On Sat, Aug 27, 2011 at 1:00 AM, xavierm02 <[email protected]> wrote:
> How to restore Object.prototype.hasOwnProperty if it has been overwritten? > > Generally, you can't. There is nothing in the ECMAScript language specification that allows you to restore a property after it has been overwritten. After all, the original value might not even exist any more - with no more references to it, it can easily have been garbage collected. > Let's say you have a dumbass doing this: > > Object.prototype.hasOwnProperty = 1; > > This will never happen, but let's assumje it did. > That might never happen, but someone replacing it with a malicious function is more likely. > How can you restore the default value? > In pure ECMAScript, you can't. If someone malicious got to run code in the page before you, you can't trust anything, and there's nothing you can do. They can install a "javascript rootkit" that takes over all the important functions and replaces them with something that hides the subterfuge, and that also prevents you from reversing it. You can try using Object.getOwnPropertyDescriptor to see if the object has the property, but that might be mangled too. Or Object.getOwnPropertyNames and check if the property name is in the list. In a browser, you might be able to do something, if the damage isn't total. One option is to create a new frame and take the Object.prototype.hasOwnProperty from there. It's not the same function object, but it might still might work the same way. In some browsers, Safari and Chrome at least, deleting the bad value will reveal the original value again. You can use either Object.getPrototypeOf or __proto__ (with a preference on the other, because it's not as easily modified) to check: prop in object && !(prop in object.__proto__) which is not same check as hasOwnProperty (if the property is both on the object and also in its prototype chain), but might work in cinch. I tried several things but none worked... > > delete Object.prototype.hasOwnProperty;// true > Object.prototype.hasOwnProperty;// undefined > Would actually work in Safari and Chrome (since it copies Safari), but that's not general. > delete Object.prototype;// false > > So I just don't know how to do it... > > And how come they protect the prototype but not its properties ? > Design choices leading back to the start of Javascript. They actually want you to be able to overwrite built-in functions with your own. Security-wrappers want to do that. So does malicious code :( /L -- To view archived discussions from the original JSMentors Mailman list: http://www.mail-archive.com/[email protected]/ To search via a non-Google archive, visit here: http://www.mail-archive.com/[email protected]/ To unsubscribe from this group, send email to [email protected]
