

What Javascript is not safe in a open-ended script? - quaz3l
http://stackoverflow.com/q/10826186/744249

======
robert00700
Surely censoring the functionality is completely impossible, due to the
dynamic nature of JS?

alert("blah")

can just as easily be made to be

window["alert"]("blah"), where the string 'alert' could be made by a very
convoluted manner. Solving this would be akin to solving the halting problem,
no?

------
christocracy
window[['t', 'r', 'e', 'l', 'a'].reverse().join('')]("blah");

