bruant.d at gmail.com
Sun Jan 20 11:26:58 PST 2013
Le 20/01/2013 20:11, Mark S. Miller a écrit :
> Before commenting on the general question, I'm confused about
> something in your code. How did a proxy get bound to "this" in your
I would guess:
var p = new Proxy(purseInstance, handler);
> On Sun, Jan 20, 2013 at 10:49 AM, Kevin Smith <khs4473 at gmail.com> wrote:
>> A proxy for a Purse instance could throw on access to "somethingInocuous",
>> leaving the high-integrity object in an inconsistent state. It would seem
>> that a high-integrity object would need to assume that any access to a
>> public property might throw, in case the object is being proxied.
>> Am I thinking about this correctly?
I think so. One way around that is that public methods only deal with
private methods/properties (which may require aliasing public things to
In case you run the untrusted code, you can provide a slightly less
powerful Proxy constructor to prevent the untrusted code from doing
this. Or a provide a slightly modified version of class methods which
unwrap proxies or throw when seeing proxies.
More information about the es-discuss