One of the most common use cases for a proxy is to enforce read/write rules.
function createSecureProxy(target, allowedRoles)
return new Proxy(target,
get(target, prop, receiver)
if (prop === 'adminSecret' && !allowedRoles.includes('admin'))
throw new Error('Access denied');
// Using Reflect for default behavior
return Reflect.get(target, prop, receiver);
,
set(target, prop, value, receiver)
if (prop === 'salary' && value > 100000 && !allowedRoles.includes('hr'))
throw new Error('Unauthorized to set high salary');
return Reflect.set(target, prop, value, receiver);
);
By using Reflect inside traps, you ensure that any internal object getters or setters execute in their original context—preserving both security and compliance. proxy made with reflect 4 top
function createValidatorProxy(schema) return function(target) return new Proxy(target, set(target, prop, value, receiver) if (schema[prop] && typeof value !== schema[prop]) throw new TypeError(`Property "$prop" must be of type $schema[prop]`); if (prop === "age" && value < 0) throw new RangeError("Age cannot be negative"); // Only proceed with Reflect if validation passes return Reflect.set(target, prop, value, receiver); , deleteProperty(target, prop) if (prop === "id") throw new Error("Cannot delete 'id' property"); return Reflect.deleteProperty(target, prop); ); ;const userSchema = name: "string", age: "number" ; const user = id: 1, name: "Bob", age: 25 ; const validatedUser = createValidatorProxy(userSchema)(user); One of the most common use cases for
validatedUser.age = 30; // Works validatedUser.name = "Robert"; // Works // validatedUser.age = -5; // Throws RangeError // validatedUser.name = 123; // Throws TypeError // delete validatedUser.id; // Throws ErrorBy using Reflect inside traps, you ensure that
Even with Reflect, pitfalls remain. Here’s how to avoid them: