Proxy questions

David Bruant bruant.d at gmail.com
Sun Jan 20 11:26:58 PST 2013


Le 20/01/2013 20:11, Mark S. Miller a écrit :
> Before commenting on the general question, I'm confused about
> something in your code. How did a proxy get bound to "this" in your
> example?
I would guess:
     var p = new Proxy(purseInstance, handler);
     Purse.prototype.deposit.call(p)
> On Sun, Jan 20, 2013 at 10:49 AM, Kevin Smith <khs4473 at gmail.com> wrote:
>> A proxy for a Purse instance could throw on access to "somethingInocuous",
>> leaving the high-integrity object in an inconsistent state.  It would seem
>> that a high-integrity object would need to assume that any access to a
>> public property might throw, in case the object is being proxied.
>>
>> Am I thinking about this correctly?
I think so. One way around that is that public methods only deal with 
private methods/properties (which may require aliasing public things to 
private equivalent?)

In case you run the untrusted code, you can provide a slightly less 
powerful Proxy constructor to prevent the untrusted code from doing 
this. Or a provide a slightly modified version of class methods which 
unwrap proxies or throw when seeing proxies.

David


More information about the es-discuss mailing list