Ignore:
Timestamp:
Nov 5, 2008, 7:26:30 PM (17 years ago)
Author:
[email protected]
Message:

JavaScriptCore:

2008-11-05 Gavin Barraclough <[email protected]>

Reviewed by Maciej Stachowiak.

https://bugs.webkit.org/show_bug.cgi?id=22094

Fix for bug where the callee incorrectly recieves the caller's lexical
global object as this, rather than its own. Implementation closely
follows the spec, passing jsNull, checking in the callee and replacing
with the global object where necessary.

  • VM/CTI.cpp: (JSC::CTI::compileOpCall):
  • VM/Machine.cpp: (JSC::Machine::cti_op_call_NotJSFunction): (JSC::Machine::cti_op_call_eval):
  • runtime/JSCell.h: (JSC::JSValue::toThisObject):
  • runtime/JSImmediate.cpp: (JSC::JSImmediate::toThisObject):
  • runtime/JSImmediate.h:

LayoutTests:

2008-11-05 Gavin Barraclough <[email protected]>

Reviewed by Maciej Stachowiak.

Previosly the test 'cross-site-this' checked that the second level deep method called
across frames recieved the correct this pointer, when no base object is provided.


Test updated so that it check that the code in the child frame, and both the first
and second functions called in the parent frame recieve the correct this values.

  • fast/frames/cross-site-this.html:
  • fast/frames/resources/cross-site-this-helper.html:
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/JavaScriptCore/runtime/JSImmediate.cpp

    r37938 r38148  
    3232
    3333namespace JSC {
     34
     35JSObject* JSImmediate::toThisObject(JSValue* v, ExecState* exec)
     36{
     37    ASSERT(isImmediate(v));
     38    if (isNumber(v))
     39        return constructNumberFromImmediateNumber(exec, v);
     40    if (isBoolean(v))
     41        return constructBooleanFromImmediateBoolean(exec, v);
     42    if (v == jsNull())
     43        return exec->globalThisValue();
     44   
     45    JSNotAnObjectErrorStub* exception = createNotAnObjectErrorStub(exec, v->isNull());
     46    exec->setException(exception);
     47    return new (exec) JSNotAnObject(exec, exception);
     48}
    3449
    3550JSObject* JSImmediate::toObject(JSValue* v, ExecState* exec)
Note: See TracChangeset for help on using the changeset viewer.