void Arguments::put(JSCell* cell, ExecState* exec, PropertyName propertyName, JSValue value, PutPropertySlot& slot)
{
Arguments* thisObject = jsCast<Arguments*>(cell);
unsigned i = propertyName.asIndex();
if (i < thisObject->d->numArguments && (!thisObject->d->deletedArguments || !thisObject->d->deletedArguments[i])) {
ASSERT(i < PropertyName::NotAnIndex);
thisObject->argument(i).set(exec->globalData(), thisObject, value);
return;
}
if (propertyName == exec->propertyNames().length && !thisObject->d->overrodeLength) {
thisObject->d->overrodeLength = true;
thisObject->putDirect(exec->globalData(), propertyName, value, DontEnum);
return;
}
if (propertyName == exec->propertyNames().callee && !thisObject->d->overrodeCallee) {
if (!thisObject->d->isStrictMode) {
thisObject->d->overrodeCallee = true;
thisObject->putDirect(exec->globalData(), propertyName, value, DontEnum);
return;
}
thisObject->createStrictModeCalleeIfNecessary(exec);
}
if (propertyName == exec->propertyNames().caller && thisObject->d->isStrictMode)
thisObject->createStrictModeCallerIfNecessary(exec);
JSObject::put(thisObject, exec, propertyName, value, slot);
}
void Arguments::put(JSCell* cell, ExecState* exec, PropertyName propertyName, JSValue value, PutPropertySlot& slot)
{
Arguments* thisObject = jsCast<Arguments*>(cell);
unsigned i = propertyName.asIndex();
if (thisObject->trySetArgument(exec->vm(), i, value))
return;
if (propertyName == exec->propertyNames().length && !thisObject->m_overrodeLength) {
thisObject->m_overrodeLength = true;
thisObject->putDirect(exec->vm(), propertyName, value, DontEnum);
return;
}
if (propertyName == exec->propertyNames().callee && !thisObject->m_overrodeCallee) {
if (!thisObject->m_isStrictMode) {
thisObject->m_overrodeCallee = true;
thisObject->putDirect(exec->vm(), propertyName, value, DontEnum);
return;
}
thisObject->createStrictModeCalleeIfNecessary(exec);
}
if (propertyName == exec->propertyNames().caller && thisObject->m_isStrictMode)
thisObject->createStrictModeCallerIfNecessary(exec);
JSObject::put(thisObject, exec, propertyName, value, slot);
}
bool Arguments::getOwnPropertyDescriptor(JSObject* object, ExecState* exec, PropertyName propertyName, PropertyDescriptor& descriptor)
{
Arguments* thisObject = jsCast<Arguments*>(object);
unsigned i = propertyName.asIndex();
if (i < thisObject->d->numArguments && (!thisObject->d->deletedArguments || !thisObject->d->deletedArguments[i])) {
ASSERT(i < PropertyName::NotAnIndex);
descriptor.setDescriptor(thisObject->argument(i).get(), None);
return true;
}
if (propertyName == exec->propertyNames().length && LIKELY(!thisObject->d->overrodeLength)) {
descriptor.setDescriptor(jsNumber(thisObject->d->numArguments), DontEnum);
return true;
}
if (propertyName == exec->propertyNames().callee && LIKELY(!thisObject->d->overrodeCallee)) {
if (!thisObject->d->isStrictMode) {
descriptor.setDescriptor(thisObject->d->callee.get(), DontEnum);
return true;
}
thisObject->createStrictModeCalleeIfNecessary(exec);
}
if (propertyName == exec->propertyNames().caller && thisObject->d->isStrictMode)
thisObject->createStrictModeCallerIfNecessary(exec);
return JSObject::getOwnPropertyDescriptor(thisObject, exec, propertyName, descriptor);
}
bool Arguments::getOwnPropertySlot(JSCell* cell, ExecState* exec, PropertyName propertyName, PropertySlot& slot)
{
Arguments* thisObject = jsCast<Arguments*>(cell);
unsigned i = propertyName.asIndex();
if (i < thisObject->d->numArguments && (!thisObject->d->deletedArguments || !thisObject->d->deletedArguments[i])) {
ASSERT(i < PropertyName::NotAnIndex);
slot.setValue(thisObject->argument(i).get());
return true;
}
if (propertyName == exec->propertyNames().length && LIKELY(!thisObject->d->overrodeLength)) {
slot.setValue(jsNumber(thisObject->d->numArguments));
return true;
}
if (propertyName == exec->propertyNames().callee && LIKELY(!thisObject->d->overrodeCallee)) {
if (!thisObject->d->isStrictMode) {
slot.setValue(thisObject->d->callee.get());
return true;
}
thisObject->createStrictModeCalleeIfNecessary(exec);
}
if (propertyName == exec->propertyNames().caller && thisObject->d->isStrictMode)
thisObject->createStrictModeCallerIfNecessary(exec);
return JSObject::getOwnPropertySlot(thisObject, exec, propertyName, slot);
}
bool Arguments::deleteProperty(JSCell* cell, ExecState* exec, PropertyName propertyName)
{
if (exec->vm().isInDefineOwnProperty())
return Base::deleteProperty(cell, exec, propertyName);
Arguments* thisObject = jsCast<Arguments*>(cell);
unsigned i = propertyName.asIndex();
if (i < thisObject->m_numArguments) {
RELEASE_ASSERT(i < PropertyName::NotAnIndex);
if (!Base::deleteProperty(cell, exec, propertyName))
return false;
if (thisObject->tryDeleteArgument(exec->vm(), i))
return true;
}
if (propertyName == exec->propertyNames().length && !thisObject->m_overrodeLength) {
thisObject->m_overrodeLength = true;
return true;
