In javascript, it's possible to "override" properties or methods of Object.prototype. For example:
Object.prototype.toString = function(){
return "some string";
};
It can break an entire application if not used carefully. Are there any tools, techniques or approaches to avoid this (for example, some kind of 'strict mode' that doesn't allow the developer to override properties of Object)?
In javascript, it's possible to "override" properties or methods of Object.prototype. For example:
Object.prototype.toString = function(){
return "some string";
};
It can break an entire application if not used carefully. Are there any tools, techniques or approaches to avoid this (for example, some kind of 'strict mode' that doesn't allow the developer to override properties of Object)?
Share Improve this question edited Aug 11, 2017 at 5:48 thiagowfx 5,8387 gold badges43 silver badges59 bronze badges asked Jul 22, 2017 at 17:15 Eduardo MeloEduardo Melo 5191 gold badge6 silver badges20 bronze badges 5- 5 Just don't do it and don't take in any libraries that do? – Paul Commented Jul 22, 2017 at 17:17
-
3
Object.freeze(Object.prototype)will help, but again.. don't know how much pollution it will create – Koushik Chatterjee Commented Jul 22, 2017 at 17:21 - 3 A good read for anyone that lands on this question: esdiscuss/topic/object-freeze-object-prototype-vs-reality – Ray Toal Commented Jul 22, 2017 at 17:28
- @RayToal: Fantastic link, I've added it to the CW answer below. – T.J. Crowder Commented Jul 22, 2017 at 17:30
- See here on how to do this carefully and not break applications – Bergi Commented Jul 22, 2017 at 18:01
1 Answer
Reset to default 7Object.freeze(YourConstructor.prototype) can help protect your constructor's associated prototype object from being mucked with. From MDN:
The
Object.freeze()method freezes an object: that is, prevents new properties from being added to it; prevents existing properties from being removed; and prevents existing properties, or their enumerability, configurability, or writability, from being changed, it also prevents the prototype from being changed.
It works on the object itself, rather than making a copy that's frozen. It returns the same reference you pass it.
It's best to leave built-in prototypes alone, so using it on Object.prototype and such may not be a great idea. :-) Certainly you'd need to do a lot of testing if you did... See this thread on the es-discuss mailing list for relevant, useful info.