fix: tolerate symbols as property names #2094
Conversation
ba505c5 to
7d80610
Compare
There was a problem hiding this comment.
Just to explore this a bit: In my experiments, if foo is a symbol (e.g., foo = Symbol('zot')) and bar is a string (e.g., bar = 'thud'),
`hi ${bar} ho` yields 'hi thud ho' (as one would expect)
`hi ${foo} ho` throws a TypeError (also as one would expect, and the case you're guarding against here)
`hi ${String(bar)} ho` yields 'hi thud ho', which is just like it was without the String() conversion, as desired.
`hi ${String(foo)} ho` yields 'hi Symbol(zot) ho', which is a little weird, but seems like a useful outcome.
This all seems fine, but I want to be sure of your intent. I presume your comment about valid property names is not that Symbol(zot) resembles a property name but that since pretty much any string can be used as a property name things could get goofy if somebody wrote, e.g., obj['Symbol(zot)'] = 47. In that case diagnostic output would look the same as if they had written obj[foo] = 47, but presumably that would merely be confusing output and not a path to play some kind of game that might lead to an exploit. Am I understanding that right?
| `ls.qm send(${JSON.stringify(targetSlot)}, ${prop}) -> ${resultVPID}`, | ||
| `ls.qm send(${JSON.stringify(targetSlot)}, ${String( | ||
| prop, | ||
| )}) -> ${resultVPID}`, |
There was a problem hiding this comment.
Line breaks inside template strings give me the willies.
There was a problem hiding this comment.
Am I understanding that right?
Perfectly
Line breaks inside template strings give me the willies.
The computer did it. Blame the computer.
There was a problem hiding this comment.
That's not what you'll say when the robots come for you.
If the value of
propis a symbol${prop}throws whereas${String(prop)}produces a pleasing diagnostic. Should only be used to generate diagnostic text since the stringified from of a symbol is a valid string name for a property.See endojs/endo#547
See #2092