}
if (propertyName == exec->propertyNames().callee && !thisObject->m_overrodeCallee) {
if (!thisObject->m_isStrictMode) {
thisObject->m_overrodeCallee = true;
return true;
}
thisObject->createStrictModeCalleeIfNecessary(exec);
}
if (propertyName == exec->propertyNames().caller && thisObject->m_isStrictMode)
thisObject->createStrictModeCallerIfNecessary(exec);
return JSObject::deleteProperty(thisObject, exec, propertyName);
}
bool Structure::prototypeChainMayInterceptStoreTo(JSGlobalData& globalData, PropertyName propertyName)
{
unsigned i = propertyName.asIndex();
if (i != PropertyName::NotAnIndex)
return anyObjectInChainMayInterceptIndexedAccesses();
for (Structure* current = this; ;) {
JSValue prototype = current->storedPrototype();
if (prototype.isNull())
return false;
current = prototype.asCell()->structure();
unsigned attributes;
JSCell* specificValue;
PropertyOffset offset = current->get(globalData, propertyName, attributes, specificValue);
if (!JSC::isValidOffset(offset))
continue;
if (attributes & (ReadOnly | Accessor))
return true;
return false;
}
}
bool JSTestEventTarget::getOwnPropertyDescriptor(JSObject* object, ExecState* exec, PropertyName propertyName, PropertyDescriptor& descriptor)
{
JSTestEventTarget* thisObject = jsCast<JSTestEventTarget*>(object);
ASSERT_GC_OBJECT_INHERITS(thisObject, &s_info);
const HashEntry* entry = JSTestEventTargetTable.entry(exec, propertyName);
if (entry) {
PropertySlot slot(thisObject);
slot.setCustom(thisObject, entry->propertyGetter());
descriptor.setDescriptor(slot.getValue(exec, propertyName), entry->attributes());
return true;
}
unsigned index = propertyName.asIndex();
if (index != PropertyName::NotAnIndex && index < static_cast<TestEventTarget*>(thisObject->impl())->length()) {
PropertySlot slot(thisObject);
slot.setCustomIndex(thisObject, index, indexGetter);
descriptor.setDescriptor(slot.getValue(exec, propertyName), DontDelete | ReadOnly);
return true;
}
if (canGetItemsForName(exec, static_cast<TestEventTarget*>(thisObject->impl()), propertyName)) {
PropertySlot slot(thisObject);
slot.setCustom(thisObject, nameGetter);
descriptor.setDescriptor(slot.getValue(exec, propertyName), ReadOnly | DontDelete | DontEnum);
return true;
}
return getStaticValueDescriptor<JSTestEventTarget, Base>(exec, &JSTestEventTargetTable, thisObject, propertyName, descriptor);
}
bool JSFloat64Array::getOwnPropertyDescriptor(JSObject* object, ExecState* exec, PropertyName propertyName, PropertyDescriptor& descriptor)
{
JSFloat64Array* thisObject = jsCast<JSFloat64Array*>(object);
ASSERT_GC_OBJECT_INHERITS(thisObject, &s_info);
unsigned index = propertyName.asIndex();
if (index != PropertyName::NotAnIndex && index < static_cast<Float64Array*>(thisObject->impl())->length()) {
descriptor.setDescriptor(thisObject->getByIndex(exec, index), DontDelete);
return true;
}
return getStaticValueDescriptor<JSFloat64Array, Base>(exec, getJSFloat64ArrayTable(exec), thisObject, propertyName, descriptor);
}
bool JSFloat64Array::getOwnPropertySlot(JSCell* cell, ExecState* exec, PropertyName propertyName, PropertySlot& slot)
{
JSFloat64Array* thisObject = jsCast<JSFloat64Array*>(cell);
ASSERT_GC_OBJECT_INHERITS(thisObject, &s_info);
unsigned index = propertyName.asIndex();
if (index != PropertyName::NotAnIndex && index < static_cast<Float64Array*>(thisObject->impl())->length()) {
slot.setValue(thisObject->getByIndex(exec, index));
return true;
}
return getStaticValueSlot<JSFloat64Array, Base>(exec, getJSFloat64ArrayTable(exec), thisObject, propertyName, slot);
}
void JSFloat64Array::put(JSCell* cell, ExecState* exec, PropertyName propertyName, JSValue value, PutPropertySlot& slot)
{
JSFloat64Array* thisObject = jsCast<JSFloat64Array*>(cell);
ASSERT_GC_OBJECT_INHERITS(thisObject, &s_info);
unsigned index = propertyName.asIndex();
if (index != PropertyName::NotAnIndex) {
thisObject->indexSetter(exec, index, value);
return;
}
Base::put(thisObject, exec, propertyName, value, slot);
}
bool StringObject::deleteProperty(JSCell* cell, ExecState* exec, PropertyName propertyName)
{
StringObject* thisObject = jsCast<StringObject*>(cell);
if (propertyName == exec->propertyNames().length)
return false;
unsigned i = propertyName.asIndex();
if (thisObject->internalValue()->canGetIndex(i)) {
ASSERT(i != PropertyName::NotAnIndex); // No need for an explicit check, the above test would always fail!
return false;
}
return JSObject::deleteProperty(thisObject, exec, propertyName);
}
bool Arguments::defineOwnProperty(JSObject* object, ExecState* exec, PropertyName propertyName, PropertyDescriptor& descriptor, bool shouldThrow)
{
Arguments* thisObject = jsCast<Arguments*>(object);
unsigned i = propertyName.asIndex();
if (i < thisObject->d->numArguments) {
ASSERT(i < PropertyName::NotAnIndex);
// If the property is not yet present on the object, and is not yet marked as deleted, then add it now.
