Hi gaz,
Thanks so much for your time.
Much care has been taking with this proposal to ensure that it is
neutral with respect to the existing JS Object/Security model.
As I understand it, the core vulnerability with JSON hacking is the
ability to define getters on the Object prototype. Object.observe()
does not affect that ability.
In order to be notified of changes to an object, you need a reference
to it first. E.g.
Object.observe(Object.prototype, function doBadThings() { .. });
But if you were able to do this, you could have just as easily gone
ahead and done bad things directly to the Object.prototype.
Object.observe() doesn't increase your access.
If there is something I'm missing, perhaps you can provide a code
example of how the attack would work.
On Fri, Aug 17, 2012 at 2:50 AM, gaz Heyes <gazhe...@gmail.com> wrote:
> Hi Rafael
>
> Would this proposal work on the Object prototype? If so then it could be
> used for JSON hijacking. I'd recommend it didn't.
>
> Cheers
>
> Gareth
_______________________________________________
es-discuss mailing list
es-discuss@mozilla.org
https://mail.mozilla.org/listinfo/es-discuss
