On Wed, Feb 13, 2013 at 11:17 AM, Tom Van Cutsem <tomvc...@gmail.com> wrote:
> 2013/2/10 Mark Miller <erig...@gmail.com> > >> How does this interact with Proxies[1]? I know the answer probably starts >> with "whitelist", but let's spell it out in this context, and test it >> against the 8 membrane transparency cases previously discussed. >> > > When thinking about symbol "leaks", we must consider two cases: > a) leaking a symbol by having it show up in reflective query methods on > ordinary objects > b) leaking a symbol by inadvertently applying a symbol-keyed operation on > a proxy > > Andreas' proposal of having a symbol's enumerability depend on a property > attribute makes a lot of sense and deals with problem a). OTOH, it does not > address leaks of type b). In order to prevent those, proxies currently use > the whitelist. > > If we lose the a-priori distinction between unique and private symbols and > introduce only 1 type of symbol, then proxies must treat all symbols like > they currently treat private symbols. > > The annoying thing about that is that well-known symbols like @@create and > @@iterator must be explicitly added to a proxy's whitelist in order for the > proxy to intercept them, but at least it's doable. > > W.r.t. membranes, AFAICT this proposal changes nothing re. the interaction > between private symbols and proxies. Membranes would still need the > "unknownPrivateSymbol" trap to stop unknown private symbol access from > piercing the membrane. > AFAICT, that trap wouldn't provide transparency for the membrane crossing cases. Is there anything about this new proposal that could improve on that? > > Cheers, > Tom > -- Cheers, --MarkM
_______________________________________________ es-discuss mailing list es-discuss@mozilla.org https://mail.mozilla.org/listinfo/es-discuss