ES3.1 Draft: Array generics

Mark S. Miller erights at google.com
Sat May 31 18:35:35 PDT 2008


On Sat, May 31, 2008 at 3:37 PM, Douglas Crockford
<douglas at crockford.com> wrote:
> I think we must implement the Array methods as currently understood, even with
> the regrettable thisObject parameter. The hazards of the misbinding of this are
> a particular problem for mashup platforms, so the use of the thisObject
> parameter will not be allowed in strict mode.
>
> This will allow existing applications that use thisObject to continue to work,
> and it will also disable the thisObject pattern for new applications with more
> severe security requirements.


Crock, I see no viable way to make this switchable on the strictness
of the caller. We should try to avoid adding to the number of ways
that built-in objects are magical -- able to do things that objects
defined in JavaScript cannot. We have not proposed that a
function/method be able to determine the strictness of its caller. I
do not wish to propose that. Without it, I see no way to both
introduce this API, but have it reject thisObject arguments only from
strict callers.

My first choice is still to avoid adding any of this. When in doubt,
leave it out. But, as others have argued, none of this is fatal to
security. If we're going to add it, we should provide the existing
behavior as is, independent of the strictness of the caller. It won't
hurt ADsafe or Cajita, since they don't have "this" at all. It will be
a pain for Caja, but nothing we can't cope with. This one isn't worth
fighting.


-- 
    Cheers,
    --MarkM



More information about the Es4-discuss mailing list