"compatible descriptors" and how they are checked
David Bruant
bruant.d at gmail.com
Wed Sep 19 02:44:02 PDT 2012
Hi,
In the current state of the strawman [1], one security invariants for
getOwnPropertyDescriptor is:
"
if property exists on target, check if the returned descriptor is
compatible."
I just wish to say on the list that it means that the following case throws:
var p = new Proxy({a:1}, {
getOwnPropertyDescriptor: function(target, name){
var desc;
if(name in target){
desc = Object.getOwnPropertyDescriptor(target, name);
desc.configurable = false;
}
return desc;
}
});
Object.getOwnPropertyDescriptor(p, 'a'); // throws
It throws because the proxy attempts to report a configurable property
as non-configurable (it may not be clear from the phrasing "check if the
returned descriptor is compatible").
Also, the wiki doesn't say how the check is being performed. It
shouldn't matter, but if the target is itself a proxy, these details are
exposed. It may mean that the getOwnPropertyDescriptor trap of the
target is being called. I haven't formally proved it, but it seems that
the check could also be performed on the "final target" directly,
bypassing intermediary traps. I don't know which is best, but for sure
this should be spec'ed to avoid interoperability issues.
David
[1]
http://wiki.ecmascript.org/doku.php?id=harmony:direct_proxies#invariant_enforcement
More information about the es-discuss
mailing list