Closed ByteEater-pl closed 10 months ago
leobalter
commented
10 months ago Assuming you control the ShadowRealm instantiation, there isn't anything preventing you from observing all names, including non enumerable properties, using something like Object.getOwnPropertyDescriptors.
Some setup is expected if you intend to use ShadowRealm in a way to prevent/control access to certain names.
ByteEater-pl
commented
10 months ago OK
mhofman
commented
10 months ago @ByteEater-pl actually makes a good point in the context of #392.
This is not currently an issue because the 262 side creates the global object as a regular object, which means all properties can be enumerated through [[OwnPropertyKeys]]. However that PR wants to change the responsibility of creating the global object to the host, in which case the object could have exotic behavior and implement some properties as "non-own" to get around the object invariants. I will comment on that PR.
The draft spec says:
It seems the same sentence should require them to be enumerable.
Otherwise, there seemingly cannot be code which denies all added capabilities to code running later which isn't written for a specific set of hosts. Even if the programmer manages to include almost all existing hosts, read their (hopefully existing and good enough) documentation and sift through what they add, it's not future-proof.