PropertySlot slot;
if ((!thisObject->d->deletedArguments || !thisObject->d->deletedArguments[i]) && !JSObject::getOwnPropertySlot(thisObject, exec, propertyName, slot))
object->putDirect(exec->globalData(), propertyName, thisObject->argument(i).get(), 0);
if (!Base::defineOwnProperty(object, exec, propertyName, descriptor, shouldThrow))
return false;
if (!thisObject->d->deletedArguments) {
thisObject->d->deletedArguments = adoptArrayPtr(new bool[thisObject->d->numArguments]);
memset(thisObject->d->deletedArguments.get(), 0, sizeof(bool) * thisObject->d->numArguments);
}
// From ES 5.1, 10.6 Arguments Object
// 5. If the value of isMapped is not undefined, then
if (!thisObject->d->deletedArguments[i]) {
// a. If IsAccessorDescriptor(Desc) is true, then
if (descriptor.isAccessorDescriptor()) {
// i. Call the [[Delete]] internal method of map passing P, and false as the arguments.
thisObject->d->deletedArguments[i] = true;
} else { // b. Else
// i. If Desc.[[Value]] is present, then
// 1. Call the [[Put]] internal method of map passing P, Desc.[[Value]], and Throw as the arguments.
if (descriptor.value())
thisObject->argument(i).set(exec->globalData(), thisObject, descriptor.value());
// ii. If Desc.[[Writable]] is present and its value is false, then
// 1. Call the [[Delete]] internal method of map passing P and false as arguments.
if (descriptor.writablePresent() && !descriptor.writable())
thisObject->d->deletedArguments[i] = true;
}
}
return true;
}
if (propertyName == exec->propertyNames().length && !thisObject->d->overrodeLength) {
thisObject->putDirect(exec->globalData(), propertyName, jsNumber(thisObject->d->numArguments), DontEnum);
thisObject->d->overrodeLength = true;
} else if (propertyName == exec->propertyNames().callee && !thisObject->d->overrodeCallee) {
thisObject->putDirect(exec->globalData(), propertyName, thisObject->d->callee.get(), DontEnum);
thisObject->d->overrodeCallee = true;
} else if (propertyName == exec->propertyNames().caller && thisObject->d->isStrictMode)
thisObject->createStrictModeCallerIfNecessary(exec);
return Base::defineOwnProperty(object, exec, propertyName, descriptor, shouldThrow);
}
bool Arguments::defineOwnProperty(JSObject* object, ExecState* exec, PropertyName propertyName, const PropertyDescriptor& descriptor, bool shouldThrow)
{
Arguments* thisObject = jsCast<Arguments*>(object);
unsigned i = propertyName.asIndex();
if (i < thisObject->m_numArguments) {
RELEASE_ASSERT(i < PropertyName::NotAnIndex);
// If the property is not yet present on the object, and is not yet marked as deleted, then add it now.
PropertySlot slot(thisObject);
if (!thisObject->isDeletedArgument(i) && !JSObject::getOwnPropertySlot(thisObject, exec, propertyName, slot)) {
JSValue value = thisObject->tryGetArgument(i);
ASSERT(value);
object->putDirectMayBeIndex(exec, propertyName, value);
}
if (!Base::defineOwnProperty(object, exec, propertyName, descriptor, shouldThrow))
return false;
// From ES 5.1, 10.6 Arguments Object
// 5. If the value of isMapped is not undefined, then
if (thisObject->isArgument(i)) {
// a. If IsAccessorDescriptor(Desc) is true, then
if (descriptor.isAccessorDescriptor()) {
// i. Call the [[Delete]] internal method of map passing P, and false as the arguments.
thisObject->tryDeleteArgument(exec->vm(), i);
} else { // b. Else
// i. If Desc.[[Value]] is present, then
// 1. Call the [[Put]] internal method of map passing P, Desc.[[Value]], and Throw as the arguments.
if (descriptor.value())
thisObject->trySetArgument(exec->vm(), i, descriptor.value());
// ii. If Desc.[[Writable]] is present and its value is false, then
// 1. Call the [[Delete]] internal method of map passing P and false as arguments.
if (descriptor.writablePresent() && !descriptor.writable())
thisObject->tryDeleteArgument(exec->vm(), i);
}
}
return true;
}
if (propertyName == exec->propertyNames().length && !thisObject->m_overrodeLength) {
thisObject->putDirect(exec->vm(), propertyName, jsNumber(thisObject->m_numArguments), DontEnum);
thisObject->m_overrodeLength = true;
} else if (propertyName == exec->propertyNames().callee && !thisObject->m_overrodeCallee) {
thisObject->putDirect(exec->vm(), propertyName, thisObject->m_callee.get(), DontEnum);
thisObject->m_overrodeCallee = true;
} else if (propertyName == exec->propertyNames().caller && thisObject->m_isStrictMode)
thisObject->createStrictModeCallerIfNecessary(exec);
return Base::defineOwnProperty(object, exec, propertyName, descriptor, shouldThrow);
}
bool JSString::getStringPropertyDescriptor(ExecState* exec, PropertyName propertyName, PropertyDescriptor& descriptor)
{
if (propertyName == exec->propertyNames().length) {
descriptor.setDescriptor(jsNumber(m_length), DontEnum | DontDelete | ReadOnly);
return true;
}
unsigned i = propertyName.asIndex();
if (i < m_length) {
ASSERT(i != PropertyName::NotAnIndex); // No need for an explicit check, the above test would always fail!
