What is Strict Mode in JavaScript?

Explanation about "use strict" in modern JavaScript
08 August 2017   1148
JavaScript

JavaScript is a lightweight interpreted or JIT-compiled programming language with first-class functions

What's Strict Mode in JS?

For a very long time the JavaScript language developed without loss of compatibility. New features were added to the language, but the old ones never changed, so as not to "break" the existing HTML / JS pages with their use.

However, this led to the fact that any mistake in the design of the language became "frozen in" it forever.

This was the case before the introduction of the ECMAScript 5 (ES5) standard, which simultaneously added new features and introduced a number of fixes to the language, which could lead to the fact that the old code that was written before it appeared will stop working.

To prevent this from happening, it was decided that by default these dangerous changes will be turned off and the code will work as before. And in order to translate the code into full compliance with the modern standard, you need to specify a special use strict directive.

Strict Mode is a feature that allows you to place a program, or a function, in a "strict" operating context. This strict context prevents certain actions from being taken and throws more exceptions.

Strict mode helps out in a couple ways:

  • It catches some common coding bloopers, throwing exceptions.
  • It prevents, or throws errors, when relatively "unsafe" actions are taken (such as gaining access to the global object).
  • It disables features that are confusing or poorly thought out.

Code example:

// Non-strict code...

(function(){
  "use strict";

  // Define your library strictly...
})();

// Non-strict code... 

At the moment, it supported by the most of the modern web browser, bar IE 9 and below. 

Also, note that it is impossible to cancel Strict Mode. 

Two things, where "use strict" can cause issues.

  1. Old browsers. IE9- browsers can display code with use strict with issues. 
  2. Libraries, that was written without use strict support. 

Conclusion

Write code with use strict only if you are sure that the problems described above will not appear.

Twitter AAAPI Bug to Open Access to Users' Messages

Due to glitch in Account Activity API, a copy of a private message was sent to a random recipient 
25 September 2018   108

On September 10, 2018, Twitter detected a bug in the Account Activity API (AAAPI) sending a copy of a private message to a random recipient. The company officially stated that the error affected less than 1% of users. The developers fixed the problem within a few hours of detection. Currently Twitter sends notification to potential victims and works to neutralize possible damage.

The Account Activity API is designed to communicate with developers on the Twitter platform. Using this interface, contractors can send private messages to each other. The detected error led to the fact that, at the confluence of certain circumstances, information and tweets of clients came to third-party destinations. A bug in the interface existed in May 2017 and could affect any interactions over the past 16 months.

Twitter states that only officially registered developers could receive random messages. Currently, there is correspondence with possible recipients. Representatives of the company promise to monitor the developers' compliance with their obligations and make sure that the information received is illegally received.

Problems of information leakage due to developer errors or hacker attacks regularly pop up in the IT field. In early September, 2018, Family Orbit, a company specializing in the hidden control of user actions, allowed a leakage of 281 gigabytes of data obtained during the surveillance process.