@@toStringTag spoofing for null and undefined
Mark S. Miller
erights at google.com
Sat Jan 24 07:11:35 PST 2015
Of course it can, by tamper proofing (essentially, freezing)
Object.prototype. None of these protections are relevant anyway in an
environment in which the primordials are not locked down.
On Sat, Jan 24, 2015 at 6:11 AM, Gary Guo <nbdd0121 at hotmail.com> wrote:
> Now I have a tendency to support the suggestion that cuts the
> anti-spoofing part. If coder wants to make an object and pretend it's a
> built-in, let it be. The anti-spoofing algorithm could not prevent this
> case:
> ```
> Object.prototype.toString = function(){
> return '[object I_Can_Be_Anything]';
> }
> ```
>
> _______________________________________________
> es-discuss mailing list
> es-discuss at mozilla.org
> https://mail.mozilla.org/listinfo/es-discuss
>
>
--
Cheers,
--MarkM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20150124/4978e4ad/attachment.html>
More information about the es-discuss
mailing list