I try to understand SetSecurityToken's function. So I
modified EvalInAccessCheckedContext test case in test-api.cc which is
included in v8 sourcecode. Follow is my modification.
Modification One:
TEST(EvalInAccessCheckedContext) {
v8::Isolate* isolate = CcTest::isolate();
v8::HandleScope scope(isolate);
v8::Local<v8::ObjectTemplate> obj_template =
v8::ObjectTemplate::New(isolate);
//obj_template->SetAccessCheckCallback(AccessAlwaysAllowed); //comment
this line to ensure cross access only be controlled by SetSecurityToken
v8::Local<Context> context0 = Context::New(isolate, NULL, obj_template);
v8::Local<Context> context1 = Context::New(isolate, NULL, obj_template);
Local<Value> foo = v8_str("foo");
Local<Value> bar = v8_str("bar");
// Set to different domains.
context0->SetSecurityToken(foo);
context1->SetSecurityToken(bar);
// Set up function in context0 that uses eval from context0.
context0->Enter();
v8::Local<v8::Value> fun = CompileRun(
"var x = 42;"
"(function() {"
" var e = eval;"
//" return function(s) { return e(s); }" // this line will fail test
because SecurityToken is not the same
" return function(s) { return eval(s); }" // this line will pass
test. but why?
"})()");
context0->Exit();
// Put the function into context1 and call it. Since the access check
// callback always returns true, the call succeeds even though the tokens
// are different.
context1->Enter();
context1->Global()->Set(context1, v8_str("fun"), fun).FromJust();
v8::Local<v8::Value> x_value = CompileRun("fun('x')");
CHECK_EQ(42, x_value->Int32Value(context1).FromJust());
context1->Exit();
}
Modification Two:
TEST(EvalInAccessCheckedContext) {
v8::Isolate* isolate = CcTest::isolate();
v8::HandleScope scope(isolate);
v8::Local<v8::ObjectTemplate> obj_template =
v8::ObjectTemplate::New(isolate);
//obj_template->SetAccessCheckCallback(AccessAlwaysAllowed); //comment
this line to ensure cross access only be controlled by SetSecurityToken
v8::Local<Context> context0 = Context::New(isolate, NULL, obj_template);
v8::Local<Context> context1 = Context::New(isolate, NULL, obj_template);
Local<Value> foo = v8_str("foo");
Local<Value> bar = v8_str("bar");
// Set to different domains.
context0->SetSecurityToken(foo);
context1->SetSecurityToken(bar);
// Set up function in context0 that uses eval from context0.
context0->Enter();
v8::Local<v8::Value> fun = CompileRun(
"var x = {a:42};"
"(function() {"
" var e = eval;"
" return function(s) { return x; }" // just return a object that's
defined in context0
"})()");
v8::Local<v8::Value> x_value0 = CompileRun("x.a");
CHECK_EQ(42, x_value0->Int32Value(context0).FromJust());
Local<v8::Object> obj = context0->Global()->Get(context0,
v8_str("x")).ToLocalChecked()->ToObject();
obj->Set(context0, v8_str("a"), v8::Integer::New(context0->GetIsolate(),
100)).FromJust();
context0->Global()->Set(context0, v8_str("fun"), fun).FromJust();
v8::Local<v8::Value> x_value00 = CompileRun("fun('x')");
CHECK_EQ(100, x_value00->ToObject()->Get(context0,
v8_str("a")).ToLocalChecked()->Int32Value(context0).FromJust());
context0->Exit();
// Put the function into context1 and call it. Since the access check
// callback always returns true, the call succeeds even though the tokens
// are different.
context1->Enter();
context1->Global()->Set(context1, v8_str("fun"), fun).FromJust();
v8::Local<v8::Value> x_value = CompileRun("fun('x')");
CHECK_EQ(100, x_value->ToObject()->Get(context1,
v8_str("a")).ToLocalChecked()->Int32Value(context1).FromJust());
x_value->ToObject()->Set(context1, v8_str("a"),
v8::Integer::New(context0->GetIsolate(), 102)).FromJust();// change x
object of context0 in context1
context1->Exit();
context0->Enter();
{
Local<v8::Object> obj = context0->Global()->Get(context0,
v8_str("x")).ToLocalChecked()->ToObject();
CHECK_EQ(102, obj->Get(context0,
v8_str("a")).ToLocalChecked()->Int32Value(context0).FromJust()); // this
will pass. so why change is allowed?
v8::Local<v8::Value> x_value00 = CompileRun("fun('x')");
CHECK_EQ(102, x_value00->ToObject()->Get(context0,
v8_str("a")).ToLocalChecked()->Int32Value(context0).FromJust());
}
context0->Exit();
}
--
--
v8-users mailing list
[email protected]
http://groups.google.com/group/v8-users
---
You received this message because you are subscribed to the Google Groups
"v8-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
