brendan at mozilla.com
Sun Jan 17 23:02:50 PST 2010
On Jan 11, 2010, at 8:11 PM, David-Sarah Hopwood wrote:
> Kevin Curtis wrote:
>> So, FF3.5 has resurrected the sandboxed eval with the second
>> 'global' object
>> parameter - as the closure peeking issue has been fixed. (The
>> second param
>> is a live object rather than a string). And thus if the second
>> param object
>> is frozen (and the primordials and their prototypes etc frozen)
>> FF3.5 eval
>> could act as a restricted eval.
> FF3.5 eval is undocumented, but if I'm reverse-engineering the
> source code
> patch (http://hg.mozilla.org/releases/mozilla-1.9.1/rev/67944d1b207d)
> correctly, it still violates encapsulation.
What do you mean? Can you give an example?
More information about the es-discuss