void Arguments::put(JSCell* cell, ExecState* exec, PropertyName propertyName, JSValue value, PutPropertySlot& slot) { Arguments* thisObject = jsCast<Arguments*>(cell); unsigned i = propertyName.asIndex(); if (i < thisObject->d->numArguments && (!thisObject->d->deletedArguments || !thisObject->d->deletedArguments[i])) { ASSERT(i < PropertyName::NotAnIndex); thisObject->argument(i).set(exec->globalData(), thisObject, value); return; } if (propertyName == exec->propertyNames().length && !thisObject->d->overrodeLength) { thisObject->d->overrodeLength = true; thisObject->putDirect(exec->globalData(), propertyName, value, DontEnum); return; } if (propertyName == exec->propertyNames().callee && !thisObject->d->overrodeCallee) { if (!thisObject->d->isStrictMode) { thisObject->d->overrodeCallee = true; thisObject->putDirect(exec->globalData(), propertyName, value, DontEnum); return; } thisObject->createStrictModeCalleeIfNecessary(exec); } if (propertyName == exec->propertyNames().caller && thisObject->d->isStrictMode) thisObject->createStrictModeCallerIfNecessary(exec); JSObject::put(thisObject, exec, propertyName, value, slot); }
void Arguments::put(JSCell* cell, ExecState* exec, PropertyName propertyName, JSValue value, PutPropertySlot& slot) { Arguments* thisObject = jsCast<Arguments*>(cell); unsigned i = propertyName.asIndex(); if (thisObject->trySetArgument(exec->vm(), i, value)) return; if (propertyName == exec->propertyNames().length && !thisObject->m_overrodeLength) { thisObject->m_overrodeLength = true; thisObject->putDirect(exec->vm(), propertyName, value, DontEnum); return; } if (propertyName == exec->propertyNames().callee && !thisObject->m_overrodeCallee) { if (!thisObject->m_isStrictMode) { thisObject->m_overrodeCallee = true; thisObject->putDirect(exec->vm(), propertyName, value, DontEnum); return; } thisObject->createStrictModeCalleeIfNecessary(exec); } if (propertyName == exec->propertyNames().caller && thisObject->m_isStrictMode) thisObject->createStrictModeCallerIfNecessary(exec); JSObject::put(thisObject, exec, propertyName, value, slot); }
bool Arguments::getOwnPropertyDescriptor(JSObject* object, ExecState* exec, PropertyName propertyName, PropertyDescriptor& descriptor) { Arguments* thisObject = jsCast<Arguments*>(object); unsigned i = propertyName.asIndex(); if (i < thisObject->d->numArguments && (!thisObject->d->deletedArguments || !thisObject->d->deletedArguments[i])) { ASSERT(i < PropertyName::NotAnIndex); descriptor.setDescriptor(thisObject->argument(i).get(), None); return true; } if (propertyName == exec->propertyNames().length && LIKELY(!thisObject->d->overrodeLength)) { descriptor.setDescriptor(jsNumber(thisObject->d->numArguments), DontEnum); return true; } if (propertyName == exec->propertyNames().callee && LIKELY(!thisObject->d->overrodeCallee)) { if (!thisObject->d->isStrictMode) { descriptor.setDescriptor(thisObject->d->callee.get(), DontEnum); return true; } thisObject->createStrictModeCalleeIfNecessary(exec); } if (propertyName == exec->propertyNames().caller && thisObject->d->isStrictMode) thisObject->createStrictModeCallerIfNecessary(exec); return JSObject::getOwnPropertyDescriptor(thisObject, exec, propertyName, descriptor); }
