Another de-facto insecurity we need to fix in ES5

David-Sarah Hopwood david-sarah at jacaranda.org
Fri Jun 19 11:34:19 PDT 2009


Mark S. Miller wrote:
> The ES3 and ES5 specs both specify the implicit [[Prototype]] property as
> something that is initialized once and then unchanged. All major browsers
> today but IE alias this to the name "__proto__" (as if that's a named
> property) and allow it to be mutated.

I support clarifying that setting Object.freeze prevents any further
mutation of all internal properties (it already prevents mutation of
__proto__, since that is a non-internal own-property). There's no reason
to treat [[Prototype]] or __proto__ as a special case.

-- 
David-Sarah Hopwood  ⚥  http://davidsarah.livejournal.com





More information about the es5-discuss mailing list