Why we need to clean up __proto__

gaz Heyes gazheyes at gmail.com
Wed Dec 28 11:58:50 PST 2011

I'd also like to add that __proto__ allows valid JSON to change it's object
type and allow functions within properties. There isn't a compelling
exploit scenerio for this yet but who knows what is possible if setters
come into the equation.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20111228/a6081e7f/attachment.html>

More information about the es-discuss mailing list