descriptor.setDescriptor(getIndex(exec, i), DontDelete | ReadOnly);
return true;
}
return false;
}
void RuntimeArray::put(JSCell* cell, ExecState* exec, PropertyName propertyName, JSValue value, PutPropertySlot& slot)
{
RuntimeArray* thisObject = jsCast<RuntimeArray*>(cell);
if (propertyName == exec->propertyNames().length) {
throwError(exec, createRangeError(exec, "Range error"));
return;
}
unsigned index = propertyName.asIndex();
if (index != PropertyName::NotAnIndex) {
thisObject->getConcreteArray()->setValueAt(exec, index, value);
return;
}
JSObject::put(thisObject, exec, propertyName, value, slot);
}
bool RuntimeArray::getOwnPropertySlot(JSCell* cell, ExecState* exec, PropertyName propertyName, PropertySlot& slot)
{
RuntimeArray* thisObject = jsCast<RuntimeArray*>(cell);
if (propertyName == exec->propertyNames().length) {
slot.setCacheableCustom(thisObject, thisObject->lengthGetter);
return true;
}
unsigned index = propertyName.asIndex();
if (index < thisObject->getLength()) {
ASSERT(index != PropertyName::NotAnIndex);
slot.setCustomIndex(thisObject, index, thisObject->indexGetter);
return true;
}
return JSObject::getOwnPropertySlot(thisObject, exec, propertyName, slot);
}
bool JSFileList::getOwnPropertySlot(JSObject* object, ExecState* exec, PropertyName propertyName, PropertySlot& slot)
{
JSFileList* thisObject = jsCast<JSFileList*>(object);
ASSERT_GC_OBJECT_INHERITS(thisObject, info());
const HashEntry* entry = getStaticValueSlotEntryWithoutCaching<JSFileList>(exec, propertyName);
if (entry) {
slot.setCustom(thisObject, entry->attributes(), entry->propertyGetter());
return true;
}
unsigned index = propertyName.asIndex();
if (index != PropertyName::NotAnIndex && index < thisObject->impl().length()) {
unsigned attributes = DontDelete | ReadOnly;
slot.setCustomIndex(thisObject, attributes, index, indexGetter);
return true;
}
return getStaticValueSlot<JSFileList, Base>(exec, getJSFileListTable(exec), thisObject, propertyName, slot);
}
bool JSTestEventTarget::getOwnPropertySlot(JSObject* object, ExecState* exec, PropertyName propertyName, PropertySlot& slot)
{
JSTestEventTarget* thisObject = jsCast<JSTestEventTarget*>(object);
ASSERT_GC_OBJECT_INHERITS(thisObject, &s_info);
const HashEntry* entry = getStaticValueSlotEntryWithoutCaching<JSTestEventTarget>(exec, propertyName);
if (entry) {
slot.setCustom(thisObject, entry->propertyGetter());
return true;
}
unsigned index = propertyName.asIndex();
if (index != PropertyName::NotAnIndex && index < static_cast<TestEventTarget*>(thisObject->impl())->length()) {
slot.setCustomIndex(thisObject, index, indexGetter);
return true;
}
if (canGetItemsForName(exec, static_cast<TestEventTarget*>(thisObject->impl()), propertyName)) {
slot.setCustom(thisObject, thisObject->nameGetter);
return true;
}
return getStaticValueSlot<JSTestEventTarget, Base>(exec, &JSTestEventTargetTable, thisObject, propertyName, slot);
}
bool RuntimeArray::getOwnPropertyDescriptor(JSObject* object, ExecState* exec, PropertyName propertyName, PropertyDescriptor& descriptor)
{
RuntimeArray* thisObject = jsCast<RuntimeArray*>(object);
if (propertyName == exec->propertyNames().length) {
PropertySlot slot;
slot.setCustom(thisObject, lengthGetter);
descriptor.setDescriptor(slot.getValue(exec, propertyName), ReadOnly | DontDelete | DontEnum);
return true;
}
unsigned index = propertyName.asIndex();
if (index < thisObject->getLength()) {
ASSERT(index != PropertyName::NotAnIndex);
PropertySlot slot;
slot.setCustomIndex(thisObject, index, indexGetter);
descriptor.setDescriptor(slot.getValue(exec, propertyName), DontDelete | DontEnum);
return true;
}
return JSObject::getOwnPropertyDescriptor(thisObject, exec, propertyName, descriptor);
}
bool JSTestEventTarget::getOwnPropertySlot(JSObject* object, ExecState* exec, PropertyName propertyName, PropertySlot& slot)
{
JSTestEventTarget* thisObject = jsCast<JSTestEventTarget*>(object);
ASSERT_GC_OBJECT_INHERITS(thisObject, info());
const HashTableValue* entry = getStaticValueSlotEntryWithoutCaching<JSTestEventTarget>(exec, propertyName);
if (entry) {
slot.setCacheableCustom(thisObject, entry->attributes(), entry->propertyGetter());
return true;
}
unsigned index = propertyName.asIndex();
if (index != PropertyName::NotAnIndex && index < thisObject->impl().length()) {
unsigned attributes = DontDelete | ReadOnly;
slot.setValue(thisObject, attributes, toJS(exec, thisObject->globalObject(), thisObject->impl().item(index)));
return true;
}
if (canGetItemsForName(exec, &thisObject->impl(), propertyName)) {
slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, thisObject->nameGetter);
return true;
}
return getStaticValueSlot<JSTestEventTarget, Base>(exec, JSTestEventTargetTable, thisObject, propertyName, slot);
}
bool JSDOMNamedFlowCollection::getOwnPropertySlot(JSObject* object, ExecState* exec, PropertyName propertyName, PropertySlot& slot)
{
JSDOMNamedFlowCollection* thisObject = jsCast<JSDOMNamedFlowCollection*>(object);
ASSERT_GC_OBJECT_INHERITS(thisObject, info());
const HashEntry* entry = getStaticValueSlotEntryWithoutCaching<JSDOMNamedFlowCollection>(exec, propertyName);
if (entry) {
slot.setCustom(thisObject, entry->attributes(), entry->propertyGetter());
return true;
}
unsigned index = propertyName.asIndex();
if (index != PropertyName::NotAnIndex && index < thisObject->impl().length()) {
