Loading ...
Sorry, an error occurred while loading the content.

171Re: [caplet] Re: ADsafe rules

Expand Messages
  • Mike Samuel
    Apr 5, 2008
    • 0 Attachment
      Function mutability can be a source of undefined behavior since the spec allows but doesn't require "joining" of functions that have the same body and scope chain, and mutations to one of a joined pair must be reflected on the other.

      JScript deviations section 3.7 says in
      function foo() {
        function bar() {}
        return bar;

      var f = foo();
      var g = bar();
      f.x = 1;
      g.x = 2;

      alert(f.x + g.x);  // could legally be either 3 or 4

      On 05/04/2008, Douglas Crockford <douglas@...> wrote:

      I want .get and .set to work without blacklists. They are intended to
      get and set data members in objects. So that is all they will allow.
      They will not get or set function values. They will not manipulate
      functions. JavaScript's functions are mutable objects. I think that
      was a mistake.

      Some of the member restrictions are motivated by obvious attacks
      (apply, call, eval, prototype, watch). Some are to prevent rights
      amplification even in cases where that does not lead to known exploits
      (callee, caller, constructor, unwatch). Some are because they make me
      nervous (valueOf).

    • Show all 13 messages in this topic