On Scope And Prototype Security

Andrea Giammarchi andrea.giammarchi at gmail.com
Sat Mar 16 19:04:03 PDT 2013

That conversation on `fn. caller` left me many doubts about extra things

As example, I understand the fact a function that do not want to be
accessed should not be accessed when any accepted object could due tweaked
to retrieve it via caller, that's OK, but what about private "classes" and
the fact there's no way to ensure them private?

Despite the sense, the good and the bad, this is perfectly valid JS code:

var myNameSpace = function () {

  var queue = [];

  function Private() {

  function initBeforeDOM() {

  function initAfterDOM() {
    // do stuff

  Private.prototype.init = initBeforeDOM;
  window.addEventListener('DOMContentLoaded', function(){
    Private.prototype.init = initAfterDOM;
    queue.forEach(function (instance) {

  // trying to make Private inaccessible
    {value: Object,

  return {
    generate: function () {
      return new Private;

var o = myNameSpace.generate();
var proto = Object.getPrototypeOf(o);

Above code is also based on few concepts I always found cool about JS like
the possibility to mutate all objects at once through the prototype,
usually considered a bad practice, but technically the
best/fastest/memory-safe way we have in JS to create state machines
behaviors through distributed instances so ... **way too cool**

Well, I've got a problem, even if the constructor might be unreachable,
there is something I cannot secure at all which is the constructor

Not a single mechanism, in current JS, lets me make a prototype safe from
operations, potentially nasty and disastrous, as
`Object.getPrototypeOf(generic)` is.

Thoughts? Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20130316/28fcf080/attachment-0001.html>

More information about the es-discuss mailing list