bool Arguments::getOwnPropertySlot(JSCell* cell, ExecState* exec, PropertyName propertyName, PropertySlot& slot) { Arguments* thisObject = jsCast<Arguments*>(cell); unsigned i = propertyName.asIndex(); if (i < thisObject->d->numArguments && (!thisObject->d->deletedArguments || !thisObject->d->deletedArguments[i])) { ASSERT(i < PropertyName::NotAnIndex); slot.setValue(thisObject->argument(i).get()); return true; } if (propertyName == exec->propertyNames().length && LIKELY(!thisObject->d->overrodeLength)) { slot.setValue(jsNumber(thisObject->d->numArguments)); return true; } if (propertyName == exec->propertyNames().callee && LIKELY(!thisObject->d->overrodeCallee)) { if (!thisObject->d->isStrictMode) { slot.setValue(thisObject->d->callee.get()); return true; } thisObject->createStrictModeCalleeIfNecessary(exec); } if (propertyName == exec->propertyNames().caller && thisObject->d->isStrictMode) thisObject->createStrictModeCallerIfNecessary(exec); return JSObject::getOwnPropertySlot(thisObject, exec, propertyName, slot); }
bool Arguments::deleteProperty(JSCell* cell, ExecState* exec, PropertyName propertyName) { if (exec->vm().isInDefineOwnProperty()) return Base::deleteProperty(cell, exec, propertyName); Arguments* thisObject = jsCast<Arguments*>(cell); unsigned i = propertyName.asIndex(); if (i < thisObject->m_numArguments) { RELEASE_ASSERT(i < PropertyName::NotAnIndex); if (!Base::deleteProperty(cell, exec, propertyName)) return false; if (thisObject->tryDeleteArgument(exec->vm(), i)) return true; } if (propertyName == exec->propertyNames().length && !thisObject->m_overrodeLength) { thisObject->m_overrodeLength = true; return true; } if (propertyName == exec->propertyNames().callee && !thisObject->m_overrodeCallee) { if (!thisObject->m_isStrictMode) { thisObject->m_overrodeCallee = true; return true; } thisObject->createStrictModeCalleeIfNecessary(exec); } if (propertyName == exec->propertyNames().caller && thisObject->m_isStrictMode) thisObject->createStrictModeCallerIfNecessary(exec); return JSObject::deleteProperty(thisObject, exec, propertyName); }
bool Structure::prototypeChainMayInterceptStoreTo(JSGlobalData& globalData, PropertyName propertyName) { unsigned i = propertyName.asIndex(); if (i != PropertyName::NotAnIndex) return anyObjectInChainMayInterceptIndexedAccesses(); for (Structure* current = this; ;) { JSValue prototype = current->storedPrototype(); if (prototype.isNull()) return false; current = prototype.asCell()->structure(); unsigned attributes; JSCell* specificValue; PropertyOffset offset = current->get(globalData, propertyName, attributes, specificValue); if (!JSC::isValidOffset(offset)) continue; if (attributes & (ReadOnly | Accessor)) return true; return false; } }
bool JSTestEventTarget::getOwnPropertyDescriptor(JSObject* object, ExecState* exec, PropertyName propertyName, PropertyDescriptor& descriptor) { JSTestEventTarget* thisObject = jsCast<JSTestEventTarget*>(object); ASSERT_GC_OBJECT_INHERITS(thisObject, &s_info); const HashEntry* entry = JSTestEventTargetTable.entry(exec, propertyName); if (entry) { PropertySlot slot(thisObject); slot.setCustom(thisObject, entry->propertyGetter()); descriptor.setDescriptor(slot.getValue(exec, propertyName), entry->attributes()); return true; } unsigned index = propertyName.asIndex(); if (index != PropertyName::NotAnIndex && index < static_cast<TestEventTarget*>(thisObject->impl())->length()) { PropertySlot slot(thisObject); slot.setCustomIndex(thisObject, index, indexGetter); descriptor.setDescriptor(slot.getValue(exec, propertyName), DontDelete | ReadOnly); return true; } if (canGetItemsForName(exec, static_cast<TestEventTarget*>(thisObject->impl()), propertyName)) { PropertySlot slot(thisObject); slot.setCustom(thisObject, nameGetter); descriptor.setDescriptor(slot.getValue(exec, propertyName), ReadOnly | DontDelete | DontEnum); return true; } return getStaticValueDescriptor<JSTestEventTarget, Base>(exec, &JSTestEventTargetTable, thisObject, propertyName, descriptor); }
