Minimalist Classes

Brendan Eich brendan at mozilla.com
Wed Nov 2 10:09:05 PDT 2011


On Nov 2, 2011, at 4:10 AM, David Bruant wrote:

> Another topic:
> -----
> class Monster {
> 
>   private name, health;
> 
>   sameName(other) {
>     return @name === other at name;
>   }
> }
> -----
> I am under this impression that you are accessing the private property ("other at name") of an instance which isn't you (other !== this) and I'm not sure it's a good idea.

Private names do not leak via reflection, not even via proxies. So what's the problem?


> Is "other" a monster? (how do you "recognize" a monster from any other object?).

You could do ad-hoc type or shape tests. For the example, and even in most cases in general, there's no need. Duck typing works with private names too.


> If so, is it a good enough reason for you to be able to access its private state?

It must be an instance of this class or the name would not be bound.


> If other is not a monster, what is the behavior?

You'd get undefined.


> What happens in the following case?
> -----
> class Monster{
>   private health;
>   
>   constructor(health) {
>     @health = health;
>   }
> }
> 
> let m = new Monster(100);
> 
> // pass m to a potentially malicious script:
> 
> m.kill = function(){
>   @health = 0;

health is not in scope here!

/be

> }
> m.kill();
> -----
> Or, how do you prevent someone who has access to the object to define a function which accesses the private state?
> Is the @-syntax only allowed within a class body?
> 
> David



More information about the es-discuss mailing list