On this JS MDN page it says this:
JavaScript 1.8.1 note
Starting in JavaScript 1.8.1, setters are no longer called when setting properties in object and array initializers.
I just can't figure out what this is trying to tell me.
This code-snippet:
var o = {};
o.seven = 7;
and this code-snippet:
var o = { seven: 7 };
are normally equivalent; but if they're preceded by this code-snippet:
Object.prototype.__defineSetter__('seven', function(x) { alert(x); });
then only the former will alert 7
(because the setter is called by o.seven = 7
, but not by o = { seven: 7 }
), and only the latter will actually set o.seven
to 7
.
I think this refers to the issue of JSON hijacking. Have a look at
To repost my answer from this deleted question:
According to the specification, neither Array (EcmaScript 5.1 §11.1.4) nor Object literals (EcmaScript 5.1 §11.1.5) should be hijackable:
- They call "the standard built-in constructor with that name", not what you might have overwritten at
window.Array
orwindow.Object
- They use [[defineOwnProperty]], which does absolutely not take care of any setters on
Object.prototype
.
Nowadays, this should not be an issue any more in ES 5.1-compliant browsers.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With