bool JSFloat64Array::getOwnPropertyDescriptor(JSObject* object, ExecState* exec, PropertyName propertyName, PropertyDescriptor& descriptor) { JSFloat64Array* thisObject = jsCast<JSFloat64Array*>(object); ASSERT_GC_OBJECT_INHERITS(thisObject, &s_info); unsigned index = propertyName.asIndex(); if (index != PropertyName::NotAnIndex && index < static_cast<Float64Array*>(thisObject->impl())->length()) { descriptor.setDescriptor(thisObject->getByIndex(exec, index), DontDelete); return true; } return getStaticValueDescriptor<JSFloat64Array, Base>(exec, getJSFloat64ArrayTable(exec), thisObject, propertyName, descriptor); }
bool JSFloat64Array::getOwnPropertySlot(JSCell* cell, ExecState* exec, PropertyName propertyName, PropertySlot& slot) { JSFloat64Array* thisObject = jsCast<JSFloat64Array*>(cell); ASSERT_GC_OBJECT_INHERITS(thisObject, &s_info); unsigned index = propertyName.asIndex(); if (index != PropertyName::NotAnIndex && index < static_cast<Float64Array*>(thisObject->impl())->length()) { slot.setValue(thisObject->getByIndex(exec, index)); return true; } return getStaticValueSlot<JSFloat64Array, Base>(exec, getJSFloat64ArrayTable(exec), thisObject, propertyName, slot); }
void JSFloat64Array::put(JSCell* cell, ExecState* exec, PropertyName propertyName, JSValue value, PutPropertySlot& slot) { JSFloat64Array* thisObject = jsCast<JSFloat64Array*>(cell); ASSERT_GC_OBJECT_INHERITS(thisObject, &s_info); unsigned index = propertyName.asIndex(); if (index != PropertyName::NotAnIndex) { thisObject->indexSetter(exec, index, value); return; } Base::put(thisObject, exec, propertyName, value, slot); }
bool StringObject::deleteProperty(JSCell* cell, ExecState* exec, PropertyName propertyName) { StringObject* thisObject = jsCast<StringObject*>(cell); if (propertyName == exec->propertyNames().length) return false; unsigned i = propertyName.asIndex(); if (thisObject->internalValue()->canGetIndex(i)) { ASSERT(i != PropertyName::NotAnIndex); // No need for an explicit check, the above test would always fail! return false; } return JSObject::deleteProperty(thisObject, exec, propertyName); }
bool Arguments::defineOwnProperty(JSObject* object, ExecState* exec, PropertyName propertyName, PropertyDescriptor& descriptor, bool shouldThrow) { Arguments* thisObject = jsCast<Arguments*>(object); unsigned i = propertyName.asIndex(); if (i < thisObject->d->numArguments) { ASSERT(i < PropertyName::NotAnIndex); // If the property is not yet present on the object, and is not yet marked as deleted, then add it now. PropertySlot slot; if ((!thisObject->d->deletedArguments || !thisObject->d->deletedArguments[i]) && !JSObject::getOwnPropertySlot(thisObject, exec, propertyName, slot)) object->putDirect(exec->globalData(), propertyName, thisObject->argument(i).get(), 0); if (!Base::defineOwnProperty(object, exec, propertyName, descriptor, shouldThrow)) return false; if (!thisObject->d->deletedArguments) { thisObject->d->deletedArguments = adoptArrayPtr(new bool[thisObject->d->numArguments]); memset(thisObject->d->deletedArguments.get(), 0, sizeof(bool) * thisObject->d->numArguments); } // From ES 5.1, 10.6 Arguments Object // 5. If the value of isMapped is not undefined, then if (!thisObject->d->deletedArguments[i]) { // a. If IsAccessorDescriptor(Desc) is true, then if (descriptor.isAccessorDescriptor()) { // i. Call the [[Delete]] internal method of map passing P, and false as the arguments. thisObject->d->deletedArguments[i] = true; } else { // b. Else // i. If Desc.