[Bug 23534] freeze/seal/preventExtensions should throw for Nodes (and maybe any WebIDL interface)

# bugzilla at jessica.w3.org (3 years ago)

www.w3.org/Bugs/Public/show_bug.cgi?id=23534

--- Comment #1 from Anne annevk@annevk.nl ---

Domenic suggested an alternative: if changing the prototype throws because the object is extension-prevented, we could just bubble that exception from adopt.

Contact us to advertise here
# bugzilla at jessica.w3.org (3 years ago)

www.w3.org/Bugs/Public/show_bug.cgi?id=23534

--- Comment #2 from Bobby Holley (:bholley) bobbyholley@gmail.com --- (In reply to Anne from comment #1)

Domenic suggested an alternative: if changing the prototype throws because the object is extension-prevented, we could just bubble that exception from adopt.

This could work. However, I'm generally uneasy about it.

There are various places in internal Gecko algorithms where we need to munge the prototype - node reparenting, document.open, plugins, XBL, window navigation, etc. A lot of this is really delicate and sensitive code, and we can't afford to fail once we start. In the reparenting code, for example, we just crash if we encounter a failure partway through. We can't let script trigger that at will.

Theoretically, we could spec all the cases where this needs to happen, and carefully check this state before we get ourselves into one of those tights spots. But that's a pain, and a lot of effort to get right.

As an implementor, I'd prefer to spec that this stuff just throws. This doesn't prevent someone from writing a DOM.js implementation that does something different in that case, because the web is very unlikely to start depending on things throwing. If that DOM.js implementation is viable modulo issues like this one, I'm totally happy to respec to allow this kind of stuff. But I'm not really wild about putting in engineering effort widening attack surface for unproven gains.

# bugzilla at jessica.w3.org (6 hours ago)

www.w3.org/Bugs/Public/show_bug.cgi?id=23534

--- Comment #3 from Anne annevk@annevk.nl ---

Duplicate of bug 26490 I think?

# bugzilla at jessica.w3.org (3 hours ago)

www.w3.org/Bugs/Public/show_bug.cgi?id=23534

--- Comment #4 from Boris Zbarsky bzbarsky@mit.edu ---

Not at all. Bug 26490 is about the spec mechanism we use to prevent sealing/freezing for the objects we prevent it for. This bug is about what objects we should prevent it for.

# bugzilla at jessica.w3.org (3 hours ago)

www.w3.org/Bugs/Public/show_bug.cgi?id=23534

--- Comment #5 from Anne annevk@annevk.nl ---

Oh, that's still not decided upon? I thought we basically just disabled this for all platform objects...

# bugzilla at jessica.w3.org (3 hours ago)

www.w3.org/Bugs/Public/show_bug.cgi?id=23534

--- Comment #6 from Boris Zbarsky bzbarsky@mit.edu ---

No, not at all. Whyever would we do that?

Want more features?

Request early access to our private beta of readable email premium.