Sunday, January 2, 2011

JavaScript: Securing Pseudoclassical Objects

Which JavaScript pattern do you prefer for object creation? Functional or pseudoclassical? This question makes for a very interesting debate. The first time I read JavaScript: The Good Parts I was sold on the functional pattern based upon the knowledge that it was the only pattern that supported privacy. However, the pseudoclassical pattern can be secured! Based upon the fact that pseudoclassical objects can be secured and its many additional advantages make it the ideal choice for object creation.

Securing Pseudoclassical Objects

* Pseudoclassical object with private variables and functions.
* @constructor
* @param {string} name
* @param {number} age

var Person = function(name, age) {

/** @public variable */ = name || 'Brad';

/** @private variable */
var age = age || 34;

/** @private function */
function setAge(a) {
age = a;

/** @public function with access to private methods and variables (privileged) */
this.getAge = function () {
return age;

Why is Everything Public?

Security is not often documented within JavaScript books and I rarely see examples where developers secure their JavaScript objects. Typically, everything is exposed publicly. If you develop mobile applications with Titanium or are developing a JavaScript framework you absolutely must apply security with either the functional or pseudoclassical pattern. And of all the Titanium code I have read over the past month not a single example or sample application was concerned about privacy. Training can remedy this problem.

JavaScript Code Completion

auto completeA simple way to quickly view the publicly available methods of an object is with code completion. For example, the Aptana Eclipse plug-in has code completion built-in and works very well for JavaScript development.

No comments :

Post a Comment