[[Value]] is present, then // 1. Call the [[Put]] internal method of map passing P, Desc.[[Value]], and Throw as the arguments. if (descriptor.value()) thisObject->argument(i).set(exec->globalData(), thisObject, descriptor.value()); // ii. If Desc.[[Writable]] is present and its value is false, then // 1. Call the [[Delete]] internal method of map passing P and false as arguments. if (descriptor.writablePresent() && !descriptor.writable()) thisObject->d->deletedArguments[i] = true; } } return true; } if (propertyName == exec->propertyNames().length && !thisObject->d->overrodeLength) { thisObject->putDirect(exec->globalData(), propertyName, jsNumber(thisObject->d->numArguments), DontEnum); thisObject->d->overrodeLength = true; } else if (propertyName == exec->propertyNames().callee && !thisObject->d->overrodeCallee) { thisObject->putDirect(exec->globalData(), propertyName, thisObject->d->callee.get(), DontEnum); thisObject->d->overrodeCallee = true; } else if (propertyName == exec->propertyNames().caller && thisObject->d->isStrictMode) thisObject->createStrictModeCallerIfNecessary(exec); return Base::defineOwnProperty(object, exec, propertyName, descriptor, shouldThrow); }
bool Arguments::defineOwnProperty(JSObject* object, ExecState* exec, PropertyName propertyName, const PropertyDescriptor& descriptor, bool shouldThrow) { Arguments* thisObject = jsCast<Arguments*>(object); unsigned i = propertyName.asIndex(); if (i < thisObject->m_numArguments) { RELEASE_ASSERT(i < PropertyName::NotAnIndex); // If the property is not yet present on the object, and is not yet marked as deleted, then add it now. PropertySlot slot(thisObject); if (!thisObject->isDeletedArgument(i) && !JSObject::getOwnPropertySlot(thisObject, exec, propertyName, slot)) { JSValue value = thisObject->tryGetArgument(i); ASSERT(value); object->putDirectMayBeIndex(exec, propertyName, value); } if (!Base::defineOwnProperty(object, exec, propertyName, descriptor, shouldThrow)) return false; // From ES 5.1, 10.6 Arguments Object // 5. If the value of isMapped is not undefined, then if (thisObject->isArgument(i)) { // a. If IsAccessorDescriptor(Desc) is true, then if (descriptor.isAccessorDescriptor()) { // i. Call the [[Delete]] internal method of map passing P, and false as the arguments. thisObject->tryDeleteArgument(exec->vm(), i); } else { // b. Else // i. If Desc.[[Value]] is present, then // 1. Call the [[Put]] internal method of map passing P, Desc.[[Value]], and Throw as the arguments. if (descriptor.value()) thisObject->trySetArgument(exec->vm(), i, descriptor.value()); // ii. If Desc.[[Writable]] is present and its value is false, then // 1. Call the [[Delete]] internal method of map passing P and false as arguments. if (descriptor.writablePresent() && !descriptor.writable()) thisObject->tryDeleteArgument(exec->vm(), i); } } return true; } if (propertyName == exec->propertyNames().length && !thisObject->m_overrodeLength) { thisObject->putDirect(exec->vm(), propertyName, jsNumber(thisObject->m_numArguments), DontEnum); thisObject->m_overrodeLength = true; } else if (propertyName == exec->propertyNames().callee && !thisObject->m_overrodeCallee) { thisObject->putDirect(exec->vm(), propertyName, thisObject->m_callee.get(), DontEnum); thisObject->m_overrodeCallee = true; } else if (propertyName == exec->propertyNames().caller && thisObject->m_isStrictMode) thisObject->createStrictModeCallerIfNecessary(exec); return Base::defineOwnProperty(object, exec, propertyName, descriptor, shouldThrow); }
