Object.observe is present in Chrome 36. Object.observe can break the WeakMap
emulation. WeakMap has also been enabled in the same version, so the emulation
will not be used in this case.
However, WeakMap.js should, for correctness, do one of:
1. patching Object.observe to suppress the hidden name,
2. deleting Object.observe, or
3. refusing to run.
For plain SES/Caja sandboxing, even if we had observe but not WeakMap, there
would be no effects because Object.observe is not on the SES whitelist.
There would be a problem if innocent code was using Object.observe on objects
given to it by guest code, and passing information about keys back, but that is
already a potential problem since the host frame isn't patched to hide the
hidden property.
Original issue reported on code.google.com by kpreid@google.com on 8 Sep 2014 at 5:26
Original issue reported on code.google.com by
kpreid@google.com
on 8 Sep 2014 at 5:26