Changeset 29428 in webkit for trunk/JavaScriptCore/kjs/nodes.cpp

Timestamp:

Jan 11, 2008, 11:19:27 PM (17 years ago)

Author:

[email protected]

Message:

JavaScriptCore:

Reviewed by Oliver Hunt.

Fixed <rdar://problem/5665251> REGRESSION (r28880-r28886): Global
variable access (16644)

This bug was caused by var declarations shadowing built-in properties of
the global object.

To match Firefox, we've decided that var declarations will never shadow
built-in properties of the global object or its prototypes. We used to
behave more like IE, which allows shadowing, but walking that line got
us into trouble with websites that sent us down the Firefox codepath.

• kjs/JSVariableObject.h: (KJS::JSVariableObject::symbolTableGet): New code to support calling hasProperty before the variable object is fully initialized (so you can call it during initialization).

• kjs/nodes.cpp:. (KJS::ProgramNode::initializeSymbolTable): Always do a full hasProperty check when looking for duplicates, not getDirect, since it only checks the property map, and not hasOwnProperty, since it doesn't check prototypes. (KJS::EvalNode::processDeclarations): ditto

• kjs/property_slot.h: (KJS::PropertySlot::ungettableGetter): Best function name evar.

WebCore:

Reviewed by Oliver Hunt.

Fixed <rdar://problem/5665251> REGRESSION (r28880-r28886): Global
variable access (16644)

Removed the ReadOnly bit from some properties, to match Firefox. Also
removed status-related setters, to allow using their names as variable
names.

• bindings/scripts/CodeGeneratorJS.pm: Added support for properties that are one-way across domain boundaries, to match Firefox.

• bindings/js/kjs_window.cpp: Changed ReadOnly declarations to match FF.

• bindings/scripts/CodeGeneratorJS.pm: Don't use JSObject:: because we don't know that JSObject is our base class.

• page/DOMWindow.idl: Replaced lots of readonly declarations with [Replaceable] declarations.

• page/DOMWindow.h: Removed interfaces for setting status text via the DOM. (They were getting in the way of, e.g., "var status" declarations.) By default, IE 7 and FF disable these interfaces in order to defend against phishing attacks that try to spoof domain names in the statusbar.
• page/DOMWindow.cpp:

LayoutTests:

Reviewed by Oliver Hunt.

Fixed <rdar://problem/5665251> REGRESSION (r28880-r28886): Global
variable access (16644)

Added a test. Updated other tests to match new behavior.

• fast/js/var-declarations-shadowing-expected.txt: Added.
• fast/js/var-declarations-shadowing.html: Added.

• fast/dom/HTMLScriptElement/script-load-events.html: Changed this test a bit because the original design made it hard to understand why it was failing.
• fast/dom/HTMLScriptElement/script-load-events-expected.txt:

• fast/dom/Window/get-set-properties.html: Changed this test to expect our new behavior, which matches Firefox.
• fast/dom/Window/get-set-properties-expected.txt:

• fast/dom/Window/window-property-shadowing.html: Removed some cases that differed from Firefox.
• fast/dom/Window/window-property-shadowing-expected.txt:

• http/tests/security/cross-frame-access-put-expected.txt: This test emits more "Unsafe JavaScript attempt" messages now because property sets that used to be prohibited (somewhat accidentally) by the ReadOnly attribute are now prohibited by security checks.

File:

• trunk/JavaScriptCore/kjs/nodes.cpp (modified) (2 diffs)

trunk/JavaScriptCore/kjs/nodes.cpp

@@ -4327 +4327 @@
     for (size_t i = 0; i < size; ++i) {
         const Identifier& ident = m_varStack[i].first;
-        if (variableObject->getDirect(ident)) {
+        if (variableObject->hasProperty(exec, ident)) {
             m_varIndexes[i] = missingSymbolMarker(); // Signal not to initialize this declaration.
             continue;
@@ -4475 +4475 @@
         Identifier& ident = m_varStack[i].first;
         bool isConstant = m_varStack[i].second & DeclarationStacks::IsConstant;
-        if (variableObject->hasOwnProperty(exec, ident))
+        if (variableObject->hasProperty(exec, ident))
             continue;
         int attributes = minAttributes;