bool JSString::getStringPropertyDescriptor(ExecState* exec, PropertyName propertyName, PropertyDescriptor& descriptor) { if (propertyName == exec->propertyNames().length) { descriptor.setDescriptor(jsNumber(m_length), DontEnum | DontDelete | ReadOnly); return true; } unsigned i = propertyName.asIndex(); if (i < m_length) { ASSERT(i != PropertyName::NotAnIndex); // No need for an explicit check, the above test would always fail! descriptor.setDescriptor(getIndex(exec, i), DontDelete | ReadOnly); return true; } return false; }
void RuntimeArray::put(JSCell* cell, ExecState* exec, PropertyName propertyName, JSValue value, PutPropertySlot& slot) { RuntimeArray* thisObject = jsCast<RuntimeArray*>(cell); if (propertyName == exec->propertyNames().length) { throwError(exec, createRangeError(exec, "Range error")); return; } unsigned index = propertyName.asIndex(); if (index != PropertyName::NotAnIndex) { thisObject->getConcreteArray()->setValueAt(exec, index, value); return; } JSObject::put(thisObject, exec, propertyName, value, slot); }
bool RuntimeArray::getOwnPropertySlot(JSCell* cell, ExecState* exec, PropertyName propertyName, PropertySlot& slot) { RuntimeArray* thisObject = jsCast<RuntimeArray*>(cell); if (propertyName == exec->propertyNames().length) { slot.setCacheableCustom(thisObject, thisObject->lengthGetter); return true; } unsigned index = propertyName.asIndex(); if (index < thisObject->getLength()) { ASSERT(index != PropertyName::NotAnIndex); slot.setCustomIndex(thisObject, index, thisObject->indexGetter); return true; } return JSObject::getOwnPropertySlot(thisObject, exec, propertyName, slot); }
bool JSFileList::getOwnPropertySlot(JSObject* object, ExecState* exec, PropertyName propertyName, PropertySlot& slot) { JSFileList* thisObject = jsCast<JSFileList*>(object); ASSERT_GC_OBJECT_INHERITS(thisObject, info()); const HashEntry* entry = getStaticValueSlotEntryWithoutCaching<JSFileList>(exec, propertyName); if (entry) { slot.setCustom(thisObject, entry->attributes(), entry->propertyGetter()); return true; } unsigned index = propertyName.asIndex(); if (index != PropertyName::NotAnIndex && index < thisObject->impl().length()) { unsigned attributes = DontDelete | ReadOnly; slot.setCustomIndex(thisObject, attributes, index, indexGetter); return true; } return getStaticValueSlot<JSFileList, Base>(exec, getJSFileListTable(exec), thisObject, propertyName, slot); }
bool JSTestEventTarget::getOwnPropertySlot(JSObject* object, ExecState* exec, PropertyName propertyName, PropertySlot& slot) { JSTestEventTarget* thisObject = jsCast<JSTestEventTarget*>(object); ASSERT_GC_OBJECT_INHERITS(thisObject, &s_info); const HashEntry* entry = getStaticValueSlotEntryWithoutCaching<JSTestEventTarget>(exec, propertyName); if (entry) { slot.setCustom(thisObject, entry->propertyGetter()); return true; } unsigned index = propertyName.asIndex(); if (index != PropertyName::NotAnIndex && index < static_cast<TestEventTarget*>(thisObject->impl())->length()) { slot.setCustomIndex(thisObject, index, indexGetter); return true; } if (canGetItemsForName(exec, static_cast<TestEventTarget*>(thisObject->impl()), propertyName)) { slot.setCustom(thisObject, thisObject->nameGetter); return true; } return getStaticValueSlot<JSTestEventTarget, Base>(exec, &JSTestEventTargetTable, thisObject, propertyName, slot); }
