@@toStringTag spoofing for null and undefined

Mark S. Miller erights at google.com
Sat Jan 24 07:11:35 PST 2015

Of course it can, by tamper proofing (essentially, freezing)
Object.prototype. None of these protections are relevant anyway in an
environment in which the primordials are not locked down.

On Sat, Jan 24, 2015 at 6:11 AM, Gary Guo <nbdd0121 at hotmail.com> wrote:

> Now I have a tendency to support the suggestion that cuts the
> anti-spoofing part. If coder wants to make an object and pretend it's a
> built-in, let it be. The anti-spoofing algorithm could not prevent this
> case:
> ```
> Object.prototype.toString = function(){
>   return '[object I_Can_Be_Anything]';
> }
> ```
> _______________________________________________
> es-discuss mailing list
> es-discuss at mozilla.org
> https://mail.mozilla.org/listinfo/es-discuss

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20150124/4978e4ad/attachment.html>

More information about the es-discuss mailing list