Object.prototype.* writable?

Kyle Simpson getify at gmail.com
Sat May 7 09:44:07 PDT 2011


I apologize if the question I'm about to ask has already been "dealt with", 
but I just ran across a nasty instance of it, and wanted to just ping the 
topic to see what the language guardians have to say about it.

It's a well known fact that overwriting anything in Object.prototype (like 
Object.prototype.toString, for instance) is a very bad idea, because it 
breaks for-in looping. It also affects every single object, including even 
natives/built-ins, often in unexpected ways.

So, a few questions:

1. Would it be possible to specify that changes to Object.prototype.* do NOT 
affect any of the natives/built-ins?

2. Would it be possible for Object.prototype.* to be read-only for 
ES-Harmony (or even just strict mode)?

3. By read-only, I mean that changes to it would just silently be discarded. 
Alternatively (especially for strict mode), warnings/errors could be thrown 
if attempting to override them?

I think that being able to override something like Object.prototype.toString 
to "lie" about objects/values is a "security" hole we should consider 
plugging. For instance, you can "lie" to 
`document.location.href.toString()`... or a call like 
`Object.prototype.toString.call(window.opera) == "[object Opera]"` (a common 
browser inference for Opera) is easily fake'able.

--Kyle
 



More information about the es-discuss mailing list