Re: [[Call]] behaviour of operations from Mark S. Miller on 2011-08-22 (public-script-coord@w3.org from July to September 2011)

From: Mark S. Miller <erights@google.com>
Date: Sun, 21 Aug 2011 17:49:51 -0700
To: Cameron McCormack <cam@mcc.id.au>
Cc: Geoffrey Sneddon <gsneddon@opera.com>, public-script-coord@w3.org
Message-ID: <CABHxS9gLns-MyMyUcrAGnH1wNUJP1kDfACy6VGOp7dN7xiDJQA@mail.gmail.com>

This approach risks destroying all the progress ES5.1/strict made over ES3
in preventing global object leakage. The window is a singleton. Any method
of window that actually needs access to its window when invoked as a
function should just lexically capture it. If "alert('foo')" is supposed to
do the same thing as "window.alert('foo')", "window.alert.call(window,
'foo')" and "window.alert.call(undefined, 'foo')", then it should do the
same thing as "window.alert.call(otherWindow, 'foo')". If alert does not
depend on its this-binding at all, then all these will simply be equivalent.

Or is it your intention that "window.alert.call(otherWindow, 'foo')" not be
equivalent to "alert('foo')" ?

On Sun, Aug 21, 2011 at 4:19 PM, Cameron McCormack <cam@mcc.id.au> wrote:

> Hi Geoffrey.
>
> Thanks for your comment.
>
>
> On 18/07/11 9:17 AM, Geoffrey Sneddon wrote:
>
>> I can't find any definition of [[Call]] for operation functions. If it
>> is intended to use the built-in definition, this should be specified,
>> though this leads to a problem with the reference to 10.4.3 which checks
>> whether the function is strict code or not (per ES5.1 host functions
>> have no concept of strictness).
>>
>> At the moment, if the behaviour definition is used as [[Call]], then
>> calls such as "alert('foo')" don't work, as the this value is undefined
>> (and therefore ToObject will throw).
>>
>
> I have added an extended attribute [ImplicitThis] which is to be used on
> the Window interface.  This causes the Function objects for operations on
> the interface to use the global object as the this value even if null or
> undefined is passed in from strict mode code.  This is done in a new
> definition for [[Call]] for Function objects in #es-operations.
>
> The new [[Call]] delegates to the default [[Call]].  I don't think there's
> a problem with there being no concept of strictness for host functions --
> they just won't be strict.
>
> http://dev.w3.org/cvsweb/2006/**webapi/WebIDL/Overview.html.**
> diff?r1=1.347;r2=1.348;f=h<http://dev.w3.org/cvsweb/2006/webapi/WebIDL/Overview.html.diff?r1=1.347;r2=1.348;f=h>
>
> Can you please indicate whether the above resolution is acceptable for the
> Disposition of Comments document I'll have to prepare.
>
> Thanks,
>
> Cameron
>
>

-- 
    Cheers,
    --MarkM

Received on Monday, 22 August 2011 00:50:18 UTC