Security Demands Simplicity (was: Private Slots)

Brendan Eich brendan at
Mon Jan 21 12:54:03 PST 2013

Kevin Smith wrote:
>     A root  problem is that on method invocations through a proxy
>     methods of the target object are invoked with the proxy, rather
>     than the target, as the this value.  This means that any
>     assumption the methods have about valid this values are broken.
> I believe this is correct.  It is a separate proxy issue not directly 
> related to WeakMap/private symbol debate.

That's right. It is not identital too, or completely overlapping with, 
the private member access that comes up with the other proposals -- not 
all such accesses involve |this|.

Note also that in the browser JS embedding, it is crucial that |this| 
bind to the WindowProxy, not the Window (the object at the top of the 
scope chain). FWIW, and we do hope to keep ES6 Proxy and WindowProxy 
aligned so that implementations could use the former (via internal C++ 
APIs at first, no doubt) to implement the latter.


More information about the es-discuss mailing list