait, I'll try again!
Uh... W-Webassembly is a botnet! It will fuck your PC! Windows and Macfags BTFO! WASM is a botnet technology and will allow attackers to discover your CP stash! Of course the browser vendors didn't even waste a MILLISECOND thinking about security! WASM is just like a Java or Flash applet! Insecure! Full botnet access!
Also I posted an animu grill, that's proof that I belong here!
Josiah Hernandez
They're adding DOM manipulation in a later version
Jace Lewis
Have they confirmed that yet? I just heard a "maybe much later" when I last checked.
Carter Jenkins
The World Wide Web was a mistake. - Sir Tim Berners-Lee
Neat. But until then... We're left with JavaScript and its horrible build tools that take longer to produce builds than million LOC C++ programs with lots of templating magic.
Juan Wright
>Bytecode
So, it's Java by the back door?
Lincoln Adams
React & Webpack are >fun
Owen Reyes
Does that mean this image is out of date?
Owen Carter
Webpack is a mess. A maze of config entries nobody can possibly remember, magic that is never explained (especially in plugins) and go and fuck yourself if your app ever gets an actual backend so you can't use webpack-dev-server anymore.
Eli Torres
Great, ad blocking is now made much more difficult!
Austin Perry
You'll probably still want a therapist if you write wasm directly in bytecode.