[+sam] On Tue, Jun 23, 2009 at 5:11 PM, Drew Wilson<[email protected]> wrote: > On Tue, Jun 23, 2009 at 4:53 PM, Maciej Stachowiak <[email protected]> wrote: >> Also, there might be a subtle bug in the above code: what if window.Worker >> is first accessed from a different frame? Then the prototype of the Worker >> constructor itself will use the other frame's Object prototype as its >> prototype. I'm not sure if that is right. I think maybe JSWorkerConstructor >> should be passed the global object from which it is retrieved as a property, >> instead of using the lexical global object. > > Good catch. This bug seems to be in all our custom generated constructors.
Yes. This has caused us headaches (e.g., security bugs) in the past. Adam _______________________________________________ webkit-dev mailing list [email protected] http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
