Private symbols vs property attributes
Tom Van Cutsem
tomvc.be at gmail.com
Wed Feb 13 11:17:56 PST 2013
2013/2/10 Mark Miller <erights at gmail.com>
> How does this interact with Proxies[1]? I know the answer probably starts
> with "whitelist", but let's spell it out in this context, and test it
> against the 8 membrane transparency cases previously discussed.
>
When thinking about symbol "leaks", we must consider two cases:
a) leaking a symbol by having it show up in reflective query methods on
ordinary objects
b) leaking a symbol by inadvertently applying a symbol-keyed operation on a
proxy
Andreas' proposal of having a symbol's enumerability depend on a property
attribute makes a lot of sense and deals with problem a). OTOH, it does not
address leaks of type b). In order to prevent those, proxies currently use
the whitelist.
If we lose the a-priori distinction between unique and private symbols and
introduce only 1 type of symbol, then proxies must treat all symbols like
they currently treat private symbols.
The annoying thing about that is that well-known symbols like @@create and
@@iterator must be explicitly added to a proxy's whitelist in order for the
proxy to intercept them, but at least it's doable.
W.r.t. membranes, AFAICT this proposal changes nothing re. the interaction
between private symbols and proxies. Membranes would still need the
"unknownPrivateSymbol" trap to stop unknown private symbol access from
piercing the membrane.
Cheers,
Tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20130213/7c013d9c/attachment.html>
More information about the es-discuss
mailing list