__proto__ security
Brendan Eich
brendan at mozilla.org
Sun Feb 12 11:28:02 PST 2012
Gavin Barraclough wrote:
> On Feb 10, 2012, at 11:55 AM, Brendan Eich wrote:
>> "over-specifying", right? I am in favor of specifying __proto__
>> minimally in Annex B.
>>> But, one thing I would like enshrined in the spec is that
>>> `"__proto__" in Object.create(null) === false`.
>> For sure!
>
> The idea of a minimal specification sounds really encouraging. It
> seems there are a few really key points that everyone appears to be in
> complete agreement on – that the __proto__ property should be a member
> of the Object Prototype, that this should be the only mechanism
> available to change an object's prototype, and that it should be
> configurable.
Yes.
BTW in taking our lumps (and dishing them out at fellow members) for CSS
WG failure to codify de-facto style property standards, I've mentioned
Ecma turning a blind eye toward __proto__. Great to finally get a
normative/optional spec for it (whatever one thinks of the thing
itself). __proto__ is used by Zepto.js and other mobile frameworks.
> On Feb 10, 2012, at 3:16 PM, Brendan Eich wrote:
>> I know of no implementations that reflect __proto__ as an accessor,
>
> WebKit is using an accessor in nightly builds.
Heh, I knew that was coming. I'll amend to say "of long standing" after
"implementations" :-P.
I still have a gut feeling that someone is going to take advantage of
the setter for bad purposes that will be harder to block than would be
the case if __proto__ reflected as a data property. But I can't prove this.
/be
More information about the es-discuss
mailing list