http: don't inherit from Object.prototype #6102
Conversation
This commit safely allows header names that are named the same as properties that are ordinarily inherited from Object.prototype such as __proto__.
|
CI: https://ci.nodejs.org/job/node-test-pull-request/2205/ I also took the liberty of putting the prototype-less constructor in |
mscdex
added
the
semver-major
|
One other thing to note: the check introduced by 2a1ef97 was already preventing weird things from happening when setting header names that coincide with |
|
This one could be fairly significant given how extensively the That said, the change LGTM |
|
Everyone accesses |
|
So it looks like there is a problem that is going to be a common theme for any of these instances where we replace I'm not sure what to do about that... |
|
Yeah, that's the kind of breakage I was afraid of. I'm not sure there's So it looks like there is a problem that is going to be a common theme for — |
|
I suppose these libraries could monkey-patch var create = Object.create;
Object.create = function() {
var obj = create.apply(null, arguments);
if (obj.prototype == null)
obj.prototype = Object.prototype;
return obj;
};Yeah it's hacky, but then again they're already mutating |
|
That's pretty ugly. I'm wondering if there's a chance anything can be done
|
|
Idea: we expose a base null object and let people set onto that for these, then we inherit from it. |
|
@Fishrock123 So in this case you're saying expose |
|
I would actually expose a "BaseObject" directly (Which would be a I'm not 100% that is a good idea, but it is what first comes to mind.. |
|
@Fishrock123 Wouldn't exposing the prototype vs the constructor complicate things by having to lazily set the constructor's prototype? |
|
@mscdex Wouldn't it still have the same reference everwhere? I don't think there would actually need to be lazy loading or special hooks. |
|
@Fishrock123 Oh I thought you meant have the ability to replace the prototype entirely and not just mutate it. |
|
working through the options I think it's likely going to be ok to simply require that if someone wants to treat these return values as objects they'll need to set the prototype themselves. We could make it slightly easier by providing a utility function but doing so isn't critical. It is a semver-major change, after all. const headers = Object.setPrototypeOf(req.headers, Object.prototype);or, using a utility method: const headers = util.asObject(req.headers); |
|
If this breaks |
|
|
|
@addaleax That is a good point |
|
@addaleax but that will be null as a string, not the |
|
@evanlucas Hm yeah, you’re right… this still feels like the right kind of thing to do. At least for HTTP, where incoming headers are always converted to lower-case, maybe one could cherry-pick |
|
Hmm... that's certainly possible. I would just be a bit worried about user expectations... that is, if the thing has |
|
I think I tend to agree that cherry picking methods like that could be misleading, so it should be all or nothing IMHO. |
|
Do any other @nodejs/collaborators have any suggestions/opinions/comments/etc. about this? Does @jasnell's suggestion about simply requiring end users to call /cc @btd too as he seems to be the maintainer of |
|
We should get some feedback from folks like @dougwilson also |
|
@mscdex is this something we still want to explore? |
|
This is still something that ultimately should happen but there's still quite a bit of uncertainty around what would actually break. If we're going to do it, then I'm thinking we should be printing deprecation warnings whenever any Object.prototype methods or properties are accessed on this object in Node.js 8.0.0 and actually do switch in Node.js 9.0.0 |
|
@thealphanerd I've always been for it, hence the PR, but the issue for |
|
ping @mscdex |
|
@fhinkel This will be stalled until either the breakage is no longer a concern or the community is weaned off of the likes of |
|
Sorry, accidental close. |
|
@mscdex given that the breakage should always be a concern, and 15+ years of it being a bad practice to chain |
|
@ljharb That was just one example though. As mentioned earlier in this PR, another example is users adding to |
|
Gotcha. I consider "should" patterns deprecated in favor of "expect" patterns, but just like normal chaining that's still going to be around forever. Has the CTC been able to discuss this yet and come to a conclusion? If not, could it go on the agenda? |
|
If this ever matures is should include notes in the docs similier to e1cabf6#diff-69e1ac0b5bfc06e74f2c1ab7b062c6af |
|
@mscdex Should this remain open? Does it make sense to at least rebase so we can CITGM it again? |
|
Going to close this due to lack of forward progress. @mscdex ... when you're ready to revisit this, feel free to reopen or open a new PR |
Checklist
Affected core subsystem(s)
Description of change
This commit safely allows header names that are named the same as properties that are ordinarily inherited from
Object.prototypesuch as__proto__.