unsigned attributes = DontDelete | ReadOnly;
slot.setCustomIndex(thisObject, attributes, index, indexGetter);
return true;
}
if (canGetItemsForName(exec, &thisObject->impl(), propertyName)) {
slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, thisObject->nameGetter);
return true;
}
return getStaticValueSlot<JSDOMNamedFlowCollection, Base>(exec, JSDOMNamedFlowCollectionTable, thisObject, propertyName, slot);
}
bool Arguments::deleteProperty(JSCell* cell, ExecState* exec, PropertyName propertyName)
{
if (exec->globalData().isInDefineOwnProperty())
return Base::deleteProperty(cell, exec, propertyName);
Arguments* thisObject = jsCast<Arguments*>(cell);
unsigned i = propertyName.asIndex();
if (i < thisObject->d->numArguments) {
ASSERT(i < PropertyName::NotAnIndex);
if (!Base::deleteProperty(cell, exec, propertyName))
return false;
if (!thisObject->d->deletedArguments) {
thisObject->d->deletedArguments = adoptArrayPtr(new bool[thisObject->d->numArguments]);
memset(thisObject->d->deletedArguments.get(), 0, sizeof(bool) * thisObject->d->numArguments);
}
if (!thisObject->d->deletedArguments[i]) {
thisObject->d->deletedArguments[i] = true;
return true;
}
}
if (propertyName == exec->propertyNames().length && !thisObject->d->overrodeLength) {
thisObject->d->overrodeLength = true;
return true;
}
if (propertyName == exec->propertyNames().callee && !thisObject->d->overrodeCallee) {
if (!thisObject->d->isStrictMode) {
thisObject->d->overrodeCallee = true;
return true;
}
thisObject->createStrictModeCalleeIfNecessary(exec);
}
if (propertyName == exec->propertyNames().caller && thisObject->d->isStrictMode)
thisObject->createStrictModeCallerIfNecessary(exec);
return JSObject::deleteProperty(thisObject, exec, propertyName);
}
bool Arguments::getOwnPropertySlot(JSObject* object, ExecState* exec, PropertyName propertyName, PropertySlot& slot)
{
Arguments* thisObject = jsCast<Arguments*>(object);
unsigned i = propertyName.asIndex();
if (JSValue value = thisObject->tryGetArgument(i)) {
RELEASE_ASSERT(i < PropertyName::NotAnIndex);
slot.setValue(thisObject, None, value);
return true;
}
if (propertyName == exec->propertyNames().length && LIKELY(!thisObject->m_overrodeLength)) {
slot.setValue(thisObject, DontEnum, jsNumber(thisObject->m_numArguments));
return true;
}
if (propertyName == exec->propertyNames().callee && LIKELY(!thisObject->m_overrodeCallee)) {
if (!thisObject->m_isStrictMode) {
slot.setValue(thisObject, DontEnum, thisObject->m_callee.get());
return true;
}
thisObject->createStrictModeCalleeIfNecessary(exec);
}
if (propertyName == exec->propertyNames().caller && thisObject->m_isStrictMode)
thisObject->createStrictModeCallerIfNecessary(exec);
if (JSObject::getOwnPropertySlot(thisObject, exec, propertyName, slot))
return true;
if (propertyName == exec->propertyNames().iteratorPrivateName) {
VM& vm = exec->vm();
JSGlobalObject* globalObject = exec->lexicalGlobalObject();
thisObject->JSC_NATIVE_FUNCTION(exec->propertyNames().iteratorPrivateName, argumentsFuncIterator, DontEnum, 0);
if (JSObject::getOwnPropertySlot(thisObject, exec, propertyName, slot))
return true;
}
return false;
}
bool JSDOMWindow::getOwnPropertySlot(JSObject* object, ExecState* exec, PropertyName propertyName, PropertySlot& slot)
{
JSDOMWindow* thisObject = jsCast<JSDOMWindow*>(object);
// When accessing a Window cross-domain, functions are always the native built-in ones, and they
// are not affected by properties changed on the Window or anything in its prototype chain.
// This is consistent with the behavior of Firefox.
// We don't want any properties other than "close" and "closed" on a frameless window (i.e. one whose page got closed,
// or whose iframe got removed).
// FIXME: This doesn't fully match Firefox, which allows at least toString in addition to those.
if (!thisObject->impl().frame()) {
// The following code is safe for cross-domain and same domain use.
// It ignores any custom properties that might be set on the DOMWindow (including a custom prototype).
if (propertyName == exec->propertyNames().closed) {
slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, jsDOMWindowClosed);
return true;
}
if (propertyName == exec->propertyNames().close) {
slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionClose, 0>);
return true;
}
// FIXME: We should have a message here that explains why the property access/function call was
// not allowed.
slot.setUndefined();
return true;
} else
slot.setWatchpointSet(thisObject->m_windowCloseWatchpoints);
// We need to check for cross-domain access here without printing the generic warning message
// because we always allow access to some function, just different ones depending whether access
// is allowed.
String errorMessage;
bool allowsAccess = shouldAllowAccessToDOMWindow(exec, thisObject->impl(), errorMessage);
// Look for overrides before looking at any of our own properties, but ignore overrides completely
// if this is cross-domain access.
if (allowsAccess && JSGlobalObject::getOwnPropertySlot(thisObject, exec, propertyName, slot))
return true;
// We need this code here because otherwise JSDOMWindowBase will stop the search before we even get to the
// prototype due to the blanket same origin (shouldAllowAccessToDOMWindow) check at the end of getOwnPropertySlot.
