Kevin Smith wrote:
OK - but we can't have it both ways. We can't allow |this| to give us
access to "private" data (regardless of the implementation) *and also*
allow that |this| may be an untrusted proxy. If |this| grants access
to private data, then it must be trustable. Anything else is
inherently risky.
Who said otherwise?
First, as Tom noted, |this| binding in JS is dynamic unless you opt out.
Second, private symbols need not leak. We have had several designs to
avoid leakage, and Tom' s advocating another that could work.
I know, you want to get rid of (defer, let's say) private symbols. But
no one is trying to have it "both ways". Everyone wants to avoid private
symbol leaks via proxies, in the face of dynamic |this| and other
hazards of JS not related to |this|.
/be
_______________________________________________
es-discuss mailing list
es-discuss@mozilla.org
https://mail.mozilla.org/listinfo/es-discuss