英文:
How to reset prototypes of JavaScript primitives
问题
很多时候,我编写的JavaScript与其他脚本一起运行,或者可能包含其他脚本。有时这些脚本可能已经修改了我在代码中可能使用的原始对象的原型。
有没有办法可以在JavaScript中声明我的原始数据类型,以便如果已经被修改,它会重置原型?或者可以使我的脚本在一个单独的作用域中运行,其中原始对象的原型没有被修改?
// 恶意脚本代码修改原型上的原始对象
Boolean.prototype.toString = function() {
return true;
}
let flag = false;
console.log(flag.toString());
// 我期望打印出false,但因为原始对象的原型被覆盖,
// 原始值会被包装在Boolean对象中,
// 并调用修改后的toString方法,输出true。
有没有办法确保我的代码在单独的作用域中运行,或者有没有办法声明我的变量或重置原型以避免这些类型的问题?
英文:
A lot of the time, I write JavaScript that runs with other scripts or that may contain other scripts. Sometimes these scripts might have changed the prototypes for the primitive objects that I might be using in my code.
Is there a way I can declare my primitive datatypes in JavaScript so that it will reset the prototype if it has been modified? Or so that my scripts would run in a separate scope where the prototype of the primitive is not modified?
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-js -->
// evil script code modify primative on prototype
Boolean.prototype.toString = function() {
return true;
}
let flag = false;
console.log(flag.toString());
// I would expect false to be printed, but because the prototype of the primative if overridden
// the primative value would be wrapped with the Boolean object
// and call the modified toString method and would output true.
<!-- end snippet -->
Is there any way I can make sure my code is running in a separate scope, or any way I can declare my variables or reset the prototypes to avoid these types of issues?
答案1
得分: 2
你可以冻结全局对象的原型,但需要先运行你的脚本。这将防止修改。
我不知道如何冻结全局函数。
英文:
You can freeze global object prototype but you need your script to run first. It will prevent modification.
I don't know how to freeze global function.
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-js -->
Object.freeze(String.prototype);
Object.freeze(Number.prototype);
Object.freeze(Boolean.prototype);
Object.freeze(Object.prototype);
Object.freeze(Array.prototype);
Object.freeze(Date.prototype);
Object.freeze(Math.prototype);
Object.freeze(Function.prototype);
// evil script code modify primative on prototype
Boolean.prototype.toString = function() {
return true;
}
// For this I don't know how to freeze
window.parseInt = function(number) {
return 'evil'
}
let flag = false;
console.log(flag.toString());
console.log(parseInt(1));
<!-- end snippet -->
答案2
得分: -3
// 恢复 Boolean 原型的 toString 方法
Boolean.prototype.toString = function() {
return Boolean(this) ? 'true' : 'false';
};
let flag = false;
console.log(flag.toString());
// 请尝试这样做..
英文:
Restore the original toString method of the Boolean prototype
Boolean.prototype.toString = function() {
return Boolean(this) ? 'true' : 'false';
};
let flag = false;
console.log(flag.toString());
Try this please..
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论