Revision: 5440
Author: erights
Date: Wed Jun 5 20:35:14 2013
Log: Add mitigation options for makeScopeObject
https://codereview.appspot.com/9945043
Adds two new mitigstion options: maskReferenceError and
wrapImportedFunction. See the doc-comment in compileExpr for their
purpose.
Split mitigateGotchas into mitigateSrcGotchas and resolveOptions,
where resolveOptions is moved to startSES and mitigateSrcOptions
assumes its options are already resolved. That way, the same resolved
options object can also be passed to makeScopeObject for the
mitigations it performs. These latter mitigations happen even in a
minimal SES environment without mitigateGotchas.js
maskReferenceError should enable the new jquery to run without
rewriting. Added a rewriteFunctionCalls which remains to be
implemented
https://code.google.com/p/google-caja/issues/detail?id=1755
[email protected]
http://code.google.com/p/google-caja/source/detail?r=5440
Modified:
/trunk/src/com/google/caja/plugin/caja.js
/trunk/src/com/google/caja/plugin/ses-frame-group.js
/trunk/src/com/google/caja/ses/compileExprLater.js
/trunk/src/com/google/caja/ses/explicit.html
/trunk/src/com/google/caja/ses/makeSimpleAMDLoader.js
/trunk/src/com/google/caja/ses/mitigateGotchas.js
/trunk/src/com/google/caja/ses/startSES.js
/trunk/tests/com/google/caja/plugin/es53-test-language-guest.html
/trunk/tests/com/google/caja/testParserSpeed.js
=======================================
--- /trunk/src/com/google/caja/plugin/caja.js Wed May 22 16:28:32 2013
+++ /trunk/src/com/google/caja/plugin/caja.js Wed Jun 5 20:35:14 2013
@@ -328,7 +328,7 @@
initFeralFrame(window);
globalConfig = config = resolveConfig(config);
caja['server'] = config['server'];
- if (config['es5Mode'] === false ||
+ if (config['es5Mode'] === false ||
(config['es5Mode'] !== true && unableToSES())) {
initES53(config, frameGroupReady, onFailure);
} else {
@@ -358,10 +358,10 @@
} else {
full['es5Mode'] =
partial['es5Mode'] === undefined ? GUESS : !!partial['es5Mode'];
- full['maxAcceptableSeverity'] =
+ full['maxAcceptableSeverity'] =
String(partial['maxAcceptableSeverity'] || 'SAFE_SPEC_VIOLATION');
}
-
+
if (partial['console']) {
// Client supplies full 'console' object, which we use
full['console'] = partial['console'];
@@ -430,13 +430,13 @@
var sesMaker = makeFrameMaker(config, 'ses-single-frame');
loadCajaFrame(config, 'utility-frame', function (mitigateWin) {
- var mitigateGotchas = mitigateWin['ses']['mitigateGotchas'];
+ var mitigateSrcGotchas = mitigateWin['ses']['mitigateSrcGotchas'];
sesMaker['make'](function (tamingWin) {
var mustSES = config['es5Mode'] === true;
if (canSES(tamingWin['ses'], config['maxAcceptableSeverity'])) {
var fg = tamingWin['SESFrameGroup'](
cajaInt, config, tamingWin, window,
- { 'mitigateGotchas': mitigateGotchas });
+ { 'mitigateSrcGotchas': mitigateSrcGotchas });
frameGroupReady(fg, true /* es5Mode */);
} else if (!mustSES) {
config['console']['log']('Unable to use SES. Switching to
ES53.');
@@ -571,7 +571,7 @@
// * match the innermost such element using .caja-vdoc-inner
// This scheme has been chosen to be potentially forward-compatible
in the
// event that we switch to more or less than 2 wrappers.