bool RuntimeArray::getOwnPropertyDescriptor(JSObject* object, ExecState* exec, PropertyName propertyName, PropertyDescriptor& descriptor) { RuntimeArray* thisObject = jsCast<RuntimeArray*>(object); if (propertyName == exec->propertyNames().length) { PropertySlot slot; slot.setCustom(thisObject, lengthGetter); descriptor.setDescriptor(slot.getValue(exec, propertyName), ReadOnly | DontDelete | DontEnum); return true; } unsigned index = propertyName.asIndex(); if (index < thisObject->getLength()) { ASSERT(index != PropertyName::NotAnIndex); PropertySlot slot; slot.setCustomIndex(thisObject, index, indexGetter); descriptor.setDescriptor(slot.getValue(exec, propertyName), DontDelete | DontEnum); return true; } return JSObject::getOwnPropertyDescriptor(thisObject, exec, propertyName, descriptor); }
bool JSTestEventTarget::getOwnPropertySlot(JSObject* object, ExecState* exec, PropertyName propertyName, PropertySlot& slot) { JSTestEventTarget* thisObject = jsCast<JSTestEventTarget*>(object); ASSERT_GC_OBJECT_INHERITS(thisObject, info()); const HashTableValue* entry = getStaticValueSlotEntryWithoutCaching<JSTestEventTarget>(exec, propertyName); if (entry) { slot.setCacheableCustom(thisObject, entry->attributes(), entry->propertyGetter()); return true; } unsigned index = propertyName.asIndex(); if (index != PropertyName::NotAnIndex && index < thisObject->impl().length()) { unsigned attributes = DontDelete | ReadOnly; slot.setValue(thisObject, attributes, toJS(exec, thisObject->globalObject(), thisObject->impl().item(index))); return true; } if (canGetItemsForName(exec, &thisObject->impl(), propertyName)) { slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, thisObject->nameGetter); return true; } return getStaticValueSlot<JSTestEventTarget, Base>(exec, JSTestEventTargetTable, thisObject, propertyName, slot); }
bool JSDOMNamedFlowCollection::getOwnPropertySlot(JSObject* object, ExecState* exec, PropertyName propertyName, PropertySlot& slot) { JSDOMNamedFlowCollection* thisObject = jsCast<JSDOMNamedFlowCollection*>(object); ASSERT_GC_OBJECT_INHERITS(thisObject, info()); const HashEntry* entry = getStaticValueSlotEntryWithoutCaching<JSDOMNamedFlowCollection>(exec, propertyName); if (entry) { slot.setCustom(thisObject, entry->attributes(), entry->propertyGetter()); return true; } unsigned index = propertyName.asIndex(); if (index != PropertyName::NotAnIndex && index < thisObject->impl().length()) { unsigned attributes = DontDelete | ReadOnly; slot.setCustomIndex(thisObject, attributes, index, indexGetter); return true; } if (canGetItemsForName(exec, &thisObject->impl(), propertyName)) { slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, thisObject->nameGetter); return true; } return getStaticValueSlot<JSDOMNamedFlowCollection, Base>(exec, JSDOMNamedFlowCollectionTable, thisObject, propertyName, slot); }
bool Arguments::deleteProperty(JSCell* cell, ExecState* exec, PropertyName propertyName) { if (exec->globalData().isInDefineOwnProperty()) return Base::deleteProperty(cell, exec, propertyName); Arguments* thisObject = jsCast<Arguments*>(cell); unsigned i = propertyName.asIndex(); if (i < thisObject->d->numArguments) { ASSERT(i < PropertyName::NotAnIndex); if (!Base::deleteProperty(cell, exec, propertyName)) return false; if (!thisObject->d->deletedArguments) { thisObject->d->deletedArguments = adoptArrayPtr(new bool[thisObject->d->numArguments]); memset(thisObject->d->deletedArguments.get(), 0, sizeof(bool) * thisObject->d->numArguments); } if (!thisObject->d->deletedArguments[i]) { thisObject->d->deletedArguments[i] = true; return true; } } if (propertyName == exec->propertyNames().length && !thisObject->d->overrodeLength) { thisObject->d->overrodeLength = true; return true; } if (propertyName == exec->propertyNames().callee && !thisObject->d->overrodeCallee) { if (!thisObject->d->isStrictMode) { thisObject->d->overrodeCallee = true; return true; } thisObject->createStrictModeCalleeIfNecessary(exec); } if (propertyName == exec->propertyNames().caller && thisObject->d->isStrictMode) thisObject->createStrictModeCallerIfNecessary(exec); return JSObject::deleteProperty(thisObject, exec, propertyName); }
