Do you know of any examples of any libraries or frameworks that rely on being able to call `toString()` on a function and do something based on its code? Examples: dependency injection, re-compiling functions, etc. TC39 is considering a `toString()` censorship feature.
That’s not a very strong argument; bad actors can already do this today using Function#bind.
-
-
Is the intention just to hide the implementation? If so, then as long as we don't make it look identical to built in methods, that should be sufficient to detect hijacking.
-
bound methods already look identical to builtin methods (“native code” and all), so there hasn’t been a reliable means of detecting that since ES5.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
JavaScript, HTML, CSS, HTTP, performance, security, Bash, Unicode, i18n, macOS.