Controlling access to global variables via an ES6 proxy

By -

The following function evalCode() traces the global variables that are accessed while evaluating a piece of JavaScript code.




    // Simple solution
    const _glob = typeof global !== 'undefined' ? global : self;
    
    function evalCode(code) {
        const func = new Function ('proxy',
            `with (proxy) {${code}}`); // (A)
        const proxy = new Proxy(_glob, {
            get(target, propKey, receiver) {
                console.log(`GET ${String(propKey)}`); // (B)
                return Reflect.get(target, propKey, receiver);
            },
            set(target, propKey, value, receiver) { // (C)
                console.log(`SET ${String(propKey)}=${value}`);
                return Reflect.set(target, propKey, value, receiver);
            },
        });
        return func(proxy);
    }

The way this works is as follows:



  • The with statement wrapped around the code (line A) means that every variable access that “leaves” the scope of the code becomes a property access of proxy.

  • The proxy observes what properties are accessed via its handler, which traps the operations “get” (line B) and “set” (line C),


Unsing evalCode():



    > evalCode('String.prototype')
    GET Symbol(Symbol.unscopables)
    GET String
    undefined
    > evalCode('String = 123')
    GET Symbol(Symbol.unscopables)
    SET String=123
    undefined

Explanations:



  • We don’t return what code does, which is why the result is undefined.

  • Symbol.unscopables shows up, because with checks its operand for a property with this key to determine which properties it should not expose as variables to its body. This mechanism is explained in “Exploring ES6”.


This is very hacky! with is a deprecated sloppy mode feature that is used in conjunction with a brand new ES6 feature.


Source of this hack: Vue.js, explained by qgustavor on reddit.


Further reading



Comments

Post a Comment

Popular posts from this blog

Steve Lopez and the Importance of Newspapers

By -
Image
It has been one year since I cancelled my subscriptions to The New York Times and the Los Angeles Times . In that time, I continued to read both publications online. My assessment of this experiment is that reading newspapers and journalism online is vastly inferior to the hard copy thrown on my porch each morning. So I restarted my subscription to the Los Angeles Times and I have made it a point to buy The New York Times as often as I pass one of those coin boxes or my local news stand. The catalyst for this re-evaluation resulted from catching the film, The Soloist on cable last week. I liked the movie, although the scenes I found most interesting were the ones that showed columnist Steve Lopez at work. I realized the book was sitting in my “to-read” stack, so I pulled it and began reading. The book, as I expected, is better than the film. Lopez clearly addresses the revolution occurring in journalism, and worries about his future with the paper even as he researches and writes
Keep reading

A Treasure Hunt Without The Treasure

By -
Image
I have written previously on LocalSchoolDirectory.com about a former student of mine lost in community college hell. Such is the educational reality in America these days that one must wade through a lot of crap to get to a decent university and a desired program of study. This is the case for Elda , a student much too smart for her particular ring of Dante’s Inferno . However, she hasn’t allowed her woefully deficient education experience to damage her sharp sense of humor. Logging on the other night, I found her latest rant lodged in my inbox. A new semester brings yet more grievances from the land of allegedly higher education. She listed her most pressing pet peeves: “Expensive college textbooks that are assigned merely because the professor must assign a book or is too lazy to make his own multiple choice exams and thus, I must go buy a $200 book for a class I have already taken in high school.” “Taking a class I have already taken in high school because a 3 on the AP exam is n
Keep reading

Drop a ping-pong ball in the clown’s mouth

By -
Image
I've always looked upon Nigel Farage as an English amusement. He reminds me of rows of fair-ground clowns that amused me greatly as a child in Australia. The heads swivelled constantly to the left and the right, and the trick consisted of guessing the exact moment to drop your ping-pong ball down the clown's throat, so that it ended up falling into the right spot and winning something. Today, I don't think the prize would justify my efforts. On the other hand, the ping-pong ball might shut up Farage.
Keep reading