-
+
inner = div.ownerDocument.createElement('div');
inner.className = 'caja-vdoc-inner caja-vdoc-wrapper';
inner.style.display = 'block';
=======================================
--- /trunk/src/com/google/caja/plugin/ses-frame-group.js Wed May 8
09:50:54 2013
+++ /trunk/src/com/google/caja/plugin/ses-frame-group.js Wed Jun 5
20:35:14 2013
@@ -32,8 +32,7 @@
throw new Error('wrong frame');
}
- // TODO(kpreid): make sure mitigator is applied to guest code only
- tamingWin.ses.mitigateGotchas = additionalParams.mitigateGotchas;
+ tamingWin.ses.mitigateSrcGotchas = additionalParams.mitigateSrcGotchas;
var USELESS = Object.freeze({ USELESS: 'USELESS' });
var BASE_OBJECT_CONSTRUCTOR = Object.freeze({});
=======================================
--- /trunk/src/com/google/caja/ses/compileExprLater.js Wed Mar 6 20:18:30
2013
+++ /trunk/src/com/google/caja/ses/compileExprLater.js Wed Jun 5 20:35:14
2013
@@ -17,7 +17,10 @@
* "cajaVM.compileExpr", except that it returns a promise for the
* outcome of attempting to compile the argument expression.
*
+ * //requires ses.ok, ses.securableWrapperSrc, ses.atLeastFreeVarNames,
+ * //requires ses.makeCompiledExpr,
* //provides ses.compileExprLater
+ * //provides ses.redeemResolver for its own use
* @author Mark S. Miller
* @overrides ses
* @requires Q, cajaVM, document, URI
@@ -50,12 +53,15 @@
* be one that sends the expression back up the server to be
* cajoled.
*/
- function compileExprLaterFallback(exprSrc, opt_sourcePosition) {
+ function compileExprLaterFallback(exprSrc,
+ opt_mitigateOpts,
+ opt_sourcePosition) {
// Coercing an object to a string may observably run code, so do
// this now rather than in any later turn.
exprSrc = ''+exprSrc;
- return Q(cajaVM).send('compileExpr', exprSrc, opt_sourcePosition);
+ return Q(cajaVM).send('compileExpr',
+ exprSrc, opt_mitigateOpts, opt_sourcePosition);
}
if (typeof document === 'undefined') {
@@ -79,14 +85,15 @@
};
/**
- *
+ * Implements an eventual compileExpr using injected script tags
*/
- function compileLaterInScript(exprSrc, opt_sourceUrl) {
+ function compileLaterInScript(exprSrc, opt_mitigateOpts, opt_sourceUrl)
{
var result = Q.defer();
// The portion of the pattern in compileExpr which is appropriate
// here as well.
+ var options = ses.resolveOptions(opt_mitigateOpts);
var wrapperSrc = ses.securableWrapperSrc(exprSrc, opt_sourceUrl);
var freeNames = ses.atLeastFreeVarNames(exprSrc);
@@ -97,10 +104,11 @@
var resolverTicket = getResolverTicket(result.resolve);
var scriptSrc = 'ses.redeemResolver(' + resolverTicket + ')(' +
- 'Object.freeze(ses.makeCompiledExpr(' + wrapperSrc + ',\n' +
- // Freenames consist solely of identifier characters (\w|\$)+
- // which do not need to be escaped further
- '["' + freeNames.join('", "') + '"])));';
+ 'Object.freeze(ses.makeCompiledExpr(' + wrapperSrc + ',\n' +
+ // Freenames consist solely of identifier characters (\w|\$)+
+ // which do not need to be escaped further
+ '["' + freeNames.join('", "') + '"], ' +
+ JSON.stringify(options) + ')));';
if (opt_sourceUrl) {
// See http://code.google.com/p/google-caja/wiki/SES#typeof_variable
=======================================
--- /trunk/src/com/google/caja/ses/explicit.html Wed Mar 6 20:18:30 2013
+++ /trunk/src/com/google/caja/ses/explicit.html Wed Jun 5 20:35:14 2013
@@ -179,7 +179,7 @@
var makeSimpleAMDLoaderP =
Q(makeSimpleAMDLoaderSrcP).then(function(src) {
var exprSrc = '(function() {' + src + '}).call(this)';
- var compiledExprP = ses.compileExprLater(exprSrc, url);
+ var compiledExprP = ses.compileExprLater(exprSrc, void 0, url);
