Le 26/02/2012 01:23, Geoffrey Sneddon a écrit : > On 13/02/12 17:55, Allen Wirfs-Brock wrote: >> Let's try to get this back to concrete issues that I can incorporate >> into a specification. >> >> The current draft is at >> http://wiki.ecmascript.org/lib/exe/fetch.php?id=strawman%3Amagic_proto_property&cache=cache&media=harmony:draft_proto_spec_rev2.pdf >> >> Gavin and Oliver seem to really want to use an accessor for >> Object.prototype.__proto__ > > On the whole this is my preference too, as it practically eliminates > special-casing for the __proto__ property, which on the whole I'm in > favour of. > > I've basically implemented something close to what is attributed to > Dave Herman on the wiki in Carakan now, albeit without the context > check, though I agree it's a good idea. I wonder if it's > web-compatible to disallow cross-context prototype chains (both > through __proto__ and Object.create). What is asked to be disallowed is only changing the prototype with __proto__ in a cross-context manner. Creating cross-context chains with Object.create has not been discussed I think and should be fine...
....or not? Given an attacker from context A, a defender from context D (I'll use these letters to refer to the global object of each context). An attacker can create an object like ----- var maliciousProto = Object.create(D.Object.prototype); // Add whatever own properties to maliciousProto someObjectInD.__proto__ = maliciousProto ----- I was enthusiastic by Gavin Object.prototype ownership-based solution, but it seems that as long as an attacker has the possibility to create cross-context objects, an Object.prototype-based solution actually does not prevent anything. > The one thing I would prefer, however, would be that the setter is > optional (i.e., it is permissible to have __proto__ have just a getter > or have both a getter and a setter, but not just a setter). I think that it's unrealistic since the web does use the setter as well. If the setter was standardized as optional, all implementations would implement it anyway. David _______________________________________________ es-discuss mailing list [email protected] https://mail.mozilla.org/listinfo/es-discuss
