Read-only Top-level Classes
Nathan de Vries
nathan at atnan.com
Mon Dec 10 18:36:05 PST 2007
Hi there,
I was just reading John Resig's recent article titled "Re-Securing
JSON" [1], and was wondering how this would affect ECMAScript 4. This
led me to the "Compatibility Between ES3 and Proposed ES4" paper [2],
which makes reference to the rational behind the change (or "bug fix",
as it's referred to).
It strikes me as somewhat non-obvious that a top-level, self-hosted
class in a meta-programmable language is read only due to security
concerns. What's the side effect of locking down these classes?
Cheers,
--
Nathan de Vries
[1] http://ejohn.org/blog/re-securing-json
[2] http://www.ecmascript.org/es4/spec/incompatibilities.pdf
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2139 bytes
Desc: not available
Url : http://mail.mozilla.org/pipermail/es-discuss/attachments/20071211/75ea5234/attachment-0002.bin
More information about the Es4-discuss
mailing list