24424 2009-03-06 09:02:40 -0800 Unify JSC/V8 Location.idl 2009-03-10 15:56:21 -0700 1 1 1 Unclassified WebKit WebCore JavaScript 528+ (Nightly build) PC OS X 10.5 RESOLVED FIXED P2 Normal --- 1 mbelshe mbelshe sam oldest_to_newest 112595 0 mbelshe 2009-03-06 09:02:40 -0800 There is no functionality difference between V8 and JSC here. Implementation differences: * V8 uses CheckDomainSecurity on the interface. (JSC does this in CustomGetOwnPropertySlot) * V8 assigns some methods on the instance to prevent cross site access. * V8 generates valueOf, which needs to be protected similarly to toString(). 112596 1 28362 mbelshe 2009-03-06 09:08:04 -0800 Created attachment 28362 patch 112613 2 mbelshe 2009-03-06 09:58:19 -0800 The reason to declare valueOf() is so that this code works: var foo = cross_site_protected_frame.location + "boo"; The implicit conversion of location here will go through valueOf, and it should be protected just as toString is. JSC deals with this in its own CustomPropertySlot. 112620 3 28362 eric 2009-03-06 10:32:34 -0800 Comment on attachment 28362 patch Do these V8OnInstance flags override "custom"? or does "Custom" really mean "JSCCustom" these days? Either way looks fine. CCing Sam so he sees it go by as well. 112652 4 mbelshe 2009-03-06 13:46:48 -0800 "Custom" (or "JSCCustom" or "V8Custom") tells the IDL Code Generator "don't generate binding for this, there is one hand-crafted". The "V8OnInstance" tells the V8 code generator that this property should be installed on the object instance, rather than the prototype. It is V8 specific (I've made all V8-specific attributes start with "V8"), and the V8 code generator knows how to generate the binding. 112667 5 sam 2009-03-06 14:59:45 -0800 Does this introduce difference between the JSC and V8 bindings? That is something we should try very hard to avoid. 112825 6 mbelshe 2009-03-09 08:36:32 -0700 @Sam: No. 112881 7 eric 2009-03-09 12:48:52 -0700 M WebCore/ChangeLog M WebCore/page/Location.idl Committed r41535 113074 8 sam 2009-03-10 15:56:21 -0700 After a little discussion, it seems that this patch did infact implement a different behavior than JSC, for one, putting the functions on the instance instead of the prototype. The intent of my question was to try and stop any divergence at the bindings layer for the two js engines as that only hurts webkit. Mike, perhaps I misunderstood your answer? 28362 2009-03-06 09:08:04 -0800 2009-03-06 10:32:34 -0800 patch bug24424.patch text/plain 1816 mbelshe SW5kZXg6IFdlYkNvcmUvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFdlYkNvcmUvQ2hhbmdlTG9n CShyZXZpc2lvbiA0MTQ4MykKKysrIFdlYkNvcmUvQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBA IC0xLDMgKzEsMTAgQEAKKzIwMDktMDMtMDYgIE1pa2UgQmVsc2hlICA8bWlrZUBiZWxzaGUuY29t PgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorICAgICAgICBVbmlmeSBK U0MvVjggaWRsIGZpbGUuCisKKyAgICAgICAgKiBwYWdlL0xvY2F0aW9uLmlkbDoKKwogMjAwOS0w My0wNiAgR3VzdGF2byBOb3JvbmhhIFNpbHZhICA8Z25zQGdub21lLm9yZz4KIAogICAgICAgICBS ZXZpZXdlZCBieSBIb2xnZXIgRnJleXRoZXIuCkluZGV4OiBXZWJDb3JlL3BhZ2UvTG9jYXRpb24u aWRsCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT0KLS0tIFdlYkNvcmUvcGFnZS9Mb2NhdGlvbi5pZGwJKHJldmlzaW9uIDQx NDgxKQorKysgV2ViQ29yZS9wYWdlL0xvY2F0aW9uLmlkbAkod29ya2luZyBjb3B5KQpAQCAtMjks MTYgKzI5LDE5IEBACiBtb2R1bGUgd2luZG93IHsKIAogICAgIGludGVyZmFjZSBbCisjaWYgZGVm aW5lZChWOF9CSU5ESU5HKQorICAgICAgICBDaGVja0RvbWFpblNlY3VyaXR5LAorI2VuZGlmCiAg ICAgICAgIEN1c3RvbUdldE93blByb3BlcnR5U2xvdCwKICAgICAgICAgQ3VzdG9tUHV0RnVuY3Rp b24sCiAgICAgICAgIEN1c3RvbURlbGV0ZVByb3BlcnR5LAogICAgICAgICBDdXN0b21HZXRQcm9w ZXJ0eU5hbWVzCiAgICAgXSBMb2NhdGlvbiB7Ci0gICAgICAgICAgICAgICAgIGF0dHJpYnV0ZSBb Q3VzdG9tU2V0dGVyXSBET01TdHJpbmcgaHJlZjsKKyAgICAgICAgICAgICAgICAgYXR0cmlidXRl IFtDdXN0b21TZXR0ZXIsIFY4RGlzYWxsb3dTaGFkb3dpbmddIERPTVN0cmluZyBocmVmOwogCi0g ICAgICAgIFtDdXN0b21dIHZvaWQgYXNzaWduKGluIERPTVN0cmluZyB1cmwpOwotICAgICAgICBb Q3VzdG9tXSB2b2lkIHJlcGxhY2UoaW4gRE9NU3RyaW5nIHVybCk7Ci0gICAgICAgIFtDdXN0b21d IHZvaWQgcmVsb2FkKCk7CisgICAgICAgIFtDdXN0b20sIFY4T25JbnN0YW5jZV0gdm9pZCBhc3Np Z24oaW4gRE9NU3RyaW5nIHVybCk7CisgICAgICAgIFtDdXN0b20sIFY4T25JbnN0YW5jZV0gdm9p ZCByZXBsYWNlKGluIERPTVN0cmluZyB1cmwpOworICAgICAgICBbQ3VzdG9tLCBWOE9uSW5zdGFu Y2VdIHZvaWQgcmVsb2FkKCk7CiAKICAgICAgICAgLy8gVVJJIGRlY29tcG9zaXRpb24gYXR0cmli dXRlcwogICAgICAgICAgICAgICAgICBhdHRyaWJ1dGUgW0N1c3RvbVNldHRlcl0gRE9NU3RyaW5n IHByb3RvY29sOwpAQCAtNTAsNyArNTMsMTAgQEAgbW9kdWxlIHdpbmRvdyB7CiAgICAgICAgICAg ICAgICAgIGF0dHJpYnV0ZSBbQ3VzdG9tU2V0dGVyXSBET01TdHJpbmcgaGFzaDsKIAogI2lmIGRl ZmluZWQoTEFOR1VBR0VfSkFWQVNDUklQVCkKLSAgICAgICAgW0RvbnRFbnVtLCBDdXN0b21dIERP TVN0cmluZyB0b1N0cmluZygpOworICAgICAgICBbRG9udEVudW0sIEN1c3RvbSwgVjhPbkluc3Rh bmNlLCBWOFJlYWRPbmx5XSBET01TdHJpbmcgdG9TdHJpbmcoKTsKKyNlbmRpZgorI2lmIGRlZmlu ZWQoVjhfQklORElORykKKyAgICAgICAgW0RvbnRFbnVtLCBDdXN0b20sIFY4T25JbnN0YW5jZSwg VjhSZWFkT25seV0gRE9NT2JqZWN0IHZhbHVlT2YoKTsKICNlbmRpZgogICAgIH07Cg==