@@toStringTag spoofing for null and undefined
Mark S. Miller
erights at google.com
Tue Jan 20 15:01:40 PST 2015
On Tue, Jan 20, 2015 at 2:36 PM, Brendan Eich <brendan at mozilla.org> wrote:
> Mark S. Miller wrote:
>> IIRC David Ungar's question to Tom was "why not enable proxies to
>> mega-program every base-level operation in the language?" I took
>> this to mean nothing like a nominal type check could evade
>> proxying, in David's vision. Is this plausible in your view?
>> No it is not. It destroys the whole point of branding if passing a brand
>> check guarantees nothing.
> The counter-argument I inferred from the Q&A (this was in 2011, IIRC you
> were there too ;-)
I was not there, but I talked to Tom soon afterward. CC'ing Dave and Tom,
who's memory of their conversation may also be informative ;)
> would answer in two parts:
> 1. Needless-nominal type tests should be replaced by structural-type tests.
> 2. Any remaining brand or trademark test can use object identity or
> equivalent unforgeable capability.
> (2) can't be meta-programmed to spoof identity. But it doesn't leave
> anything like nominal types as found in many languages lying around as an
> attractive nuisance (and how, in Java!).
What I think I remember hearing from Tom is that Dave's main point, and the
main argument with Tom, was precisely allowing proxies to intercede on ===
checks, in which case you wouldn't even have that as a reliable indicator.
> Now plausible?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the es-discuss