I am involved in Application security and often times I've used
blindly in AngularJS applications to escape the sandbox in older versions. Recently I've been trying to understand what this really means and how it works. I tried reading about object constructors and understand that an object constructor points to the object type. so for example.
var a = new String;
console.log(a.constructor);
will print out String and if I do a.constructor.constructor this will print out {}
Now my question is how does object.constructor.constructor('ANY FUNCTION HERE')() lead to that function being executed in javascript
Aucun commentaire:
Enregistrer un commentaire