return Q(compiledExprP).then(function(compiledExpr) {
compiledExpr(imports);
return imports.makeSimpleAMDLoader;
=======================================
--- /trunk/src/com/google/caja/ses/makeSimpleAMDLoader.js Wed Mar 6
20:18:30 2013
+++ /trunk/src/com/google/caja/ses/makeSimpleAMDLoader.js Wed Jun 5
20:35:14 2013
@@ -125,7 +125,7 @@
cajaVM.def(imports);
var compiledExprP = compileExprLater(
- '(function(){' + src + '})()', id);
+ '(function(){' + src + '})()', void 0, id);
return Q(compiledExprP).then(function(compiledExpr) {
compiledExpr(imports);
=======================================
--- /trunk/src/com/google/caja/ses/mitigateGotchas.js Wed May 8 09:50:54
2013
+++ /trunk/src/com/google/caja/ses/mitigateGotchas.js Wed Jun 5 20:35:14
2013
@@ -24,17 +24,21 @@
* Note that the parse tree manipulated in this file uses the SpiderMonkey
* AST format
* (https://developer.mozilla.org/en-US/docs/SpiderMonkey/Parser_API)
- *
+ *
+ * //requires ses.rewriter_
+ * //provides ses.mitigateSrcGotchas
* @author Jasvir Nagra ([email protected])
* @overrides ses
*/
+var ses;
+
(function() {
function introducesVarScope(node) {
return node.type === 'FunctionExpression' ||
node.type === 'FunctionDeclaration';
}
-
+
function isTypeOf(node) {
return (node.type === 'UnaryExpression' &&
node.operator === 'typeof' &&
@@ -44,7 +48,7 @@
function isId(node) {
return node.type === 'Identifier';
}
-
+
function isVariableDecl(node) {
return (node.type === 'VariableDeclaration');
}
@@ -79,10 +83,10 @@
/**
* Rewrite var decls in place into assignments on the global object
* turning variable declaration "var x, y = 2, z" to an expression
- * statement:
+ * statement:
* "this.x = this.x, this.y = this.y, this.y = 2, this.z = this.z"
* The rewrite also rewrites var declarations that appear in a for-loop
- * initializer "for (var x = 1;;) {}" into an expression:
+ * initializer "for (var x = 1;;) {}" into an expression:
* "for (this.x = this.x, this.x = 1;;) {}"
*/
function rewriteVars(node, parent) {
@@ -126,7 +130,7 @@
};
}
}
-
+
function globalVarAst(varName) {
return {
'type': 'MemberExpression',
@@ -136,7 +140,7 @@
'property': varName
};
}
-
+
/**
* Rewrite node in place turning expression "typeof x" to
* (function() {
@@ -195,31 +199,6 @@
}
};
}
-
- function resolveOptions(options, logger) {
- function resolve(opt, defaultOption) {
- return (options && opt in options) ? options[opt] : defaultOption;
- }
- var resolved = {};
- if (options === undefined || options === null) {
- resolved.parseProgram = true;
- resolved.rewriteTopLevelVars = true;
- resolved.rewriteTopLevelFuncs = true;
- resolved.rewriteTypeOf = true;
- } else {
- if (options.parseProgram === false) {
- logger.warn('Refused to disable parsing for safety on all
browsers');
- }
- // TODO(jasvir): This should only be necessary if a to-be-added
- // test in repairES5.js indicates that this platform has the
- // Function constructor bug
- resolved.parseProgram = true;
- resolved.rewriteTopLevelVars = resolve('rewriteTopLevelVars', true);
- resolved.rewriteTopLevelFuncs = resolve('rewriteTopLevelFuncs',
true);
- resolved.rewriteTypeOf = resolve('rewriteTypeOf', true);
- }
- return resolved;
- }
function needsRewriting(options) {
return options.rewriteTopLevelVars ||
@@ -227,8 +206,11 @@
options.rewriteTypeOf;
}
- ses.mitigateGotchas = function(programSrc, options, logger) {
- options = resolveOptions(options, logger);
+ /**
+ * Assumes {@code options} have already been safely canonicalized by
+ * startSES's {@code resolveOptions}.
