DEV Community

loading...

Discussion on: JavaScript: Watch out for unwanted hoisting!

Collapse
bgadrian profile image
Adrian B.G.
  1. I couldn't understand what is the challenge (to force the value to be 42), maybe is just me

  2. Shouldn't be IDE's and linters handle this mistakes for us? (not double declare something). I guess that is the purpose, to raise awareness of this possible problem.

  3. a better challenge would be that wouldn't require to solve it with a bad practice (redeclare/overwrite a definition).

Collapse
antogarand profile image
Antony Garand Author

Hey there, thanks for the feedback!

This is not a "best practice" use case, but one feature of ecmascript that should be known by developers.

The challenge itself is an introduction to a given scenario where you can control only part of the website, such as in a Reflected XSS, yet need to change the behavior of a constant.
In another language, I would expect the secret variable to be safe and tamper-proof, yet it is not thanks to Function Hoisting.

Of course I wouldn't recommend anyone to use this knowledge in clean code, but I definitely can see this being part of a CTF challenge or causing innatention bugs.