The text “__proto__” can break a webapp

By -
[This post is part of a series on the special property __proto__]


The text “__proto__” can still break webapps if it appears somewhere in the content, as I was reminded of today, via Domenic Denicola and Peter van der Zee.



The breakage



The following webapps are susceptible to “__proto__”-induced breakage:


  • The classic – Google Docs: For a while, if you typed in “__proto__” at the beginning of a document in Google Docs then it would hang.

  • Current – Twitter: If you click on @__proto__ in a tweet then the profile summary that comes up only has a title bar, but no content. You also get “slow script” dialogs in Firefox.
    You can try it out in this tweet.



Why?



__proto__ is a special property of JavaScript objects [1]. Therefore, if you use an object as a map from strings to values, you must not use the string "__proto__" as a key. That is one of several things that you have to watch out for when using objects this way [2].


__proto__ is only supported in some browsers, things only break if it is supported. Thus, Firefox exhibits these problems, but Internet Explorer 9 does not. However, __proto__ will become part of ECMAScript 6 [1] which means that all browsers will eventually support it.

References




  1. JavaScript: __proto__

  2. The pitfalls of using objects as maps in JavaScript


Comments

Post a Comment

Popular posts from this blog

Steve Lopez and the Importance of Newspapers

By -
Image
It has been one year since I cancelled my subscriptions to The New York Times and the Los Angeles Times . In that time, I continued to read both publications online. My assessment of this experiment is that reading newspapers and journalism online is vastly inferior to the hard copy thrown on my porch each morning. So I restarted my subscription to the Los Angeles Times and I have made it a point to buy The New York Times as often as I pass one of those coin boxes or my local news stand. The catalyst for this re-evaluation resulted from catching the film, The Soloist on cable last week. I liked the movie, although the scenes I found most interesting were the ones that showed columnist Steve Lopez at work. I realized the book was sitting in my “to-read” stack, so I pulled it and began reading. The book, as I expected, is better than the film. Lopez clearly addresses the revolution occurring in journalism, and worries about his future with the paper even as he researches and writes
Keep reading

A Treasure Hunt Without The Treasure

By -
Image
I have written previously on LocalSchoolDirectory.com about a former student of mine lost in community college hell. Such is the educational reality in America these days that one must wade through a lot of crap to get to a decent university and a desired program of study. This is the case for Elda , a student much too smart for her particular ring of Dante’s Inferno . However, she hasn’t allowed her woefully deficient education experience to damage her sharp sense of humor. Logging on the other night, I found her latest rant lodged in my inbox. A new semester brings yet more grievances from the land of allegedly higher education. She listed her most pressing pet peeves: “Expensive college textbooks that are assigned merely because the professor must assign a book or is too lazy to make his own multiple choice exams and thus, I must go buy a $200 book for a class I have already taken in high school.” “Taking a class I have already taken in high school because a 3 on the AP exam is n
Keep reading

Drop a ping-pong ball in the clown’s mouth

By -
Image
I've always looked upon Nigel Farage as an English amusement. He reminds me of rows of fair-ground clowns that amused me greatly as a child in Australia. The heads swivelled constantly to the left and the right, and the trick consisted of guessing the exact moment to drop your ping-pong ball down the clown's throat, so that it ended up falling into the right spot and winning something. Today, I don't think the prize would justify my efforts. On the other hand, the ping-pong ball might shut up Farage.
Keep reading