Oliver Hunt wrote:
On Feb 12, 2012, at 11:28 AM, Brendan Eich wrote:
Heh, I knew that was coming. I'll amend to say "of long standing" after
"implementations" :-P.
I still have a gut feeling that someone is going to take advantage of the
setter for bad purposes that will be harder to block than would be the case if
__proto__ reflected as a data property. But I can't prove this.
I'm not sure about this
Likewise, as noted -- I'm not sure but my gut is unhappy :-P.
-- the JSC+V8 model for __proto__ was a magic property on the object itself,
not the prototype, so anything that could access an object could mutate its
prototype. Pushing the property onto the prototype doesn't add any more
restrictions over that (if you can access an object, by definition you can
access its prototype).
Yes, that's all clear.
If you pull the setter function off of the prototype you can still only
apply it to objects you could already access.
The concern (no trolling here) is at least about attack surface. If
there's no setter that can be extracted, there's no need for the "frame
check" (however phrased). Adding that check adds more machinery to get
wrong or have interact in unexpected ways with other moving parts.
/be
_______________________________________________
es-discuss mailing list
[email protected]
https://mail.mozilla.org/listinfo/es-discuss
