Re: Multiple globals and direct/indirect eval
[Adding WhatWG and public-script-coord (WebIDL) to the discussion. Discussion is ongoing : - Start of thread : https://mail.mozilla.org/pipermail/es-discuss/2011-March/012915.html - Strawman by Dave Herman: http://wiki.ecmascript.org/doku.php?id=strawman:multiple_globals )] --- Hi, I am wondering if ECMAScript is the right place to standardize this. Web browsers face multiple global object via a mecanism which isn't under the ECMAScript scope (namely HTMLIFrameElements (http://www.whatwg.org/specs/web-apps/current-work/multipage/the-iframe-element.html#htmliframeelement) which aren't even DOM but HTMLDOM-specific). Other ECMAScript implementations could face the issue of having several globals but with other non-HTMLDOM use cases. For that reason, I think it'd be dangerous for ECMAScript to standardize anything on the topic. To answer Jeff Walden's final questions, in my opinion, WebIDL would be a way better place to standardize this. ECMAScript could at most provide guidelines for ECMAScript implementors who would have to face this issue (gathering feedback and experience from implementations). Cheers, David Le 03/03/2011 23:39, Jeff Walden a écrit : A few months back I noticed an interesting interaction between how direct eval is defined and multiple globals. What happens if, in one global, you call an eval from another global as if it were a direct eval? var indirect = otherGlobal.eval; eval = indirect; print(eval(this) === this); print(indirect(this) === this); Standards currently don't say what should happen here because it's multiple globals, so what should this do? IE9 and Opera print false both times for this. Firefox prints true, then false -- but only if the global and otherGlobal are from the same origin (so on pages with the same scheme/host/port, more or less). If they're from different origins (but have set document.domain to the same value) Firefox too prints false. Chrome and Safari throw an EvalError calling another window's eval (for both direct and indirect calls) without that window as |this| for the call. The Chrome/Safari behavior would resurrect the vestigial EvalError, so I don't think it makes sense. It also contradicts the specification of the steps in the definition of the eval function. Firefox's behavior is inconsistent and seems not amenable to host-agnostic specification as ECMA would require. Thus we are left with the IE9/Opera behavior, which seems sensible and natural to me: an eval function should always act in the context of the global from which it came. What needs to be done to standardize this behavior? And more generally, what needs to be done to begin standardizing multiple globals in ECMAScript, including issues like this one? Jeff ___ es-discuss mailing list es-discuss@mozilla.org https://mail.mozilla.org/listinfo/es-discuss ___ es-discuss mailing list es-discuss@mozilla.org https://mail.mozilla.org/listinfo/es-discuss
Re: [whatwg] Multiple globals and direct/indirect eval
On Mar 4, 2011, at 8:39 AM, Mark S. Miller wrote: I certainly agree that there needs to be a better interface boundary between w3c/whatwg specs and ECMA specs. Too many issues -- like the semantics of multiple globals -- fall in the gaps between the two organizations. The WebIDL's JS binding and public-script-coord are good places to work out these boundary issues. WebIDL, WebIDL's JS binding, and ES-next should co-evolve so that the rest of the w3c/whatwg specs ideally interface to JS only through WebIDL, and WebIDL's JS binding ideally depend= s only on standard elements of ES-next. Of course, there will always be a nee= d to accommodate some special cases that can't be specified that way, like th= e semantics of cross-origin heap sharing. My main regret in saying this is that WebIDL, having evolved from Corba IDL= , is notationally almost pessimal for encouraging good JS interface design. W= e have all been suffering the consequences of that. I fear that WebIDL, and its entrenched place within the w3c/whatwg API design process, dooms us to = a continual flood of browser APIs hostile to JS programmers. I also agree that there are issues here that need a common resolution. However, it is less clear to me that that WebIDL is the best (or only) place it needs to be addressed. WebIDL defines how abstract interface definitions map to the concrete features of various languages. However, there are places in web specifications where specific semantic actions (not interfaces) must be described in a manner that that transcend all languages. These are not language binding issues, but rather concerns that relate to the semantics that must be commonly support by any language that executes in the web application environment. Essentially, there is a language independent web apps scripting environment. More concretely, you might think of this as the common shared browser heap. This environment should be specified in or as one of the core browser/web app specifications. If that is done, then language bindings can be specified the context of that specification. Some of characteristics of this scripting environment may include things like: Web app objects encapsulate state that may include reference to other objects. The state of objects can be manipulated/access via put/get/call operations to their methods and attributes. There are multiple independent heaps. Heaps have well defined lifetimes. Each object exists within a specific heap and has unique identity with respect to its heap. Objects within a common heap may directly reference and interact with each other, constrained only by their specific language semantics. References between objects in different heaps must be intermediated via a mechanism with a specified semantics. Multiple Script global objects may exist in a single heap. etc. The specification of this environment should sufficiently complete that all language independent scripting characteristics of the browser (for example cross-origin policies) to be specified strictly in terms of that specification and without references to any specific language binding. Done well, this would give us a much cleaner separation between the web app platform and specific scripting language. At that point, some of the issues of current concern then really do become language binding issues. For example, how does the concept of multiple Script global objects map onto the ECMAScript language. ___ es-discuss mailing list es-discuss@mozilla.org https://mail.mozilla.org/listinfo/es-discuss
