`({[Symbol.toStringTag]: 'String'})` could be identified as string as well, use
the legacy method. ES6 guarantees that legacy code will work, but it does not
ensure that legacy code could work well with new codes that intended to create
a fake string.
Subject: Re: @@toStringTag spoofing for null and undefined
From: [email protected]
Date: Tue, 10 Feb 2015 09:54:03 +0100
CC: [email protected]
To: [email protected]
Changing `String.prototype` from String to non-String is indeed a risk by
itself. But the issue I was mentioning is independent of that, namely that an
unknown object would be misidentified as String and would throw on methods that
work only on Strings, e.g.: `if (getType(obj) == "String") { return
obj.toUpperCase() }`, where `getType()` is based on `O.p.toString`.
_______________________________________________
es-discuss mailing list
[email protected]
https://mail.mozilla.org/listinfo/es-discuss
