Mark S. Miller wrote: > For Cajita, the only issue is RegExps. Host objects are such a disaster of > unspecified vagueness and random browser behavior that we never expose hosts > objects directly to cajoled code. Rather, we intermediate all access to host > objects through our taming layer. Other secure JS variants -- ADsafe, FBJS, > Jacaranda, MS WebSandbox, dojox.secure -- do likewise. > > Within Cajita, RegExps are non-callable and are not functions, irrespective > of the underlying JS's behavior. Therefore, within Cajita, |typeof F === > 'function'| iff the [[Class]] property of F is "Function". In Cajita, > therefore, there is no difference between "being callable" and "being a > function". > > Because Rhino and WebKit say that typeof a RegExp is 'function', we need to > translate all Cajita typeof operations. Because Valija -- the full > ES3.1-strict emulation layer build on Cajita -- uses typeof in performance > critical places, this translation turned out to be costly. > > ********** > I suggest that, for non-host objects, we change the ES3.1 spec so that > |typeof F === 'function'| iff the [[Class]] property of F is "Function". For > host objects, the spec would continue to allow them to return whatever the > func they want ;). This proposed change is acceptable to all participants on > this morning's ES3.1 call, pending your reactions on these lists. > **********
I object. The Jacaranda runtime depends on being able to distinguish callable from noncallable objects. With this change, it has no reliable way to do so. (For the specific case of RegExp objects, there is no direct security problem because they do not use the value of 'this' when called. However, the proposed change in the spec would allow other native objects to be undetectably callable.) The correct fix is to make RegExp objects noncallable. This matches IE and Opera's behaviour and so will not "break the web". -- David-Sarah Hopwood _______________________________________________ Es-discuss mailing list [email protected] https://mail.mozilla.org/listinfo/es-discuss