+ */
+ ses.mitigateSrcGotchas = function(programSrc, options, logger) {
if (!options.parseProgram) {
return programSrc;
}
@@ -278,7 +260,9 @@
+ "/*\n"
+ " * Program rewritten to mitigate differences between\n"
+ " * Caja and strict-mode JavaScript.\n"
- + " * For more see
http://code.google.com/p/google-caja/wiki/SES\n";
+ + " * For more see "
+ + " * https://code.google.com/p/google-caja/wiki/SES#";
+ + "Source-SES_vs_Target-SES\n"
+ " */\n"
+ ses.rewriter_.generate(ast);
} else {
=======================================
--- /trunk/src/com/google/caja/ses/startSES.js Tue May 21 13:19:02 2013
+++ /trunk/src/com/google/caja/ses/startSES.js Wed Jun 5 20:35:14 2013
@@ -18,7 +18,9 @@
* <p>Assumes ES5 plus a WeakMap that conforms to the anticipated ES6
* WeakMap spec. Compatible with ES5-strict or anticipated ES6.
*
- * //provides ses.startSES
+ * //optionally requires ses.mitigateSrcGotchas
+ * //provides ses.startSES ses.resolveOptions, ses.securableWrapperSrc
+ * //provides ses.makeCompiledExpr
* @author Mark S. Miller,
* @author Jasvir Nagra
* @requires WeakMap
@@ -269,18 +271,62 @@
}
/**
- * The function ses.mitigateGotchas, if defined, is a function which
- * given the sourceText for a strict Program, returns rewritten
- * program with the same semantics as the original but with as
- * many of the ES5 gotchas removed as possible. {@code options} is
- * a record of which gotcha-rewriting-stages to use or omit.
- * Passing no option performs all the default mitigations.
+ * {@code opt_mitigateOpts} is an alleged record of which gotchas to
+ * mitigate. Passing no {@code opt_mitigateOpts} performs all the
+ * default mitigations. Returns a well behaved options record.
+ *
+ * <p>See {@code compileExpr} for documentation of the mitigation
+ * options and their effects.
*/
- function mitigateGotchas(programSrc, options) {
+ function resolveOptions(opt_mitigateOpts) {
+ function resolve(opt, defaultOption) {
+ return (opt_mitigateOpts && opt in opt_mitigateOpts) ?
+ opt_mitigateOpts[opt] : defaultOption;
+ }
+ var options = {};
+ if (opt_mitigateOpts === undefined || opt_mitigateOpts === null) {
+ options.maskReferenceError = true;
+
+ options.parseProgram = true;
+ options.rewriteTopLevelVars = true;
+ options.rewriteTopLevelFuncs = true;
+ options.rewriteFunctionCalls = true;
+ options.rewriteTypeOf = false;
+ } else {
+ options.maskReferenceError = resolve('maskReferenceError', true);
+
+ if (opt_mitigateOpts.parseProgram === false) {
+ ses.logger.warn(
+ 'Refused to disable parsing for safety on all browsers');
+ }
+ // TODO(jasvir): This should only be necessary if a to-be-added
+ // test in repairES5.js indicates that this platform has the
+ // Function constructor bug
+ options.parseProgram = true;
+ options.rewriteTopLevelVars = resolve('rewriteTopLevelVars', true);
+ options.rewriteTopLevelFuncs = resolve('rewriteTopLevelFuncs', true);
+ options.rewriteFunctionCalls = resolve('rewriteFunctionCalls', true);
+ options.rewriteTypeOf = resolve('rewriteTypeOf',
+ !options.maskReferenceError);
+ }
+ return options;
+ }
+ ses.resolveOptions = resolveOptions;
+
+ /**
+ * The function ses.mitigateSrcGotchas, if defined, is a function
+ * which, given the sourceText for a strict Program, returns a
+ * rewritten program with the same semantics as the original but
+ * with some of the ES5 gotchas mitigated -- those that can be
+ * mitigated by source analysis or source-to-source rewriting. The
+ * {@code options} are assumed to already be canonicalized by {@code
+ * resolveOptions} and says which mitigations to apply.
+ */
+ function mitigateSrcGotchas(programSrc, options) {
var safeError;
- if ('function' === typeof ses.mitigateGotchas) {
+ if ('function' === typeof ses.mitigateSrcGotchas) {
try {
- return ses.mitigateGotchas(programSrc, options, ses.logger);
+ return ses.mitigateSrcGotchas(programSrc, options, ses.logger);
} catch (error) {
// Shouldn't throw, but if it does, the exception is potentially
from a
// different context with an undefended prototype chain; don't
allow it
@@ -288,7 +334,8 @@
try {
safeError = new Error(error.message);
} catch (metaerror) {
- throw new Error('Could not safely obtain error from
mitigateGotchas');
+ throw new Error(
+ 'Could not safely obtain error from mitigateSrcGotchas');
}
throw safeError;
}
@@ -311,7 +358,6 @@
* Obtain the ES5 singleton [[ThrowTypeError]].
*/
function getThrowTypeError() {
- "use strict";
return
Object.getOwnPropertyDescriptor(getThrowTypeError, "arguments").get;
}
@@ -565,7 +611,7 @@
* access to any {@code freeNames} other than those found on the.
* {@code imports}.
*/
- function makeScopeObject(imports, freeNames) {
+ function makeScopeObject(imports, freeNames, options) {
var scopeObject = createNullIfPossible();
// createNullIfPossible safety: The inherited properties should
// always be shadowed by defined properties if they are relevant
@@ -590,21 +636,23 @@
desc = {
get: function scopedGet() {
if (name in imports) {
- var result = imports[name];
- if (typeof result === 'function') {
- // If it were possible to know that the getter call
- // was on behalf of a simple function call to the
- // gotten function, we could instead return that
- // function as bound to undefined. Unfortunately,
- // without parsing (or possibly proxies?), that isn't
- // possible.
- }
- return result;
+ // Note that, if this GET is on behalf of an
+ // unmitigated function call expression, this function
+ // will be called with a this-binding of the scope
+ // object rather than undefined.
+ return imports[name];
}
- // if it were possible to know that the getter call was on
- // behalf of a typeof expression, we'd return the string
- // "undefined" here instead. Unfortunately, without
- // parsing or proxies, that isn't possible.
+ if (options.maskReferenceError) {
+ // if it were possible to know that the getter call
+ // was on behalf of a typeof expression, we'd return
+ // {@code void 0} here only for that
+ // case. Unfortunately, without parsing or proxies,
+ // that isn't possible. To fix this more accurately by
+ // parsing and rewriting instead, when available, set
+ // maskReferenceError to false and rewriteTypeOf to
+ // true.
+ return void 0;
+ }
throw new ReferenceError('"' + name +
'" is not defined in this scope.');
},
@@ -632,7 +680,7 @@
throw new Error('New symptom: ' + name + ' in null-proto
object');
}
}
-
+
defProp(scopeObject, name, desc);
});
return freeze(scopeObject);
@@ -645,7 +693,7 @@
* surround it with a prelude and postlude.
*
* <p>Evaluating the resulting expression return a function that
- * <i>can</i>be called to execute the original expression safely,
+ * <i>can</i> be called to execute the original expression safely,
* in a controlled scope. See "makeCompiledExpr" for precisely the
* pattern that must be followed to call the resulting function
* safely.
@@ -700,11 +748,11 @@
* all its free variable references that appear in freeNames are
* redirected to the corresponding property of imports.
*/
- function makeCompiledExpr(wrapper, freeNames) {
+ function makeCompiledExpr(wrapper, freeNames, options) {
if (dirty) { fail('Initial cleaning failed'); }
function compiledCode(imports) {
- var scopeObject = makeScopeObject(imports, freeNames);
+ var scopeObject = makeScopeObject(imports, freeNames, options);
return wrapper.call(scopeObject).call(imports);
};
compiledCode.prototype = null;
@@ -719,20 +767,45 @@
* bound to that {@code imports}, and whose free variables
* refer only to the properties of that {@code imports}.
*
- * The optional {@code opt_mitigateOpts} can be used to control
- * which transformations are applied to src, if they are available.
- * If {@code opt_mitigateOpts} is:
- * - undefined || null then all default transformations are applied.
- * else the following option keys can be used.
- * - parseProgram: check the program is syntactically valid
- * - rewriteTopLevelVars: transform vars to properties of global
object
- * - rewriteTopLevelFuncs: transform funcs to properties of global
object
- * - rewriteTypeOf: rewrite program to support typeof barevar
+ * <p>The optional {@code opt_mitigateOpts} can be used to control
+ * which transformations are applied to src, if they are
+ * available. If {@code opt_mitigateOpts} is {@code undefined ||
+ * null} then all default transformations are applied. Otherwise
+ * the following option keys can be used.
+ * <ul>
+ * <li>maskReferenceError: Getting a free variable name that is
+ * absent on the imports object will throw a ReferenceError,
+ * even if gotten by an unmitigated {@code typeof}. With this
+ * set to true (the default), getting an absent variable will
+ * result in {@code undefined} which fixes the behavior of
+ * unmitigated {@code typeof} but masks normal ReferenceError
+ * cases. This is a less correct but faster alternative to
+ * rewriteTypeOf that also works when source mitigations are
+ * not available.
+ * <li>parseProgram: check the program is syntactically
+ * valid.
+ * <li>rewriteTopLevelVars: transform vars to properties of global
+ * object. Defaults to true.
+ * <li>rewriteTopLevelFuncs: transform funcs to properties of
+ * global object. Defaults to true.
+ * <li>rewriteFunctionCalls: transform function calls, e.g.,
+ * {@code f()}, into calls ensuring that the function gets
+ * called with a this-binding of {@code undefined}, e.g.,
+ * {@code (1,f)()}. Defaults to true. <a href=
+ * "https://code.google.com/p/google-caja/issues/detail?id=1755";
+ * >Currently unimplemented</a>.
+ * <li>rewriteTypeOf: rewrite program to support typeof
+ * barevar. rewriteTypeOf is only needed if maskReferenceError
+ * is false. If omitted, it defaults to the opposite of
+ * maskReferenceError.
+ * </ul>
*
- * Currently for security, parseProgram is always true and cannot be
unset
- * because of the Function constructor bug
- * (https://code.google.com/p/v8/issues/detail?id=2470)
- *
+ * <p>Currently for security, parseProgram is always true and
+ * cannot be unset because of the <a href=
+ * "https://code.google.com/p/v8/issues/detail?id=2470";
+ * >Function constructor bug</a>. TODO(jasvir): On platforms not
+ * suffering from this bug, parseProgram should default to false.
+ *
* <p>When SES is provided primitively, it should provide an
* analogous {@code compileProgram} function that accepts a
* Program and return a function that evaluates it to the
@@ -748,7 +821,9 @@
function compileExpr(src, opt_mitigateOpts, opt_sourcePosition) {
// Force src to be parsed as an expr
var exprSrc = '(' + src + '\n)';
- exprSrc = mitigateGotchas(exprSrc, opt_mitigateOpts);
+
+ var options = resolveOptions(opt_mitigateOpts);
+ exprSrc = mitigateSrcGotchas(exprSrc, options);
// This is a workaround for a bug in the escodegen renderer that
// renders expressions as expression statements
@@ -758,7 +833,7 @@
var wrapperSrc = securableWrapperSrc(exprSrc, opt_sourcePosition);
var wrapper = unsafeEval(wrapperSrc);
var freeNames = atLeastFreeVarNames(exprSrc);
- var result = makeCompiledExpr(wrapper, freeNames);
+ var result = makeCompiledExpr(wrapper, freeNames, options);
return freeze(result);
}
@@ -822,7 +897,7 @@
*
* For documentation on {@code opt_mitigateOpts} see the
* corresponding parameter in compileExpr.
