@@toStringTag spoofing for null and undefined

Mark S. Miller erights at google.com
Tue Jan 20 15:01:40 PST 2015

[+ungar, +tvcutsem]

On Tue, Jan 20, 2015 at 2:36 PM, Brendan Eich <brendan at mozilla.org> wrote:

> Mark S. Miller wrote:
>>     IIRC David Ungar's question to Tom was "why not enable proxies to
>>     mega-program every base-level operation in the language?" I took
>>     this to mean nothing like a nominal type check could evade
>>     proxying, in David's vision. Is this plausible in your view?
>> No it is not. It destroys the whole point of branding if passing a brand
>> check guarantees nothing.
> The counter-argument I inferred from the Q&A (this was in 2011, IIRC you
> were there too ;-)

I was not there, but I talked to Tom soon afterward. CC'ing Dave and Tom,
who's memory of their conversation may also be informative ;)

> would answer in two parts:
> 1. Needless-nominal type tests should be replaced by structural-type tests.
> 2. Any remaining brand or trademark test can use object identity or
> equivalent unforgeable capability.
> (2) can't be meta-programmed to spoof identity. But it doesn't leave
> anything like nominal types as found in many languages lying around as an
> attractive nuisance (and how, in Java!).

What I think I remember hearing from Tom is that Dave's main point, and the
main argument with Tom, was precisely allowing proxies to intercede on ===
checks, in which case you wouldn't even have that as a reliable indicator.

> Now plausible?


> /be

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20150120/eff6a177/attachment.html>

More information about the es-discuss mailing list