Security Demands Simplicity (was: Private Slots)

Brendan Eich brendan at mozilla.com
Sun Jan 20 09:59:20 PST 2013


David Bruant wrote:
> I disagree with Brendan when he says "to use weakmaps for class 
> private instance methods/variables"... well... it depends on what 
> "use" means:
> The spec is allowed to /use/ anything it needs to make the class 
> private syntax work. If the spec says that private properties are like 
> properties but aren't enumerated in Object.gOPN calls, fine. If the 
> spec says that private properties require a lookup to some object -> 
> value map, fine (but misleading, I agree). 

I don't think we disagree.

If there were no observable differences at all between weak maps and 
private symbols, we would have only one. Since there are, and since you 
propose to map private-in-class syntax onto weak maps in part on account 
of these differences (viz, proxying and whitelist population without 
privacy-leaks), here we are.

Perhaps I should have written "utilize"? Bleah.

/be


More information about the es-discuss mailing list