Proposal About Private Symbol
zenparsing at gmail.com
Sat Dec 20 19:48:37 PST 2014
> >2. They would not invoke any traps on proxies.
> >3. They would not tunnel through proxies to proxy targets.
> >4. Getting a private-symbol-keyed property would not traverse the
> prototype chain of the object (perhaps arguable).
> Unnecessary, as long as symbol doesn't leak to external environment, I
> don't think we need to impose these constraints. Without these constraints
> I did not see any problems there.
You simply cannot allow 2 and 3 and still call them private symbols. If
you allow 2, then an attacker can discover private symbols by creating a
proxy for an object which uses them in one of its methods. If you allow 3,
then private symbols are an unmediated communication channel across
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the es-discuss