admin管理员组文章数量:1287776
In this video (approx. 31 minutes in), Crockford says they (speaking on behalf of the ECMAScript mittee) remend not using Object.getPrototypeOf. His explanation was that it wasn't really meant for the average developer but was meant for things like Caja, which may remove it from Object to prevent you from accessing it.
Crockford can sometimes be pretty opinionated in his views on how JS should be used (can't we all?), so I'm wondering if this is really the full remendation of the ES mittee or if it's just one of Crockford's personal opinions. Has anyone read any official statement warning against using Object.getPrototypeOf? It really sounds like a bummer to me :(, but I don't see any information on the MDN page warning against its use, and I would expect a notice to be there if it really was that bad of an idea.
In this video (approx. 31 minutes in), Crockford says they (speaking on behalf of the ECMAScript mittee) remend not using Object.getPrototypeOf. His explanation was that it wasn't really meant for the average developer but was meant for things like Caja, which may remove it from Object to prevent you from accessing it.
Crockford can sometimes be pretty opinionated in his views on how JS should be used (can't we all?), so I'm wondering if this is really the full remendation of the ES mittee or if it's just one of Crockford's personal opinions. Has anyone read any official statement warning against using Object.getPrototypeOf? It really sounds like a bummer to me :(, but I don't see any information on the MDN page warning against its use, and I would expect a notice to be there if it really was that bad of an idea.
-
1
I haven't got time to write a full answer just now, but a couple of things I've found: 1.
__proto__is not obviously a huge security issue, but Brendan Eich was against adding it because it's non-standard and exposes an unnecessary attack surface (Mario Heiderich expands a little upon the security implications in his doctoral thesis); and 2. Douglas first made this claim in definitive terms back in 2008. – Jordan Gray Commented Oct 4, 2012 at 14:27 - This question is argumentative and will mainly provide opinionated answers. There's not right/wrong here. Although valid concerns but I should be formulated differently. – Robert Koritnik Commented Oct 23, 2012 at 13:34
1 Answer
Reset to default 15 +450His reasoning there is incredibly poor. It (and Object.getOwnPropertyNames) were not simply added for the use of Caja and similar. Nor does Caja simply delete them! Caja intercepts Object.getOwnPropertyNames in order to implement WeakMap (which my shim does as well) and as far as I can tell it doesn't modify getPrototypeOf. In reality it would be pointless to anyway because Object.getPrototypeOf(o) is the same thing as o.__proto__ which is implemented in every browser aside from IE and can't (currently) be turned off. That means the only browsers that removing Object.getPrototypeOf from would have any effect on are IE9 and IE10.
The reason I figured he'd give is that some of those functions are mostly intended for use by "library author" type usages. This is something monly believed/said by people involved with the specification process and I believe it is a legitimate claim; property descriptors/attributes and other "meta" level API's are more advanced features that can be cumbersome to use and generally require more plete language mastery to use correctly. However, this still wouldn't amount to a blanket remendation of "don't use them". This more accurate claim wasn't even the argument he made, though.
One extra note about the video, in which he made a incorrect statement. He said property attributes (enumerable, configurable, writable) were unchangeable once set. This is incorrect. These can be changed so long as configurable is true. Once it is set to false the attributes bee frozen (nor is the property deletable).
Edit: After having done research, I found some of the original discussions regarding this feature and the other Object functions. The summary as I understand it follows.
There was concern about the security implications of being able to access the [[Prototype]] of an object. However, these concerns were more fully and appropriately addressed via things like Object.freeze, and is also partly addressed (and a reason) that these functions live on Object as static functions (deletable in one location) instead of on Object.prototype or magically on every object like proto historically has been.
Another concern raised was of breaking encapsulation
It's true that proto or getPrototypeOf breaks an object's encapsulation barrier and reveals implementation details that perhaps were intended to be hidden. The same could be said about the proposed getProperty function which, among other things, gives an observer access to the functions that implement a getter/setter property. In general, that's the nature of reflection. -Allen Wirfs-Brock
One concern raised from the implementation end was about exposing implementation details (mostly a concern stemming from how the DOM works which has since been addressed by changes to the DOM's use of multiple inheritance and the transition to WebIDL).
On the other hand, providing reflective access to an object's prototype is harmful to patibility because it prevents implementations from introducing intermediate prototypes without breaking the web. Consider the example of having just Numbers and later patibly introducing more specific subkinds of Numbers. -Waldemar Horwat
This concern is also related to another one mentioned on the script coordination mailing list about internal hidden prototypes being the same cross-frame. This issue is also historical as of ES5 (and IE8) where it was decided and implemented that each frame must instantiate its own set of DOM prototypes. Thus hiding of prototypes for this reason was no longer relevant by the time ES5 was formally published.
The consensus I see doesn't follow Crockford's explanation. Mostly it seems to just be the restatement of his own opinion.
In summary, not providing reflective access to an object's prototype doesn't really provide any real security, it just makes some useful tasks less convenient. -Allen Wirfs-Brock
I agree with you here in general, and it's good to hear that reflection is not the enemy of "real security". -Brendan Eich
The starting point for this is Proposed ECMAScript 3.1 Static Object Functions: Use Cases and Rationale (written by Crockford and others on TC39). The followup to that, where I draw quotations from, is this es-discuss thread. Specifically this post and this post.
本文标签: javascriptDon39t use getPrototypeOfStack Overflow
版权声明:本文标题:javascript - Don't use getPrototypeOf? - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1741313579a2371786.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论