On Scope And Prototype Security

Andrea Giammarchi andrea.giammarchi at gmail.com
Tue Mar 19 15:43:13 PDT 2013

since I wrote about it, the IE5 example ...


var Puppet = function (Object) {
    freeze = Object.freeze || Object,
    master = Master.prototype;
  function Master() {}
  function Puppet() {
  master.constructor = Puppet;
  Puppet.prototype = new Master;

  // for testing sake
    master.name = 'puppet';
  }, 0);

  return Puppet;

var o = new Puppet,
    output = [o.name];

o.name = 'master';

setTimeout(function () {
  // undefined
  // undefined
  // "puppet"
}, 10);


If freeze is not available in IE5 it does not actually really matter. The
point/concept is about having an hidden prototype.


On Tue, Mar 19, 2013 at 3:23 PM, Andrea Giammarchi <
andrea.giammarchi at gmail.com> wrote:

> oh dear ... even the example did not explain ... how can that be ?
> @Rick is not because of my alzheimer that I did **not** freeze the private
> object. I want to manipulate that because that's my object and I want to
> expose objects that inherits from it without giving anyone the possibility
> to reach my private, own, object!
> I don't want to be able to freeze the object, I don't want anyone "out
> there" to even reach it ... via __proto__ or getPrototypeOf, got it?
> @Juan I don't want the complexity of a Proxy, I want objects that inherit
> from my private object so that what changes in my private object reflects
> automatically everywhere. There is no need to Proxy, IMHO, this stuff was
> again already possible in ES3 ignoring __proto__, I am talking about
> standards.
> However, if you want, Proxy is more or less what I meant with the private
> object.
> @Claus __proto__ is a disaster, if you ask me, but the problem is that
> even if __proto__ disappears, as it should, there is still
> Object.getPrototypeOf(object) able to retrieve my private object.
> @Claude ... the example goes close, but it won't work as it is and it
> cannot be used as generic method, isn't it ?
> Also that suffers from the fact that I cannot hide runtime, I need to hide
> first, and send the Proxy result or the __proto__ won't be hidden, right?
> @all ... bear in mind, my example works already in ES3 ... you can try it
> in IE 5 ... I am not kidding ... there's no Object.getProottypeOf(object)
> there, neither object.__proto__
> Best Regards
> On Tue, Mar 19, 2013 at 3:08 PM, Claus Reinke <claus.reinke at talk21.com>wrote:
>> var public = (function(){
>>>  var private = {
>>>  };
>>>  return Object.freeze(
>>>    Object.create(private)
>>>  );
>>> }());
>>> // why I cannot avoid this? I'd **LOVE** to!
>>> Object.getPrototypeOf(public).**test = 123;
>>> alert(public.test); // 123
>> At first, I thought you were right - __proto__ is an object property,
>> so there should be a way to turn it into a private property (assuming
>> ES6 will have such).
>> Then I thought, it would have to be protected, not private - if I extend
>> the prototype chain further down, I should still be able to go up through
>> this __proto__ here, right?
>> My current thinking is still different: __proto__ is *not* a normal
>> object property, it is an implementation shorthand for extending
>> an object. If we were to copy all the methods from the prototype
>> chain into a single "class" object, that would serve the same purpose,
>> the __proto__ links just save space.
>> In other words, you want to protect/make private the properties of the
>> objects that __proto__ points to, and those objects themselves, not the
>> __proto__ link.
>> For that purpose, a deep chain freeze, following the prototype chain,
>> and freezing all objects in it, would be less confusing/error prone than
>> the shallow Object.freeze we have. Apart from the fact that
>> sharing of objects in the chain might freeze someone else's prototypes.
>> Claus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20130319/8a26b8eb/attachment-0001.html>

More information about the es-discuss mailing list