@@toStringTag spoofing for null and undefined

Mark S. Miller erights at google.com
Tue Jan 20 16:30:04 PST 2015


[Argh. Should have resent before reply. Better late than...]


On Tue, Jan 20, 2015 at 3:22 PM, David Ungar <ungar at mac.com> wrote:

> Yes, Self does have an unspoofable one, but at reflective level, not base.
>
>
> In JS syntax:
>
> reflect(setA) == reflect(setB)  is an unspoofable identity test. In other
> words, equality of mirrors is identity of reflectees.
>
> - David
>
>
> > On Jan 20, 2015, at 3:13 PM, Brendan Eich <brendan at mozilla.org> wrote:
> >
> > Mark S. Miller wrote:
> >>
> >>
> >>    (2) can't be meta-programmed to spoof identity. But it doesn't
> >>    leave anything like nominal types as found in many languages lying
> >>    around as an attractive nuisance (and how, in Java!).
> >>
> >>
> >> What I think I remember hearing from Tom is that Dave's main point, and
> the main argument with Tom, was precisely allowing proxies to intercede on
> === checks, in which case you wouldn't even have that as a reliable
> indicator.
> >
> > Hmm, maybe -- but does Self have a reference-identity
> equivalence-relation operator that can't be spoofed? Might help to ask
> David, but to abstract from that particular SPLASH 2011 Q&A, obviously we
> won't be enabling such fakery in JS.
> >
> > /be
>
>


-- 
    Cheers,
    --MarkM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20150120/5aab6f14/attachment.html>


More information about the es-discuss mailing list