I would consider it somewhat harder. However, that's only after assuming that th... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		comex on May 9, 2014 \| parent \| context \| favorite \| on: How fast is PDF.js? I would consider it somewhat harder. However, that's only after assuming that the author of the document has managed to get the PDF reader to start running arbitrary C and JavaScript code within the sandboxes, respectively. Because JavaScript is a fundamentally memory safe language, it is drastically less likely for a document parser written in JavaScript to end up running arbitrary code from the document than the equivalent in C. Not that it matters in this case, since an attacker can just hand you a HTML page and run JavaScript that way, but it's worth noting that parsing in a high-level language is an accomplishment in general.

mercurial on May 9, 2014 [–]

> Not that it matters in this case, since an attacker can just hand you a HTML page and run JavaScript that way, but it's worth noting that parsing in a high-level language is an accomplishment in general.

What do you mean? You have plenty of parsers written in high-level languages.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact