Array Generics and null
jresig at mozilla.com
Sat Mar 22 09:01:23 PDT 2008
Hello all -
I wanted to bring up one point for discussion. Based upon Mozilla's implementation of Array generics (and what will, presumably, be standardized here) you can see that typically doing:
produces no alerts. However, performing it in a page that has an iframe will
cause it to loop over all the iframes in the page, as in this test case:
The issue here is that Array.forEach(null, ...) maps to Array.prototype.forEach.call(null, ...) - and doing a .call() on a function produces the global object (which, in a browser like Firefox, is equivalent to window.frames - looping over the iframes on the page).
Obviously this issue extends beyond browsers, or this specific situation, since this could occur in any situation where the global object has a length property.
It seems like there could be a couple solutions:
- Make .call(null) not map to .call(global). I know that the Caja guys have argued this in the past - where does this stand?
- Make .forEach(null) do nothing (it's not an object, therefore there's nothing to loop over).
- Make .forEach(null) throw an exception.
For reference here's the Mozilla bug on the matter:
More information about the Es4-discuss