A case for removing the seal/freeze/isSealed/isFrozen traps
rossberg at google.com
Fri Feb 15 06:35:46 PST 2013
On 15 February 2013 14:29, Brandon Benvie <bbenvie at mozilla.com> wrote:
> I definitely agree that something like "preventAccidentalExtensions" (disallows new properties through [[Put]] but not [[DefineOwnProperty]]) has more common uses cases than preventExtensions, and for the precise reasons that David said. The security is against bugs usually, not attackers. PreventExtensions is a clumsy tool for managing capabilities because it leaves no room for giving *some* code permission while preventing other code, which is exactly what we want when the clueful *me* of now is writing code to manage the clueless *I* of the future.
If you need private extensibility, just complement preventExtensions
with installing a private map or expando object.
More information about the es-discuss