On Wed, Sep 28, 2011 at 1:10 AM, Lasse Reichstein <
reichsteinatw...@gmail.com> wrote:
>
>
> On Tue, Sep 27, 2011 at 8:14 PM, Xavier MONTILLET <xavierm02....@gmail.com
> > wrote:
>
>> Btw, they're speaking of adding an new proto operator <| that could be
>> used with an object before and a litteral after and it would set the
>> litteral's prototype to the object.
>> The problem with __proto__ is performance so <| will only work at
>> object creation. You can't change the prototype of an existing object
>> (or maybe it creates another object).
>>
>
> It's not just performance. It's also a good for making security problems.
>
> In Safari 5.1, I can do the following:
> var o = Object.create(null);
> Object.preventExtensions(o);
> // o should now have no properties and shouldn't be able to get them.
> o.__proto__ = {x:42};
> alert(o.x); // alerts 42, whoops.
> Other implementations have stopped modification of __proto__ on
> unextensible objects, not sure if WebKit nightly has.
>
This is fixed in WebKit nightly and in the development tip of all major
browsers. Without this fix, initSES <http://code.google.com/p/es-lab/> --
Secure EcmaScript as built on ES5 -- would indeed be unsafe.
>
> Think of the possibilities if changing the prototype of Object.prototype to
> a proxy. All new properties of all objects will go through the proxy.
>
> Changing the prototype of an object after it has been created is tricky,
> and not just because of performance (you have to expect the properties of
> prototypes to change anyway).
>
> /L
>
>
>
>> On Tue, Sep 27, 2011 at 8:09 PM, Nick Morgan <skilldr...@gmail.com>
>> wrote:
>> > On 27 September 2011 17:25, Lasse Reichstein <
>> reichsteinatw...@gmail.com> wrote:
>> >
>> >> Also, when doing pure object-based design, you have to keep your
>> categories
>> >> clear. Your Human and Man objects are clearly prototype objects, not
>> >> instance objects. They are meant to be inherited, not used directly.
>> The
>> >> object you create with Object.create(Man) is an instance object
>> representing
>> >> a single man. There is nothing distinguishing them in the code,
>> >> though. Constructor functions holding prototype objects does that for
>> you.
>> >> /L
>> >
>> > I don't understand what you're saying here. You'd only use
>> > Object.create to create instances based on other instances, not on
>> > constructor functions. So you don't need to keep categories clear -
>> > everything is an object, there are no constructor functions. Or am I
>> > missing something?
>> > --
>> > Nick Morgan
>> > http://skilldrick.co.uk
>> > @skilldrick
>> >
>> > Save our in-boxes! http://emailcharter.org
>> >
>> > --
>> > To view archived discussions from the original JSMentors Mailman list:
>> http://www.mail-archive.com/jsmentors@jsmentors.com/
>> >
>> > To search via a non-Google archive, visit here:
>> http://www.mail-archive.com/jsmentors@googlegroups.com/
>> >
>> > To unsubscribe from this group, send email to
>> > jsmentors+unsubscr...@googlegroups.com
>> >
>>
>> --
>> To view archived discussions from the original JSMentors Mailman list:
>> http://www.mail-archive.com/jsmentors@jsmentors.com/
>>
>> To search via a non-Google archive, visit here:
>> http://www.mail-archive.com/jsmentors@googlegroups.com/
>>
>> To unsubscribe from this group, send email to
>> jsmentors+unsubscr...@googlegroups.com
>>
>
> --
> To view archived discussions from the original JSMentors Mailman list:
> http://www.mail-archive.com/jsmentors@jsmentors.com/
>
> To search via a non-Google archive, visit here:
> http://www.mail-archive.com/jsmentors@googlegroups.com/
>
> To unsubscribe from this group, send email to
> jsmentors+unsubscr...@googlegroups.com
>
--
Cheers,
--MarkM
--
To view archived discussions from the original JSMentors Mailman list:
http://www.mail-archive.com/jsmentors@jsmentors.com/
To search via a non-Google archive, visit here:
http://www.mail-archive.com/jsmentors@googlegroups.com/
To unsubscribe from this group, send email to
jsmentors+unsubscr...@googlegroups.com
