Reviewers: felix8a,
Description:
This exercises the cause of, and detects the symptom of,
<https://code.google.com/p/google-caja/issues/detail?id=1789>, and so
should catch future occurrences of similar bugs in unrelated objects.
* Define a new type of invocation, PLAIN_CALL, which means exactly f()
as opposed to Function.prototype.apply.call(f, undefined, []), which
does not trigger the bug. In order to do varargs calls without using
apply, we create and evaluate code containing a call with the needed
number of arguments.
* Perform at least one PLAIN_CALL on all functions whose toString is
"[native code]".
* Consider encountering the taming or guest frame's feral "window"
object to be a problem.
* Explicitly mark Function as expected to throw in ES5/3 (needed because
the new plain-call support invokes it despite being G.none in
functionArgs).
Please review this at https://codereview.appspot.com/13178043/
Affected files:
M tests/com/google/caja/plugin/browser-test-case.js
M tests/com/google/caja/plugin/test-scan-guest.js
--
---
You received this message because you are subscribed to the Google Groups "Google Caja Discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
