__proto__ security

Allen Wirfs-Brock allen at wirfs-brock.com
Sat Jan 28 15:58:35 PST 2012

I don't think we would ever want to expose __proto__ as an accessor property on Object.prototype as that would expose set/get functions that would also have the capabilities of  __proto__ without being associated with that special property. 

I can easily write a specification for __proto__ that essentially has the SpiderMonkey observable behavior (including exposing a data property on object prototype) without mandating the observable use of accessor properties or any other specific implementation mechanism.   How you go about invisibly implementing it would be up to you.  Since most implementations already seem to have special mechanism for giving "magic" behavior to certain properties I would expect them to use some of those mechanisms here.


More information about the es-discuss mailing list