// Also, it's important to get the implementation straight out of the DOMWindow prototype regardless of
// what prototype is actually set on this object.
if (propertyName == exec->propertyNames().blur) {
if (!allowsAccess) {
slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionBlur, 0>);
return true;
}
} else if (propertyName == exec->propertyNames().close) {
if (!allowsAccess) {
slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionClose, 0>);
return true;
}
} else if (propertyName == exec->propertyNames().focus) {
if (!allowsAccess) {
slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionFocus, 0>);
return true;
}
} else if (propertyName == exec->propertyNames().postMessage) {
if (!allowsAccess) {
slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionPostMessage, 2>);
return true;
}
} else if (propertyName == exec->propertyNames().showModalDialog) {
if (!DOMWindow::canShowModalDialog(thisObject->impl().frame())) {
slot.setUndefined();
return true;
}
} else if (propertyName == exec->propertyNames().toString) {
// Allow access to toString() cross-domain, but always Object.prototype.toString.
if (!allowsAccess) {
slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, objectToStringFunctionGetter);
return true;
}
}
const HashTableValue* entry = JSDOMWindow::info()->propHashTable(exec)->entry(exec, propertyName);
if (entry) {
slot.setCacheableCustom(thisObject, allowsAccess ? entry->attributes() : ReadOnly | DontDelete | DontEnum, entry->propertyGetter());
return true;
}
#if ENABLE(USER_MESSAGE_HANDLERS)
if (propertyName == exec->propertyNames().webkit && thisObject->impl().shouldHaveWebKitNamespaceForWorld(thisObject->world())) {
slot.setCacheableCustom(thisObject, allowsAccess ? DontDelete | ReadOnly : ReadOnly | DontDelete | DontEnum, jsDOMWindowWebKit);
return true;
}
#endif
// Do prototype lookup early so that functions and attributes in the prototype can have
// precedence over the index and name getters.
JSValue proto = thisObject->prototype();
if (proto.isObject()) {
if (asObject(proto)->getPropertySlot(exec, propertyName, slot)) {
if (!allowsAccess) {
thisObject->printErrorMessage(errorMessage);
slot.setUndefined();
}
return true;
}
}
// After this point it is no longer valid to cache any results because of
// the impure nature of the property accesses which follow. We can move this
// statement further down when we add ways to mitigate these impurities with,
// for example, watchpoints.
slot.disableCaching();
// Check for child frames by name before built-in properties to
// match Mozilla. This does not match IE, but some sites end up
// naming frames things that conflict with window properties that
// are in Moz but not IE. Since we have some of these, we have to do
// it the Moz way.
if (thisObject->impl().frame()->tree().scopedChild(propertyNameToAtomicString(propertyName))) {
slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, childFrameGetter);
return true;
}
// FIXME: Search the whole frame hierarchy somewhere around here.
// We need to test the correct priority order.
// allow window[1] or parent[1] etc. (#56983)
unsigned i = propertyName.asIndex();
if (i < thisObject->impl().frame()->tree().scopedChildCount()) {
ASSERT(i != PropertyName::NotAnIndex);
slot.setValue(thisObject, ReadOnly | DontDelete | DontEnum,
toJS(exec, thisObject->impl().frame()->tree().scopedChild(i)->document()->domWindow()));
return true;
}
if (!allowsAccess) {
thisObject->printErrorMessage(errorMessage);
slot.setUndefined();
return true;
}
// Allow shortcuts like 'Image1' instead of document.images.Image1
Document* document = thisObject->impl().frame()->document();
if (document->isHTMLDocument()) {
AtomicStringImpl* atomicPropertyName = findAtomicString(propertyName);
if (atomicPropertyName && toHTMLDocument(document)->hasWindowNamedItem(*atomicPropertyName)) {
slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, namedItemGetter);
return true;
}
}
return Base::getOwnPropertySlot(thisObject, exec, propertyName, slot);
}
bool JSDOMWindow::getOwnPropertyDescriptor(JSObject* object, ExecState* exec, PropertyName propertyName, PropertyDescriptor& descriptor)
{
JSDOMWindow* thisObject = jsCast<JSDOMWindow*>(object);
// Never allow cross-domain getOwnPropertyDescriptor
if (!BindingSecurity::shouldAllowAccessToDOMWindow(exec, thisObject->impl()))
return false;
const HashEntry* entry;
// We don't want any properties other than "close" and "closed" on a closed window.
if (!thisObject->impl()->frame()) {
// The following code is safe for cross-domain and same domain use.
// It ignores any custom properties that might be set on the DOMWindow (including a custom prototype).
entry = s_info.propHashTable(exec)->entry(exec, propertyName);
if (entry && !(entry->attributes() & JSC::Function) && entry->propertyGetter() == jsDOMWindowClosed) {
descriptor.setDescriptor(jsBoolean(true), ReadOnly | DontDelete | DontEnum);
return true;
}
entry = JSDOMWindowPrototype::s_info.propHashTable(exec)->entry(exec, propertyName);
if (entry && (entry->attributes() & JSC::Function) && entry->function() == jsDOMWindowPrototypeFunctionClose) {
PropertySlot slot;
slot.setCustom(thisObject, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionClose, 0>);
descriptor.setDescriptor(slot.getValue(exec, propertyName), ReadOnly | DontDelete | DontEnum);
return true;
}
descriptor.setUndefined();
return true;
}
entry = JSDOMWindow::s_info.propHashTable(exec)->entry(exec, propertyName);
if (entry) {
PropertySlot slot;
slot.setCustom(thisObject, entry->propertyGetter());
descriptor.setDescriptor(slot.getValue(exec, propertyName), entry->attributes());
return true;
}
// Check for child frames by name before built-in properties to
// match Mozilla. This does not match IE, but some sites end up
// naming frames things that conflict with window properties that
// are in Moz but not IE. Since we have some of these, we have to do
// it the Moz way.
