Is the treatment of proto different in the fetch API compared to manual assignment?

Question

Is the treatment of proto different in the fetch API compared to manual assignment?

When using fetch to retrieve a payload containing a __proto__, it seems that the Object prototype is not affected in the same way as when directly assigning to an object.

This behavior is beneficial as it ensures that the Object prototype remains unaffected by any API calls. However, I am curious about the mechanics behind this and why it happens?

For instance, considering a payload.json file:

{
  "__proto__": { "toString": "foobar" }
}

If we fetch this data:

 fetch("payload.json")
      .then(function(response) {
        return response.json();
      })
      .then(function(json) {
        console.log("--JSON from a fetch payload--");
        console.log("payload.toString():", json.toString()); // [object Object]
        console.log("json.__proto__:", json.__proto__); // {toString: "foobar"}
        console.log("{}.toString()", {}.toString()); //[object Object]

        console.log("--New object with __proto__ set--");
        const x = { __proto__: { toString: () => "hacked" } };
        console.log("x.toString(): ", x.toString());
        console.log("{}.toString(): ", {}.toString());
        console.log(
          "JSON.parse('{}').toString(): ",
          JSON.parse("{}").toString()
        );

        console.log("--Set proto with assignment--");
        const y = {};
        y.__proto__.toString = () => "polluted";
        console.log("y.toString(): ", y.toString());
        console.log("x.toString(): ", x.toString());
        console.log("{}.toString(): ", {}.toString());
        console.log(
          "JSON.parse('{}').toString(): ",
          JSON.parse("{}").toString()
        );
      });

The output will be:

--JSON from a fetch payload-- 
payload.toString(): [object Object] 
json.__proto__: 
Object {toString: "foobar"}
{}.toString() [object Object] 
--New object with __proto__ set-- 
x.toString():  *** hacked *** 
{}.toString():  [object Object] 
JSON.parse('{}').toString():  [object Object] 
--Set proto with assignment-- 
y.toString():  *** polluted *** 
x.toString():  *** hacked *** 
{}.toString():  *** polluted *** 
JSON.parse('{}').toString():  *** polluted ***

I understand how the last example pollutes the object prototype, but I'm intrigued as to why json.__proto__ behaves differently when obtained through a fetch call.

You can view the above example on codesandbox.io

javascript json fetch-api

Answer 1

Answer №1

It's important to note that the behavior of fetch API is not related to this issue.

The property __proto__ is a special getter/setter on the Object.prototype, converting operations like [[Get]] and [[Set]] to [[GetPrototypeOf]] and [[SetPrototypeOf]].

When fetching and parsing data as JSON, it operates similarly to JSON.parse: parsing the JSON and creating an empty JavaScript object with the properties added.

However, instead of simply setting the properties using [[Set]], they are defined using [[Define]], which means they won't trigger the setter, resulting in a standard property named __proto__ pointing to a different object than its [[Prototype]]:

Consider the example below:

// Using [[Set]], as initially thought
const obj1 = {}
obj1.__proto__ = {}
console.log(obj1.hasOwnProperty('__proto__')) // false, because it's inherited
console.log(obj1.__proto__ === Object.getPrototypeOf(obj1)) // true

// Using [[Define]], similar to JSON.parse
const obj2 = {}
Object.defineProperty(obj2, '__proto__', {
  value: {},
  enumerable: true,
  configurable: true,
  writable: true
})
console.log(obj2.hasOwnProperty('__proto__')) // true, it is own property
console.log(obj.__proto__ === Object.getPrototypeOf(obj)) // false

Answer 2

It's important to note that the behavior of fetch API is not related to this issue.

The property __proto__ is a special getter/setter on the Object.prototype, converting operations like [[Get]] and [[Set]] to [[GetPrototypeOf]] and [[SetPrototypeOf]].

When fetching and parsing data as JSON, it operates similarly to JSON.parse: parsing the JSON and creating an empty JavaScript object with the properties added.

However, instead of simply setting the properties using [[Set]], they are defined using [[Define]], which means they won't trigger the setter, resulting in a standard property named __proto__ pointing to a different object than its [[Prototype]]:

Consider the example below:

// Using [[Set]], as initially thought
const obj1 = {}
obj1.__proto__ = {}
console.log(obj1.hasOwnProperty('__proto__')) // false, because it's inherited
console.log(obj1.__proto__ === Object.getPrototypeOf(obj1)) // true

// Using [[Define]], similar to JSON.parse
const obj2 = {}
Object.defineProperty(obj2, '__proto__', {
  value: {},
  enumerable: true,
  configurable: true,
  writable: true
})
console.log(obj2.hasOwnProperty('__proto__')) // true, it is own property
console.log(obj.__proto__ === Object.getPrototypeOf(obj)) // false

Is the treatment of proto different in the fetch API compared to manual assignment?

Answer №1

Similar questions

How to attach an event listener to an input element using Angular

What is the method to display HTML code using JavaScript within a span element in a JSP page?

Is there a way to postpone the execution of a scheduled interval function?

Function wrapper intended for axios

When trying to decode a JSON string into a simple Rails object, an unexpected

Steer clear of chaining multiple subscriptions in RXJS to improve code

"Can you tell me the method for obtaining an array within an Angular

Exploring the World of JSON Iteration

Initiate an AJAX call with various data formats included

I am experiencing an issue where the result is not appearing on the input tag within my

Is VueJS2 using the computed property/method to modify Vue data?

Include a new feature within an onClick event

Ways to arrange the JSON array by keys in reverse order utilizing Angular

Utilizing Jquery to add a delay and animate the sliding up effect on a recently created element

React Table in Modal Using Custom Hook State

Is it considered good or bad practice to use plain JavaScript objects in an AngularJS application?

An error of unknown token U was encountered in the JSON data starting at position 0

Utilize Fb.api to automatically post on user's wall upon logging in

Extracting information from an ENORMOUS Array

Receiving no feedback from a public API while coding in React.js

Is the treatment of __proto__ different in the fetch API compared to manual assignment?

Answer №1

Similar questions

How to attach an event listener to an input element using Angular

What is the method to display HTML code using JavaScript within a span element in a JSP page?

Is there a way to postpone the execution of a scheduled interval function?

Function wrapper intended for axios

When trying to decode a JSON string into a simple Rails object, an unexpected

Steer clear of chaining multiple subscriptions in RXJS to improve code

"Can you tell me the method for obtaining an array within an Angular

Exploring the World of JSON Iteration

Initiate an AJAX call with various data formats included

I am experiencing an issue where the result is not appearing on the input tag within my

Is VueJS2 using the computed property/method to modify Vue data?

Include a new feature within an onClick event

Ways to arrange the JSON array by keys in reverse order utilizing Angular

Utilizing Jquery to add a delay and animate the sliding up effect on a recently created element

React Table in Modal Using Custom Hook State

Is it considered good or bad practice to use plain JavaScript objects in an AngularJS application?

An error of unknown token U was encountered in the JSON data starting at position 0

Utilize Fb.api to automatically post on user's wall upon logging in

Extracting information from an ENORMOUS Array

Receiving no feedback from a public API while coding in React.js

Is the treatment of proto different in the fetch API compared to manual assignment?