Okay, let us go with the CL. Thanks for the reply. Cheers, Yuki Shiino
2015-06-05 17:36 GMT+09:00 Jochen Eisinger <[email protected]>: > The CL you wrote is the way to go. The bindings also have to type check > all incoming arguments, so I don't see that there's a special new security > risk. > > On Thu, Jun 4, 2015 at 12:26 PM Yuki Shiino <[email protected]> > wrote: > >> Thanks for the comment. I've found a way to implement [LenientThis] >> using existing V8 APIs. (But still think it would be better to support it >> in V8). I've prepared a CL to support [LenientThis] here: >> https://codereview.chromium.org/1161463009/ >> >> For the idea to use a wrapper function, the type check is done before a >> callback function is called, so anyway, we need to disable V8's type >> check. I think the type check is done at: >> >> https://code.google.com/p/chromium/codesearch#chromium/src/v8/src/builtins.cc&l=1078 >> >> I figured out that the type check is done based on v8::Signature of >> v8::FunctionTemplate. So, V8 already has a feature to disable the type >> check. If we specify the empty signature, V8 doesn't do the type check. >> (I didn't know that.) >> >> Having said that, I think it would be much better if V8 directly >> supported [LenientThis], because >> disabling the type check means that there is no guarantee what >> FunctionCallbackInfo::Holder() points to. We have to carefully avoid using >> FunctionCallbackInfo::Holder(). This is a security risk for us. >> >> My expectation is: >> - Blink specifies a FunctionTemplate as [LenientThis] and gives the >> appropriate Signature even if [LenientThis]. >> - V8 always tries to find the right receiver in >> FunctionTemplateInfo::GetCompatibleReceiver >> - if failed and not [LenientThis], throw a TypeError as same as now >> - if failed and [LenientThis], just return undefined. >> Then, FunctionCallbackInfo::Holder() always points to the appropriate >> holder. >> >> Cheers, >> Yuki Shiino >> >> >> 2015-06-04 16:56 GMT+09:00 Ben L. Titzer <[email protected]>: >> >>> Is it possible to emulate these semantics with a wrapper function that >>> catches type errors at the API boundary? >>> >>> On Thu, Jun 4, 2015 at 4:12 AM, Yuki Shiino <[email protected]> >>> wrote: >>> >>>> +cc: [email protected] >>>> -cc: v8-team >>>> >>>> Sorry, changed the mailing list to v8-users. >>>> >>>> Cheers, >>>> Yuki Shiino >>>> >>>> >>>> 2015-06-03 22:20 GMT+09:00 Yuki Shiino <[email protected]>: >>>> >>>>> Hi V8 team, >>>>> >>>>> It turned out that we need to support [LenientThis] extended attribute >>>>> <http://heycam.github.io/webidl/#LenientThis> sometime soon to keep >>>>> the backward compatibility. Here are the issues that need [LenientThis]. >>>>> https://crbug.com/472260 >>>>> https://crbug.com/492820 >>>>> >>>>> Since the type checking of instances is done in V8, we need you guys' >>>>> help to relax the type checking against |this|. Could you guys help us to >>>>> support [LenientThis]? >>>>> >>>>> The required behavior of [LenientThis] is >>>>> - get: returns |undefined| if the type checking fails, instead of >>>>> throwing TypeError. >>>>> - set: does nothing if the type checking fails, instead of throwing >>>>> TypeError. >>>>> >>>>> My expectation is >>>>> - V8 provides an option to relax the type checking >>>>> - V8 handles the required behavior above, or >>>>> V8 calls Blink binding code back even if the type doesnt match. >>>>> Any other ideas are welcome. >>>>> >>>>> Cheers, >>>>> Yuki Shiino >>>>> >>>>> >>>> -- >>>> -- >>>> v8-team mailing list >>>> [email protected] >>>> https://groups.google.com/a/google.com/group/v8-team >>>> >>> >>> >> -- -- v8-users mailing list [email protected] http://groups.google.com/group/v8-users --- You received this message because you are subscribed to the Google Groups "v8-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
