On __proto__ as a magical data property

Brendan Eich brendan at mozilla.org
Wed Jul 18 13:31:35 PDT 2012


Brendan Eich wrote:
> Your suggestion of the setter checking that the receiving object 
> inherit the built-in __proto__ before actually doing the "set" is 
> interesting, but it seems to me that it means every set does a 
> proxy-observable "has" operation. That's not something we do today -- 
> maybe it's ok to add it -- but it is also overhead and opportunity for 
> mischief. Or did you have a thought on how to silently probe for the 
> property descriptor? 

In particular, we don't want a proto-chain walk from [[CanPut]] and a 
second walk from the "has" under the __proto__ setter for

   obj.__proto__ = safe; // not in SES code

just because we might need the "has" for

   evil = Object.getOwnPropertyDescriptor(Object.prototype, 
'__proto__').set;

   // later ...

   evil.call(victim, unsafe);

How would you spec this?

/be


More information about the es-discuss mailing list