Notes from the 2nd Meeting on Secure ECMAScript November 18, 2008
SHEET ONE Valija String.prototype.foo = function () { return this; }; ... ... "zip".foo() ... ... "zip".foo.call("zip") ... Cajita function re() { "use strict,cajita"; [strike]return zip.foo(); } SHEET TWO foo.addListener(listener) this.myObserver = listener; function somethingElse() { this.myObserver(...); (true && this).myObserver(...); this.myObserver.call(this, ...); a.sort(); SHEET THREE [Valija, MS Web Sandbox] [ADsafe, Dojo.Secure, Cajita, Jacaranda] SHEET FOUR ADS APPS MASHUPS No overt channels Primordial Objects Frozen use lexical scope eval - .constructor - .prototype immutable functions this limitation Object limitation SHEET FIVE var tab = new WeakKeyTable() tab.set(k, v) tab.set(k) obj[n] vs n.get(obj) obj[n] = v vs n.set(obj, v) _______________________________________________ Es-discuss mailing list Es-discuss@mozilla.org https://mail.mozilla.org/listinfo/es-discuss