From 3fcb69fc7a8edd026f53d0bc1b1be7b825e65eb5 Mon Sep 17 00:00:00 2001 From: Jonathan Kingston Date: Sat, 20 Feb 2016 14:25:57 +0000 Subject: [PATCH] Tone down security nature of the unapply attack prevention tip --- _posts/en/2016-02-11-preventing-unapply-attacks.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/_posts/en/2016-02-11-preventing-unapply-attacks.md b/_posts/en/2016-02-11-preventing-unapply-attacks.md index de2b95b3..1c3ee38e 100644 --- a/_posts/en/2016-02-11-preventing-unapply-attacks.md +++ b/_posts/en/2016-02-11-preventing-unapply-attacks.md @@ -11,7 +11,7 @@ categories: - en --- -By overriding the builtin prototypes, attackers can rewrite code to expose and change bound arguments. This can be a serious security hole that works by exploting a polyfill es5 methods. +By overriding the builtin prototypes, external code can cause code to break by rewriting code to expose and change bound arguments. This can be an issue that seriously breaks applications that works by using polyfill es5 methods. ```js // example bind polyfill @@ -53,4 +53,5 @@ By using [Object.freeze](https://developer.mozilla.org/en-US/docs/Web/JavaScript }()); ``` -You can read more about unapply attacks [here](https://glebbahmutov.com/blog/unapply-attack/). \ No newline at end of file +You can read more about unapply attacks [here](https://glebbahmutov.com/blog/unapply-attack/). +Although this concept is called an 'unapply attack' due to some code being able to access closures that normally wouldn't be in scope, it is mostly wrong to consider this a security feature due to it not preventing an attacker with code execution from extending prototypes before the freezing happens and also still having the potential to read all scopes using various language features. ECMA modules would give realm based isolation which is much stronger than this solution however still doesn't fix the issues of third party scripts.