2011/12/19 Herby Vojčík <he...@mailbox.sk> > Hello, > > I see error here. Unless I misunderstood something, in present state it so > that: > > var n = Name(); > proxy[n] // triggers handler.get(target, n.public); > > proxy[n.public] // triggers handler.get(target, ToString(n.public)); > > and n.public is object, not string. So get handler can easily discriminate > between string and public object. Yes I can forge it with {toString: > function() { return "foo"; }}, but you can simply check n.public === name > to see if the right public for the name was supplied (and if you don't know > n, do not meddle with its affairs, it's none of your business), so I see no > need for special trap, reasonably coded get cannot be fooled by calling > proxy[n.public]. >
Two points: 1) I was under the impression that in the present proposal, what is passed to the "get" trap is really ToString(name.public), not the name.public object. The proposal is vague in this regard, but I'm pretty sure Sam and Dave did not intend to widen the type of the "name" parameter of the "get" trap from String to Object. Sam, Dave, can you clarify? 2) Even if name.public would not be stringified, if both normal and private name property access would go through the "get" trap, it would still be the responsibility of the "get" trap to properly forward private names. If this is the case, a very common bug with proxies will be that the "get" trap will mistakenly turn private name access into normal property access of the wrong property name. What my proposal boils down to is to consider obj[privateName] and obj[string] as two separate operations, with their own traps. This allows us to get the default behavior for private names right (forward as target[privateName], not as target[privateName.public]). > As for: > > > private name property get/set could bypass the proxy entirely and be > forwarded unconditionally to the target, just like |typeof|, > |Object.getPrototypeOf| and [[Class]]. > > please look at "Forward proxies with private names" thread. There I > propose something in this line, but less strict and more powerful while > still secure. > Yes, I just read your proposal (sorry for missing it earlier). Calling the trap and catching a special exception is something that we have avoided in the proxy design thus far. One possibility is to have the "getPrivate" trap return a boolean. If the trap returns false, the proxy will forward the private name access. This would allow the getPrivate trap to check whether the "public" argument corresponds to one of its own private names. If not, it just returns false (no throwing exceptions or calling special Proxy.getDefault methods needed). Cheers, Tom > Herby > > > -----Pôvodná správa----- From: Tom Van Cutsem > Sent: Monday, December 19, 2011 11:03 AM > To: David Bruant > Cc: Brendan Eich ; es-discuss > > Subject: Re: Are Private name and Weak Map the same feature? and the Assoc > API > > ... > >
_______________________________________________ es-discuss mailing list es-discuss@mozilla.org https://mail.mozilla.org/listinfo/es-discuss