Re: Multiple globals and direct/indirect eval
On Mar 3, 2011, at 9:22 PM, David Herman wrote: Thus we are left with the IE9/Opera behavior, which seems sensible and natural to me: an eval function should always act in the context of the global from which it came. Now this I think I don't agree with. The reason is that direct eval is really a static operator in ECMAScript, not an ordinary function call. It's more than a function call because, for example, it has access to the lexical environment. Now, it has this strange dynamic component where, if the value turns out dynamically *not* to be an evaluation function, then it degenerates into a function call. But this doesn't change the fact that direct eval is imbued with special static-operator powers not available to other function calls -- in particular, access to the lexical environment. Dave, I completely agree with this intent. direct eval was intended to perform as if it was an operator and hence has fixed call site specific semantics. We may quibble about the details of the specification regarding how we identify such direct evals but I don't think there is any question about how a direct eval is supposed to behave once you are sure it is a direct eval. If we think a call site is a direct eval but in fact it would access a foreign global object then it must have been misidentified as a direct eval as such access is not part of the intended direct eval behavior. At any rate, I can see two semantics that seem reasonable to me. First let me make up some terminology: an apparently direct eval is a call that's of the right form to be a direct eval, but whether it actually turns out to be a direct eval depends on the dynamic value of the callee. So the two alternatives: 1) an apparently direct eval is a direct eval if its callee is *any* evaluation function 2) an apparently direct eval is a direct eval *only* if its callee is the evaluation function of the same global context as the call site In either alternative, though, the global object of the eval'ed code is the same global object as the call site. At least for same-origin, semantics #1 agrees with what Firefox is doing. But either one makes sense to me. there is a third alternative: there is a single unique eval function object value taht is the initial value of the global eval binding in all global contexts. A directly related questions is what do we expect for eval ===otherGlobal.eval assuming that the initial value of the global eval binding has not been changed in either context. Assuming that a script has executed: const originalEval = eval; then consider the code: eval = otherGlobal.eval; if (eval !== originalEval) eval(); Based upon original ES5 intent, the eval clause in the then clause should never be treated as a direct eval as it is clearly observable that eval has been tampered with. To me, this would preclude alternative 1 (assuming different eval functions are not ===) but it would allow for alternative 2 or my alternative 3. It's when we look at the indirect eval case that other issues arise. A evaluation function when called (not a direct eval) has access to some global environment. Is it the global environment that the eval function originated from or is it the ambient global environment of the caller? Either is plausible. However, the global of origin option would preclude by alternative 3 above (single shared eval function) as it suggests that it would be possible for values that compare === to have observably different behavior when invoked. Not something we want. This seems to reduce us to two overall alternatives: 1) each global context has a === unique evaluation function that captures that global context and which is used as the global context when the function is invoke. 2) there is a single === unique evaluation function that is shared by all global contexts. When the function is called it uses the ambient global context of its caller. The main problem with alternative 2 is that I don't believe that current browsers generally conform to the === requirement. Other interesting behavior to compare among browsers is: var a= new otherGobal.Array; var b= otherGobal.eval(new Array); print(Object.getPrototypeOf([ ])===Object.getPrototypeOf(a)); print(Object.getPrototypeOf(a)===Object.getPrototypeOf(b)); I believe we will see that currently browser generally answer false to the first test and that results of the second test may vary. If built-ins generally behave as if they have captured their origin global environment, then it would seem consistent that the eval function should behave in the same consistent manner. These all leads me to conclude that the likely resolution is: 1) each global context has a === unique evaluation function that captures that global context and which is used as the global context when the function is called (not a direct eval). As for the same-origin stuff, I'm not yet