Experimental implementation of Object.observe & JS Utility library now available

gaz Heyes gazheyes at gmail.com
Fri Aug 17 06:21:33 PDT 2012

On 17 August 2012 13:47, Rafael Weinstein <rafaelw at chromium.org> wrote:

> Hi gaz,
> Thanks so much for your time.
> Much care has been taking with this proposal to ensure that it is
> neutral with respect to the existing JS Object/Security model.
> As I understand it, the core vulnerability with JSON hacking is the
> ability to define getters on the Object prototype. Object.observe()
> does not affect that ability.

The original attack I'm talking about is this:
//variant of the "I know what your friends did last summer" attack
Object.defineProperty(Object.prototype, "x", {
<script src="//some.external.site/friends.json"></script>
<!-- friends.json contains [{"x":"stolen"}] -->

This was patched to prevent the setter being called on a new object literal
but I guess if the observable stuff doesn't account for this then it's a
problem. It seems like you account for this which is cool.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20120817/5035196a/attachment.html>

More information about the es-discuss mailing list