source: webkit/trunk/JavaScriptCore/kjs/SavedBuiltins.h@ 31119

Last change on this file since 31119 was 30871, checked in by [email protected], 17 years ago

JavaScriptCore:

Reviewed by Darin Adler.


Fixed <rdar://problem/5689093> Stricter (ES4) eval semantics


The basic rule is:


  • "eval(s)" is treated as an operator that gives the ES3 eval behavior.

... but only if there is no overriding declaration of "eval" in scope.

  • All other invocations treat eval as a function that evaluates a script in the context of its "this" object.

... but if its "this" object is not the global object it was
originally associated with, eval throws an exception.


Because only expressions of the form "eval(s)" have access to local
scope, the compiler can now statically determine whether a function
needs local scope to be dynamic.

  • kjs/nodes.h: Added FunctionCallEvalNode. It works just like FuncationCallResolveNode, except it statically indicates that the node may execute eval in the ES3 way.
  • kjs/nodes.cpp:
  • kjs/nodes2string.cpp:
  • tests/mozilla/expected.html: This patch happens to fix a Mozilla JS test, but it's a bit of a pyrrhic victory. The test intends to test Mozilla's generic API for calling eval on any object, but, in reality, we only support calling eval on the global object.

LayoutTests:

Reviewed by Darin Adler.

Tests for <rdar://problem/5689093> Stricter (ES4) eval semantics


  • fast/js/eval-cross-window-expected.txt: Added.
  • fast/js/eval-cross-window.html: Added.
  • fast/js/eval-keyword-vs-function-expected.txt: Added.
  • fast/js/eval-keyword-vs-function.html: Added.
  • fast/js/eval-overriding-expected.txt: Added.
  • fast/js/eval-overriding.html: Added.


Tests to make sure not to regress security:

  • http/tests/security/resources/xss-eval2.html: Added.
  • http/tests/security/resources/xss-eval3.html: Added.
  • http/tests/security/xss-eval-expected.txt: Added.
  • http/tests/security/xss-eval.html: Added.

I removed these tests because we no longer match the behavior they
expected, and the new tests are more comprehensive:


  • fast/js/window-eval-context-expected.txt: Removed.
  • fast/js/window-eval-context.html: Removed.
  • fast/js/window-eval-tearoff-expected.txt: Removed.
  • fast/js/window-eval-tearoff.html: Removed.
  • Property svn:eol-style set to native
File size: 3.3 KB
Line 
1// -*- c-basic-offset: 2 -*-
2/*
3 * This file is part of the KDE libraries
4 * Copyright (C) 1999-2001 Harri Porten ([email protected])
5 * Copyright (C) 2001 Peter Kelly ([email protected])
6 * Copyright (C) 2003, 2004, 2005, 2006 Apple Computer, Inc.
7 *
8 * This library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Library General Public
10 * License as published by the Free Software Foundation; either
11 * version 2 of the License, or (at your option) any later version.
12 *
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Library General Public License for more details.
17 *
18 * You should have received a copy of the GNU Library General Public License
19 * along with this library; see the file COPYING.LIB. If not, write to
20 * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
21 * Boston, MA 02110-1301, USA.
22 *
23 */
24
25#ifndef SavedBuiltins_H
26#define SavedBuiltins_H
27
28#include "protect.h"
29#include "object_object.h"
30#include "string_object.h"
31#include "error_object.h"
32#include "regexp_object.h"
33#include "array_object.h"
34#include "bool_object.h"
35#include "date_object.h"
36#include "number_object.h"
37#include "math_object.h"
38
39namespace KJS {
40
41struct SavedBuiltinsInternal {
42 ProtectedPtr<ObjectObjectImp> objectConstructor;
43 ProtectedPtr<FunctionObjectImp> functionConstructor;
44 ProtectedPtr<ArrayObjectImp> arrayConstructor;
45 ProtectedPtr<BooleanObjectImp> booleanConstructor;
46 ProtectedPtr<StringObjectImp> stringConstructor;
47 ProtectedPtr<NumberObjectImp> numberConstructor;
48 ProtectedPtr<DateObjectImp> dateConstructor;
49 ProtectedPtr<RegExpObjectImp> regExpConstructor;
50 ProtectedPtr<ErrorObjectImp> errorConstructor;
51 ProtectedPtr<NativeErrorImp> evalErrorConstructor;
52 ProtectedPtr<NativeErrorImp> rangeErrorConstructor;
53 ProtectedPtr<NativeErrorImp> referenceErrorConstructor;
54 ProtectedPtr<NativeErrorImp> syntaxErrorConstructor;
55 ProtectedPtr<NativeErrorImp> typeErrorConstructor;
56 ProtectedPtr<NativeErrorImp> URIErrorConstructor;
57
58 ProtectedPtr<PrototypeReflexiveFunction> evalFunction;
59
60 ProtectedPtr<ObjectPrototype> objectPrototype;
61 ProtectedPtr<FunctionPrototype> functionPrototype;
62 ProtectedPtr<ArrayPrototype> arrayPrototype;
63 ProtectedPtr<BooleanPrototype> booleanPrototype;
64 ProtectedPtr<StringPrototype> stringPrototype;
65 ProtectedPtr<NumberPrototype> numberPrototype;
66 ProtectedPtr<DatePrototype> datePrototype;
67 ProtectedPtr<RegExpPrototype> regExpPrototype;
68 ProtectedPtr<ErrorPrototype> errorPrototype;
69 ProtectedPtr<NativeErrorPrototype> evalErrorPrototype;
70 ProtectedPtr<NativeErrorPrototype> rangeErrorPrototype;
71 ProtectedPtr<NativeErrorPrototype> referenceErrorPrototype;
72 ProtectedPtr<NativeErrorPrototype> syntaxErrorPrototype;
73 ProtectedPtr<NativeErrorPrototype> typeErrorPrototype;
74 ProtectedPtr<NativeErrorPrototype> URIErrorPrototype;
75};
76
77class SavedBuiltins {
78 friend class JSGlobalObject;
79public:
80 SavedBuiltins()
81 : _internal(0)
82 {
83 }
84
85 ~SavedBuiltins()
86 {
87 delete _internal;
88 }
89
90private:
91 SavedBuiltinsInternal* _internal;
92};
93
94} // namespace
95
96#endif // SavedBuiltins_H
Note: See TracBrowser for help on using the repository browser.