some errata in PDF
Lars T Hansen
lth at acm.org
Mon Sep 3 03:00:05 PDT 2007
On 8/26/07, Garrett Smith <dhtmlkitchen at gmail.com> wrote:
> Back to "caller"...
> "caller" is on the prototype in Mozilla. Not sure where it is in IE,
> prototype or instance.
>
> On the instance in WebKit.
>
> Absent in Opera.
Absent in ES3. Absent in ES4.
function f() {
// I wonder how my caller was invoked? Maybe he has secrets from me?
xs = f.caller.arguments
// Maybe I can trick my caller into doing something bad by munging his state?
f.caller.arguments[1] = 37
// I wonder what the code of my caller is?
code = f.caller.toString()
}
Retch. Granted the content distribution and security models of the
web make this kind of attack much less potent, and some of the
introspection functionality proposed for ES4 may have similar issues
(not clear to me yet), but "caller" has a lot of problems.
--lars
More information about the Es4-discuss
mailing list