In Firefox, it is possible to detect if an object is a proxy. I think this is not what we want (maybe cc @markm ?)
I think we should forbid engines to leak if an object is a proxy or not in any manner (e.g. Error message)
In Firefox, it is possible to detect if an object is a proxy. I think this is not what we want (maybe cc @markm ?)
I think we should forbid engines to leak if an object is a proxy or not in any manner (e.g. Error message)
It’s always possible to detect if a proxy around “a builtin with internal slots” is a proxy. Proxy isn’t meant to be used by itself, it’s meant to be used as part of a membranes implementation.
Internal slots (like private fields, and identity) don’t tunnel through proxies, and that is very much by design.
Thanks for forwarding my screenshot here. Just created an account to track the post.
In addition to String
, .prototype.valueOf
method of other native objects (such as Number
and Date
) works as well.
What I want is: the engine just reports "incompatible receiver" without revealing their brand.
The exception reveals the brand, because the user knows which prototype method they .called on it. The contents of the message are both never specified by ECMAScript, and are also not relevant to the information being exposed.