Controlling access to global variables via an ES6 proxy

By -

The following function evalCode() traces the global variables that are accessed while evaluating a piece of JavaScript code.




    // Simple solution
    const _glob = typeof global !== 'undefined' ? global : self;
    
    function evalCode(code) {
        const func = new Function ('proxy',
            `with (proxy) {${code}}`); // (A)
        const proxy = new Proxy(_glob, {
            get(target, propKey, receiver) {
                console.log(`GET ${String(propKey)}`); // (B)
                return Reflect.get(target, propKey, receiver);
            },
            set(target, propKey, value, receiver) { // (C)
                console.log(`SET ${String(propKey)}=${value}`);
                return Reflect.set(target, propKey, value, receiver);
            },
        });
        return func(proxy);
    }

The way this works is as follows:



  • The with statement wrapped around the code (line A) means that every variable access that “leaves” the scope of the code becomes a property access of proxy.

  • The proxy observes what properties are accessed via its handler, which traps the operations “get” (line B) and “set” (line C),


Unsing evalCode():



    > evalCode('String.prototype')
    GET Symbol(Symbol.unscopables)
    GET String
    undefined
    > evalCode('String = 123')
    GET Symbol(Symbol.unscopables)
    SET String=123
    undefined

Explanations:



  • We don’t return what code does, which is why the result is undefined.

  • Symbol.unscopables shows up, because with checks its operand for a property with this key to determine which properties it should not expose as variables to its body. This mechanism is explained in “Exploring ES6”.


This is very hacky! with is a deprecated sloppy mode feature that is used in conjunction with a brand new ES6 feature.


Source of this hack: Vue.js, explained by qgustavor on reddit.


Further reading



Comments

Post a Comment

Popular posts from this blog

Steve Lopez and the Importance of Newspapers

By -
Image
It has been one year since I cancelled my subscriptions to The New York Times and the Los Angeles Times . In that time, I continued to read both publications online. My assessment of this experiment is that reading newspapers and journalism online is vastly inferior to the hard copy thrown on my porch each morning. So I restarted my subscription to the Los Angeles Times and I have made it a point to buy The New York Times as often as I pass one of those coin boxes or my local news stand. The catalyst for this re-evaluation resulted from catching the film, The Soloist on cable last week. I liked the movie, although the scenes I found most interesting were the ones that showed columnist Steve Lopez at work. I realized the book was sitting in my “to-read” stack, so I pulled it and began reading. The book, as I expected, is better than the film. Lopez clearly addresses the revolution occurring in journalism, and worries about his future with the paper even as he researches and writes
Keep reading

What is the true nature of lions and hyenas?

By -
Image
Kevin Richardson is a South African zookeeper who has been accepted into several clans of spotted hyenas and prides of lions. His years-long relationship with these animals illustrates a different side of them: they can be affectionate and cuddly. Given how many atrocities humans commit to get their food, you have to wonder what one should consider the “true nature” of lions and hyenas. More information: A 15 minute documentary with Kevin Richardson shows him cuddling lions and hyenas. He also tells stories about their personalities and mentions interesting facts such as hyenas being matriarchal. Lions may be extinct within 20 years. At Richardson’s website you can volunteer and donate to help protect them and other African wildlife. Richardson has founded a wildlife sanctuary whose goal it is to “minimize the number of large carnivores being kept in captivity and to highlight the direct link between the cub petting industry and the ‘canned’ hunting industry, by educating
Keep reading

A Treasure Hunt Without The Treasure

By -
Image
I have written previously on LocalSchoolDirectory.com about a former student of mine lost in community college hell. Such is the educational reality in America these days that one must wade through a lot of crap to get to a decent university and a desired program of study. This is the case for Elda , a student much too smart for her particular ring of Dante’s Inferno . However, she hasn’t allowed her woefully deficient education experience to damage her sharp sense of humor. Logging on the other night, I found her latest rant lodged in my inbox. A new semester brings yet more grievances from the land of allegedly higher education. She listed her most pressing pet peeves: “Expensive college textbooks that are assigned merely because the professor must assign a book or is too lazy to make his own multiple choice exams and thus, I must go buy a $200 book for a class I have already taken in high school.” “Taking a class I have already taken in high school because a 3 on the AP exam is n
Keep reading