if (thisObject->impl()->frame()->tree()->scopedChild(propertyNameToAtomicString(propertyName))) {
PropertySlot slot;
slot.setCustom(thisObject, childFrameGetter);
descriptor.setDescriptor(slot.getValue(exec, propertyName), ReadOnly | DontDelete | DontEnum);
return true;
}
unsigned i = propertyName.asIndex();
if (i < thisObject->impl()->frame()->tree()->scopedChildCount()) {
ASSERT(i != PropertyName::NotAnIndex);
PropertySlot slot;
slot.setCustomIndex(thisObject, i, indexGetter);
descriptor.setDescriptor(slot.getValue(exec, propertyName), ReadOnly | DontDelete | DontEnum);
return true;
}
// Allow shortcuts like 'Image1' instead of document.images.Image1
Document* document = thisObject->impl()->frame()->document();
if (document->isHTMLDocument()) {
AtomicStringImpl* atomicPropertyName = findAtomicString(propertyName);
if (atomicPropertyName && (toHTMLDocument(document)->hasNamedItem(atomicPropertyName) || document->hasElementWithId(atomicPropertyName))) {
PropertySlot slot;
slot.setCustom(thisObject, namedItemGetter);
descriptor.setDescriptor(slot.getValue(exec, propertyName), ReadOnly | DontDelete | DontEnum);
return true;
}
}
return Base::getOwnPropertyDescriptor(thisObject, exec, propertyName, descriptor);
}
// Defined in ES5.1 15.4.5.1
bool JSArray::defineOwnProperty(JSObject* object, ExecState* exec, PropertyName propertyName, PropertyDescriptor& descriptor, bool throwException)
{
JSArray* array = jsCast<JSArray*>(object);
// 3. If P is "length", then
if (propertyName == exec->propertyNames().length) {
// All paths through length definition call the default [[DefineOwnProperty]], hence:
// from ES5.1 8.12.9 7.a.
if (descriptor.configurablePresent() && descriptor.configurable())
return reject(exec, throwException, "Attempting to change configurable attribute of unconfigurable property.");
// from ES5.1 8.12.9 7.b.
if (descriptor.enumerablePresent() && descriptor.enumerable())
return reject(exec, throwException, "Attempting to change enumerable attribute of unconfigurable property.");
// a. If the [[Value]] field of Desc is absent, then
// a.i. Return the result of calling the default [[DefineOwnProperty]] internal method (8.12.9) on A passing "length", Desc, and Throw as arguments.
if (descriptor.isAccessorDescriptor())
return reject(exec, throwException, "Attempting to change access mechanism for an unconfigurable property.");
// from ES5.1 8.12.9 10.a.
if (!array->isLengthWritable() && descriptor.writablePresent() && descriptor.writable())
return reject(exec, throwException, "Attempting to change writable attribute of unconfigurable property.");
// This descriptor is either just making length read-only, or changing nothing!
if (!descriptor.value()) {
if (descriptor.writablePresent())
array->setLengthWritable(exec, descriptor.writable());
return true;
}
// b. Let newLenDesc be a copy of Desc.
// c. Let newLen be ToUint32(Desc.[[Value]]).
unsigned newLen = descriptor.value().toUInt32(exec);
// d. If newLen is not equal to ToNumber( Desc.[[Value]]), throw a RangeError exception.
if (newLen != descriptor.value().toNumber(exec)) {
throwError(exec, createRangeError(exec, "Invalid array length"));
return false;
}
// Based on SameValue check in 8.12.9, this is always okay.
if (newLen == array->length()) {
if (descriptor.writablePresent())
array->setLengthWritable(exec, descriptor.writable());
return true;
}
// e. Set newLenDesc.[[Value] to newLen.
// f. If newLen >= oldLen, then
// f.i. Return the result of calling the default [[DefineOwnProperty]] internal method (8.12.9) on A passing "length", newLenDesc, and Throw as arguments.
// g. Reject if oldLenDesc.[[Writable]] is false.
if (!array->isLengthWritable())
return reject(exec, throwException, "Attempting to change value of a readonly property.");
// h. If newLenDesc.[[Writable]] is absent or has the value true, let newWritable be true.
// i. Else,
// i.i. Need to defer setting the [[Writable]] attribute to false in case any elements cannot be deleted.
// i.ii. Let newWritable be false.
// i.iii. Set newLenDesc.[[Writable] to true.
// j. Let succeeded be the result of calling the default [[DefineOwnProperty]] internal method (8.12.9) on A passing "length", newLenDesc, and Throw as arguments.
// k. If succeeded is false, return false.
// l. While newLen < oldLen repeat,
// l.i. Set oldLen to oldLen – 1.
// l.ii. Let deleteSucceeded be the result of calling the [[Delete]] internal method of A passing ToString(oldLen) and false as arguments.
// l.iii. If deleteSucceeded is false, then
if (!array->setLength(exec, newLen, throwException)) {
// 1. Set newLenDesc.[[Value] to oldLen+1.
// 2. If newWritable is false, set newLenDesc.[[Writable] to false.
// 3. Call the default [[DefineOwnProperty]] internal method (8.12.9) on A passing "length", newLenDesc, and false as arguments.
// 4. Reject.
if (descriptor.writablePresent())
array->setLengthWritable(exec, descriptor.writable());
return false;
}
// m. If newWritable is false, then
// i. Call the default [[DefineOwnProperty]] internal method (8.12.9) on A passing "length",
// Property Descriptor{[[Writable]]: false}, and false as arguments. This call will always
// return true.
if (descriptor.writablePresent())
array->setLengthWritable(exec, descriptor.writable());
// n. Return true.
return true;
}
// 4. Else if P is an array index (15.4), then
// a. Let index be ToUint32(P).
unsigned index = propertyName.asIndex();
if (index != PropertyName::NotAnIndex) {
// b. Reject if index >= oldLen and oldLenDesc.[[Writable]] is false.
if (index >= array->length() && !array->isLengthWritable())
return reject(exec, throwException, "Attempting to define numeric property on array with non-writable length property.");
// c. Let succeeded be the result of calling the default [[DefineOwnProperty]] internal method (8.12.9) on A passing P, Desc, and false as arguments.
// d. Reject if succeeded is false.
// e. If index >= oldLen
// e.i. Set oldLenDesc.[[Value]] to index + 1.
// e.ii. Call the default [[DefineOwnProperty]] internal method (8.12.9) on A passing "length", oldLenDesc, and false as arguments. This call will always return true.
