Proxy questions

Brendan Eich brendan at mozilla.com
Mon Jan 21 20:27:49 PST 2013


Kevin Smith wrote:
> OK - but we can't have it both ways.  We can't allow |this| to give us 
> access to "private" data (regardless of the implementation) *and also* 
> allow that |this| may be an untrusted proxy.  If |this| grants access 
> to private data, then it must be trustable.  Anything else is 
> inherently risky.

Who said otherwise?

First, as Tom noted, |this| binding in JS is dynamic unless you opt out.

Second, private symbols need not leak. We have had several designs to 
avoid leakage, and Tom' s advocating another that could work.

I know, you want to get rid of (defer, let's say) private symbols. But 
no one is trying to have it "both ways". Everyone wants to avoid private 
symbol leaks via proxies, in the face of dynamic |this| and other 
hazards of JS not related to |this|.

/be


More information about the es-discuss mailing list