You beat me on timing. And on quality of answer too. :)
Diego On Sat, Aug 27, 2011 at 12:30 PM, Lasse Reichstein <[email protected]> wrote: > > > On Sat, Aug 27, 2011 at 1:00 AM, xavierm02 <[email protected]> wrote: >> >> How to restore Object.prototype.hasOwnProperty if it has been overwritten? > > Generally, you can't. There is nothing in the ECMAScript language > specification that allows you to restore a property after it has been > overwritten. After all, the original value might not even exist any more - > with no more references to it, it can easily have been garbage collected. > >> >> Let's say you have a dumbass doing this: >> Object.prototype.hasOwnProperty = 1; >> This will never happen, but let's assumje it did. > > That might never happen, but someone replacing it with a malicious function > is more likely. > >> >> How can you restore the default value? > > In pure ECMAScript, you can't. > If someone malicious got to run code in the page before you, you can't trust > anything, and there's nothing you can do. They can install a "javascript > rootkit" that takes over all the important functions and replaces them with > something that hides the subterfuge, and that also prevents you from > reversing it. > You can try using Object.getOwnPropertyDescriptor to see if the object has > the property, but that might be mangled too. > Or Object.getOwnPropertyNames and check if the property name is in the list. > > In a browser, you might be able to do something, if the damage isn't total. > One option is to create a new frame and take the > Object.prototype.hasOwnProperty from there. It's not the same function > object, but it might still might work the same way. > > In some browsers, Safari and Chrome at least, deleting the bad value will > reveal the original value again. > You can use either Object.getPrototypeOf or __proto__ (with a preference on > the other, because it's not as easily modified) to check: > prop in object && !(prop in object.__proto__) > which is not same check as hasOwnProperty (if the property is both on the > object and also in its prototype chain), but might work in cinch. > > >> I tried several things but none worked... >> delete Object.prototype.hasOwnProperty;// true >> Object.prototype.hasOwnProperty;// undefined > > Would actually work in Safari and Chrome (since it copies Safari), but > that's not general. > >> >> delete Object.prototype;// false >> >> So I just don't know how to do it... >> And how come they protect the prototype but not its properties ? > > Design choices leading back to the start of Javascript. They actually want > you to be able to overwrite built-in functions with your own. > Security-wrappers want to do that. So does malicious code :( > > /L > > -- > To view archived discussions from the original JSMentors Mailman list: > http://www.mail-archive.com/[email protected]/ > > To search via a non-Google archive, visit here: > http://www.mail-archive.com/[email protected]/ > > To unsubscribe from this group, send email to > [email protected] > -- To view archived discussions from the original JSMentors Mailman list: http://www.mail-archive.com/[email protected]/ To search via a non-Google archive, visit here: http://www.mail-archive.com/[email protected]/ To unsubscribe from this group, send email to [email protected]
