On Fri, Sep 7, 2012 at 5:25 PM, Jakob Kummerow <[email protected]>wrote:
> The part of the V8 API documentation that applies here is how to wrap an > External (that was created in C++!) safely before passing it into JS (where > it can't be used anyway! It can only be read from C++). And that's by > storing it as in internal field of a valid JS object, not as a property > that's accessible on the JavaScript side. Because the latter would be > inherently unsafe. > >> ... >>> >> > * Keep External's implementation basically as it is. i.e. either a Smi >>> or a Foreign. If we do this, we should not keep External as a subclass of >>> Value (perhaps a subclass of Data?) and we should remove the IsExternal >>> predicate. This means that e.g. SilkJS has to change, following >>> https://developers.**google.com/v8/embed#dynamic<https://developers.google.com/v8/embed#dynamic>. >>> As it is, one can easily crash SilkJS by pure JavaScript. >>> >> > I'm in favor of this. I guess we could provide a convenience function that > wraps an External as an internal field into an otherwise empty object and > returns that, but it would have to be called explicitly. > FWIW, making an External not-a Value would break break ALL class bindings i've ever done (that's no small number of them), as well as every class binding in every framework i'm currently aware of (which of course is not all of them). That's a degree of incompatibility where i would have to pack up and move elsewhere (that's the reason i left Qt and the Autotools - too many incompatible changes breaking too many of my apps, causing me to spend too much time fixing things other people broke). "In the beginning" i used External directly as properties (because there was no documentation warning me otherwise), but quickly found that passing them around in JS segfaults (and i belong to the school of thought that script code is a sandbox and should never be able to segfault a native app). So i starting storing my (void*) via External in an InternalField (because that's how the API is apparently designed to be used). i've bound hundreds of classes using this approach, and i'd rather abandon my v8-using projects than go back and rework them all. >:-[ -- ----- stephan beal http://wanderinghorse.net/home/stephan/ http://gplus.to/sgbeal -- v8-users mailing list [email protected] http://groups.google.com/group/v8-users