- *
+ *
* <p>In addition, in case the module source happens to begin with
* a streotyped prelude of the CommonJS module system, the
* function resulting from module compilation has an additional
@@ -847,15 +922,16 @@
function compileModule(modSrc, opt_mitigateOpts, opt_sourcePosition) {
// Note the EOL after modSrc to prevent trailing line comment in
modSrc
// eliding the rest of the wrapper.
+ var options = resolveOptions(opt_mitigateOpts);
var exprSrc =
'(function() {' +
- mitigateGotchas(modSrc, opt_mitigateOpts) +
+ mitigateSrcGotchas(modSrc, options) +
'\n}).call(this)';
// Follow the pattern in compileExpr
var wrapperSrc = securableWrapperSrc(exprSrc, opt_sourcePosition);
var wrapper = unsafeEval(wrapperSrc);
var freeNames = atLeastFreeVarNames(exprSrc);
- var moduleMaker = makeCompiledExpr(wrapper, freeNames);
+ var moduleMaker = makeCompiledExpr(wrapper, freeNames, options);
moduleMaker.requirements = getRequirements(modSrc);
return freeze(moduleMaker);
@@ -1276,7 +1352,7 @@
configurable: false,
// See https://bugzilla.mozilla.org/show_bug.cgi?id=787262
- enumerable: desc.enumerable
+ enumerable: desc.enumerable
};
try {
defProp(global, name, newDesc);
@@ -1393,7 +1469,7 @@
// 6.0.2 (8536.26.17), and Opera 12.14 include '__proto__' in the
// result of Object.getOwnPropertyNames. However, the meaning of
// deleting this isn't clear, so here we effectively whitelist
- // it on all objects.
+ // it on all objects.
//
// We do not whitelist it in whitelist.js, as that would involve
// creating a property {@code __proto__: '*'} which, on some
=======================================
--- /trunk/tests/com/google/caja/plugin/es53-test-language-guest.html Wed
May 8 09:50:54 2013
+++ /trunk/tests/com/google/caja/plugin/es53-test-language-guest.html Wed
Jun 5 20:35:14 2013
@@ -691,12 +691,16 @@
<script>
jsunitRegister('testReferenceError',
function testReferenceError() {
- expectFailure(function() {
- testReferenceError_thisIsUndefined;
- }, null, function(e) {
- return e instanceof ReferenceError && e.message ===
+ if (inES5Mode) {
+ assertEquals(void 0, testReferenceError_thisIsUndefined);
+ } else {
+ expectFailure(function() {
+ testReferenceError_thisIsUndefined;
+ }, null, function(e) {
+ return e instanceof ReferenceError && e.message ===
'"testReferenceError_thisIsUndefined" is not defined in this
scope.';
- });
+ });
+ }
pass('testReferenceError');
});
</script>
=======================================
--- /trunk/tests/com/google/caja/testParserSpeed.js Wed Jan 30 14:57:22 2013
+++ /trunk/tests/com/google/caja/testParserSpeed.js Wed Jun 5 20:35:14 2013
@@ -12,6 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
+var ses;
+
(function() {
ses.logger = console;
@@ -42,11 +44,12 @@
console.log('=== Running ' + name + ' ===');
var mitigated;
var tmg = time(name + ' - mitigate gotchas', function() {
- mitigated = ses.mitigateGotchas(src, {
+ var options = ses.resolveOptions({
rewriteTopLevelVars: true,
rewriteTopLevelFuncs: true,
rewriteTypeof: true
});
+ mitigated = ses.mitigateSrcGotchas(src, options, ses.logger);
});
var parsed;
var tp = time(name + ' - parse', function() {
@@ -87,6 +90,3 @@
*/
})();
-
-
-
--
---
You received this message because you are subscribed to the Google Groups "Google Caja Discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
