Hi Pierre, as long as this use would not need inter-realm weakrefs to be weak, as seems likely, then I think it could live fine with the existing proposal for securing weakrefs. No need to tilt any balance away from security.
On Tue, Nov 12, 2013 at 10:18 AM, Pierre Frisch <[email protected]>wrote: > Could I present another example where WeakRef are required. > > I am writing an object management layer similar to what exist in other > language and systems. One of the requirement is uniquing so that each > object exist only once in memory. Let say I retrieve a company and its > employees and later retrieve a company project and its participants. I need > the members of the employee list and the members of the participant list to > point to the same objects. The other requirement is not to leak, if an > object is only accessible from within the management layer it should be > candidate for garbage collection. > > With the current ECMAScript I have multiple problem implementing this. > Each object has a unique identifier (UUID) but as strings cannot be used as > keys in WeakMap I have to keep a reference to objects in a regular Map. > This causes a major leakā¦ In order to plug it we have to rely on the user > notifying the management layer for checkin/checkout of objects doing ref > counting. This is clumsy. I had a similar design working with WeafRef in > Java with no constrains on the user. Why could we not do this with JS? > > WeakRef would solve this issue quite naturally. I understand that this > would make GC observable and there is a security concern. We should however > strike a balance between usability and security. I am no security expert > but it looks to me that in this case we could tilt the balance a little > more in favour of usability. > _______________________________________________ > es-discuss mailing list > [email protected] > https://mail.mozilla.org/listinfo/es-discuss > -- Cheers, --MarkM
_______________________________________________ es-discuss mailing list [email protected] https://mail.mozilla.org/listinfo/es-discuss
