Security Demands Simplicity (was: Private Slots)

Brendan Eich brendan at mozilla.com
Sun Jan 20 14:27:44 PST 2013


Skipping contentious stuff (some of which, e.g. "classes as sugar", I 
agree with -- and so does TC39) to get to this paragraph:

Allen Wirfs-Brock wrote:
> The [[Get]] and [[Set]]  (and probably some others) internal methods of a proxy never call the corresponding trap when the property key is a private Symbol.  Instead, they trace the [[Target]] chain of the proxy until a non-proxy object is reached (call this the "ultimate target").  It then invokes the ultimate target's [[Gett]]/[[Set]] using that same private Symbol key.  The result of that operation is then returned as the value of the original [[Get]]/[[Set]].
>
> The "private" state access is applied to the correct object and there is no exposure of the private symbol!

If I want to proxy for a date instance I might rather have @@DateValue 
available and passed as a name to get and set traps, so I can keep my 
own time number, and not have to delegate to a Date prototype that has 
the right milliseconds since the Epoch.

Perhaps you're in favor of that in addition? But if so, how would one 
proxy such that the @@DateValue symbol was the name parameter to get and 
set traps?

/be


More information about the es-discuss mailing list