custom cross-realm brand checking

Jordan Harband ljharb at gmail.com
Mon Oct 1 23:48:10 UTC 2018


Function.prototype.toString wouldn't suffice as a verification - you could
reconstruct it with eval, in many cases - and refactoring the
implementation shouldn't force a change in the identity of a function.

On Mon, Oct 1, 2018 at 2:13 PM Richard Gibson <richard.gibson at gmail.com>
wrote:

> One of the topics discussed in the final breakouts of last week's TC39
> meeting was something like "self-hosted implementation of cross-realm
> internal slots". I facetiously joked about using the global symbol registry
> (which is shared across realms), but it was pointed out that such a
> mechanism would not be private.
>
> I've been thinking about it since, and I believe that the current surface
> area of the language is sufficient for this to be possible without
> introducing something like private symbols—specifically by using built-in
> functions whose identity (regardless of originating realm) is verified with
> Function.prototype.toString.
>
> There's a demonstration of using this technique to build custom
> brand-sharing classes of the sort that could trust each other across
> realms, and I'd love to get some feedback on it:
> https://jsbin.com/vujehanosu . If this actually is as robust as it seems
> to be, then it can also be a foundation for cross-realm access to custom
> analogs of internal slots.
> _______________________________________________
> es-discuss mailing list
> es-discuss at mozilla.org
> https://mail.mozilla.org/listinfo/es-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20181001/9cc4de5a/attachment.html>


More information about the es-discuss mailing list