Perfection kills » Understanding delete - 3 views
-
All because it’s not possible to delete variables in Javascript. At least not when declared in such way.
-
It’s almost as if Firebug follows some other rules of deletion. It is Firebug that has led Stoyan astray! So what is really going on here?
-
we need to understand how delete operator works in Javascript: what exactly can and cannot be deleted and why.
- ...35 more annotations...
-
var o = { x: 1 }; delete o.x; // true o.x; // undefined
-
var x = 1; delete x; // false x; // 1
-
function x(){} delete x; // false typeof x; // "function"
-
Note that delete only returns false when a property can not be deleted.
-
variable instantiation and property attributes
-
Global code, Function code and Eval code.
-
When a source text is treated as a Program, it is executed in a global scope, and is considered a Global code.
-
Anything that’s executed directly within a function is, quite obviously, considered a Function code. In browsers, content of event attributes (e.g. <p onclick="...">) is usually parsed and treated as a Function code.
-
text that’s supplied to a built-in eval function is parsed as Eval code. We will soon see why this type is special.
-
And now that we know the difference between property assignment and variable declaration — latter one sets DontDelete, whereas former one doesn’t — it should be clear why undeclared assignment creates a deletable property:
-
As you can see, execution contexts can logically form a stack. First there might be Global code with its own execution context; that code might call a function, with its own execution context; that function could call another function, and so on and so forth. Even if function is calling itself recursively, a new execition context is being entered with every invocation.
-
Every execution context has a so-called Variable Object associated with it. Similarly to execution context, Variable object is an abstract entity, a mechanism to describe variable instantiation. Now, the interesing part is that variables and functions declared in a source text are actually added as properties of this Variable object.
-
When control enters execution context for Global code, a Global object is used as a Variable object. This is precisely why variables or functions declared globally become properties of a Global object:
-
The behavior is actually very similar: they become properties of Variable object. The only difference is that when in Function code, a Variable object is not a Global object, but a so-called Activation object. Activation object is created every time execution context for Function code is entered.
-
and a special Arguments object (under arguments name). Note that Activation object is an internal mechanism and is never really accessible by program code.
-
within Eval code are created as properties of calling context’s Variable object. Eval code simply uses Variable object of the execution context that it’s being called within:
-
Execution context When ECMAScript code executes, it always happens within certain execution context.
-
When declared variables and functions become properties of a Variable object — either Activation object (for Function code), or Global object (for Global code), these properties are created with DontDelete attribute. However, any explicit (or implicit) property assignment creates property without DontDelete attribute. And this is essentialy why we can delete some properties, but not others:
-
Special arguments variable (or, as we know now, a property of Activation object) has DontDelete. length property of any function instance has DontDelete as well:
-
As you might remember, undeclared assignment creates a property on a global object.
-
Now that it’s clear what happens with variables (they become properties), the only remaining concept to understand is property attributes. Every property can have zero or more attributes from the following set — ReadOnly, DontEnum, DontDelete and Internal. These attributes serve as sort of flags — an attribute can either exist on a property or not. For the purposes of today’s discussion, we are only interested in DontDelete.
-
Variables declared within Eval code are actually created as properties without DontDelete:
-
This interesting eval behavior, coupled with another aspect of ECMAScript can technically allow us to delete non-deletable properties. The thing about function declarations is that they can overwrite same-named variables in the same execution context:
-
Note how function declaration takes precedence and overwrites same-named variable (or, in other words, same property of Variable object). This is because function declarations are instantiated after variable declarations, and are allowed to overwrite them
-
If we declare function via eval, that function should also replace that property’s attributes with its own. And since variables declared from within eval create properties without DontDelete, instantiating this new function should essentially remove existing DontDelete attribute from the property in question, making that property deletable (and of course changing its value to reference newly created function).
-
Unfortunately, this kind of spoofing doesn’t work in any implementation I tried. I might be missing something here, or this behavior might simply be too obscure for implementors to pay attention to
-
this.x = 1; delete x; // TypeError: Object doesn't support this action
-
var x = 1; delete this.x; // TypeError: Cannot delete 'this.x'
-
It’s as if variable declarations in Global code do not create properties on Global object in IE.
-
Not only is there an error, but created property appears to have DontDelete set on it, which of course it shouldn’t have:
-
“The global variable object is implemented as a JScript object, and the global object is implemented by the host.
-
Note how this and window seem to reference same object (if we can believe === operator), but Variable object (the one on which function is declared) is different from whatever this references.
-
delete doesn’t differentiate between variables and properties (in fact, for delete, those are all References) and really only cares about DontDelete attribute (and property existence).
-
The moral of the story is to never trust host objects.
-
Few restrictions are being introduced. SyntaxError is now thrown when expression in delete operator is a direct reference to a variable, function argument or function identifier. In addition, if property has internal [[Configurable]] == false, a TypeError is thrown:
