The capabilities of JavaScript are limited for the purpose of keeping the user’s safety. With it, an evil web page can’t access private information or harm the user’s data.
Here are some examples of such restrictions:
- JavaScript has no direct access to OS functions. It can’t read and write arbitrary files on the hard disc, copy or execute them.
- Different windows/tabs don’t recognize each other. JavaSCript from one page is not able to access the other one, in case they are from different sites. It’s known as “Same Origin Policy”.
- JavaScript allows communication over the net to the server from where the page comes from. But, its capability of receiving data from the other site is prohibited. That’s a safety limitation.
Leave a Reply