// f. Return true.
return array->defineOwnIndexedProperty(exec, index, descriptor, throwException);
}
return array->JSObject::defineOwnNonIndexProperty(exec, propertyName, descriptor, throwException);
}
bool JSDOMWindow::getOwnPropertySlot(JSCell* cell, ExecState* exec, PropertyName propertyName, PropertySlot& slot)
{
JSDOMWindow* thisObject = jsCast<JSDOMWindow*>(cell);
// When accessing a Window cross-domain, functions are always the native built-in ones, and they
// are not affected by properties changed on the Window or anything in its prototype chain.
// This is consistent with the behavior of Firefox.
const HashEntry* entry;
// We don't want any properties other than "close" and "closed" on a frameless window (i.e. one whose page got closed,
// or whose iframe got removed).
// FIXME: This doesn't fully match Firefox, which allows at least toString in addition to those.
if (!thisObject->impl()->frame()) {
// The following code is safe for cross-domain and same domain use.
// It ignores any custom properties that might be set on the DOMWindow (including a custom prototype).
entry = s_info.propHashTable(exec)->entry(exec, propertyName);
if (entry && !(entry->attributes() & JSC::Function) && entry->propertyGetter() == jsDOMWindowClosed) {
slot.setCustom(thisObject, entry->propertyGetter());
return true;
}
entry = JSDOMWindowPrototype::s_info.propHashTable(exec)->entry(exec, propertyName);
if (entry && (entry->attributes() & JSC::Function) && entry->function() == jsDOMWindowPrototypeFunctionClose) {
slot.setCustom(thisObject, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionClose, 0>);
return true;
}
// FIXME: We should have a message here that explains why the property access/function call was
// not allowed.
slot.setUndefined();
return true;
}
// We need to check for cross-domain access here without printing the generic warning message
// because we always allow access to some function, just different ones depending whether access
// is allowed.
String errorMessage;
bool allowsAccess = shouldAllowAccessToDOMWindow(exec, thisObject->impl(), errorMessage);
// Look for overrides before looking at any of our own properties, but ignore overrides completely
// if this is cross-domain access.
if (allowsAccess && JSGlobalObject::getOwnPropertySlot(thisObject, exec, propertyName, slot))
return true;
// We need this code here because otherwise JSDOMWindowBase will stop the search before we even get to the
// prototype due to the blanket same origin (shouldAllowAccessToDOMWindow) check at the end of getOwnPropertySlot.
// Also, it's important to get the implementation straight out of the DOMWindow prototype regardless of
// what prototype is actually set on this object.
entry = JSDOMWindowPrototype::s_info.propHashTable(exec)->entry(exec, propertyName);
if (entry) {
if (entry->attributes() & JSC::Function) {
if (entry->function() == jsDOMWindowPrototypeFunctionBlur) {
if (!allowsAccess) {
slot.setCustom(thisObject, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionBlur, 0>);
return true;
}
} else if (entry->function() == jsDOMWindowPrototypeFunctionClose) {
if (!allowsAccess) {
slot.setCustom(thisObject, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionClose, 0>);
return true;
}
} else if (entry->function() == jsDOMWindowPrototypeFunctionFocus) {
if (!allowsAccess) {
slot.setCustom(thisObject, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionFocus, 0>);
return true;
}
} else if (entry->function() == jsDOMWindowPrototypeFunctionPostMessage) {
if (!allowsAccess) {
slot.setCustom(thisObject, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionPostMessage, 2>);
return true;
}
} else if (entry->function() == jsDOMWindowPrototypeFunctionShowModalDialog) {
if (!DOMWindow::canShowModalDialog(thisObject->impl()->frame())) {
slot.setUndefined();
return true;
}
}
}
} else {
// Allow access to toString() cross-domain, but always Object.prototype.toString.
if (propertyName == exec->propertyNames().toString) {
if (!allowsAccess) {
slot.setCustom(thisObject, objectToStringFunctionGetter);
return true;
}
}
}
entry = JSDOMWindow::s_info.propHashTable(exec)->entry(exec, propertyName);
if (entry) {
slot.setCustom(thisObject, entry->propertyGetter());
return true;
}
// Check for child frames by name before built-in properties to
// match Mozilla. This does not match IE, but some sites end up
// naming frames things that conflict with window properties that
// are in Moz but not IE. Since we have some of these, we have to do
// it the Moz way.
if (thisObject->impl()->frame()->tree()->scopedChild(propertyNameToAtomicString(propertyName))) {
slot.setCustom(thisObject, childFrameGetter);
return true;
}
// Do prototype lookup early so that functions and attributes in the prototype can have
// precedence over the index and name getters.
JSValue proto = thisObject->prototype();
if (proto.isObject()) {
if (asObject(proto)->getPropertySlot(exec, propertyName, slot)) {
if (!allowsAccess) {
thisObject->printErrorMessage(errorMessage);
slot.setUndefined();
}
return true;
}
}
// FIXME: Search the whole frame hierarchy somewhere around here.
// We need to test the correct priority order.
// allow window[1] or parent[1] etc. (#56983)
unsigned i = propertyName.asIndex();
if (i < thisObject->impl()->frame()->tree()->scopedChildCount()) {
ASSERT(i != PropertyName::NotAnIndex);
slot.setCustomIndex(thisObject, i, indexGetter);
return true;
}
if (!allowsAccess) {
thisObject->printErrorMessage(errorMessage);
slot.setUndefined();
return true;
}
// Allow shortcuts like 'Image1' instead of document.images.Image1
Document* document = thisObject->impl()->frame()->document();
if (document->isHTMLDocument()) {
AtomicStringImpl* atomicPropertyName = findAtomicString(propertyName);
if (atomicPropertyName && (toHTMLDocument(document)->hasNamedItem(atomicPropertyName) || document->hasElementWithId(atomicPropertyName))) {
slot.setCustom(thisObject, namedItemGetter);
return true;
}
}
return Base::getOwnPropertySlot(thisObject, exec, propertyName, slot);
}