bool Arguments::getOwnPropertySlot(JSObject* object, ExecState* exec, PropertyName propertyName, PropertySlot& slot) { Arguments* thisObject = jsCast<Arguments*>(object); unsigned i = propertyName.asIndex(); if (JSValue value = thisObject->tryGetArgument(i)) { RELEASE_ASSERT(i < PropertyName::NotAnIndex); slot.setValue(thisObject, None, value); return true; } if (propertyName == exec->propertyNames().length && LIKELY(!thisObject->m_overrodeLength)) { slot.setValue(thisObject, DontEnum, jsNumber(thisObject->m_numArguments)); return true; } if (propertyName == exec->propertyNames().callee && LIKELY(!thisObject->m_overrodeCallee)) { if (!thisObject->m_isStrictMode) { slot.setValue(thisObject, DontEnum, thisObject->m_callee.get()); return true; } thisObject->createStrictModeCalleeIfNecessary(exec); } if (propertyName == exec->propertyNames().caller && thisObject->m_isStrictMode) thisObject->createStrictModeCallerIfNecessary(exec); if (JSObject::getOwnPropertySlot(thisObject, exec, propertyName, slot)) return true; if (propertyName == exec->propertyNames().iteratorPrivateName) { VM& vm = exec->vm(); JSGlobalObject* globalObject = exec->lexicalGlobalObject(); thisObject->JSC_NATIVE_FUNCTION(exec->propertyNames().iteratorPrivateName, argumentsFuncIterator, DontEnum, 0); if (JSObject::getOwnPropertySlot(thisObject, exec, propertyName, slot)) return true; } return false; }
bool JSDOMWindow::getOwnPropertySlot(JSObject* object, ExecState* exec, PropertyName propertyName, PropertySlot& slot) { JSDOMWindow* thisObject = jsCast<JSDOMWindow*>(object); // When accessing a Window cross-domain, functions are always the native built-in ones, and they // are not affected by properties changed on the Window or anything in its prototype chain. // This is consistent with the behavior of Firefox. // We don't want any properties other than "close" and "closed" on a frameless window (i.e. one whose page got closed, // or whose iframe got removed). // FIXME: This doesn't fully match Firefox, which allows at least toString in addition to those. if (!thisObject->impl().frame()) { // The following code is safe for cross-domain and same domain use. // It ignores any custom properties that might be set on the DOMWindow (including a custom prototype). if (propertyName == exec->propertyNames().closed) { slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, jsDOMWindowClosed); return true; } if (propertyName == exec->propertyNames().close) { slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionClose, 0>); return true; } // FIXME: We should have a message here that explains why the property access/function call was // not allowed. slot.setUndefined(); return true; } else slot.setWatchpointSet(thisObject->m_windowCloseWatchpoints); // We need to check for cross-domain access here without printing the generic warning message // because we always allow access to some function, just different ones depending whether access // is allowed. String errorMessage; bool allowsAccess = shouldAllowAccessToDOMWindow(exec, thisObject->impl(), errorMessage); // Look for overrides before looking at any of our own properties, but ignore overrides completely // if this is cross-domain access. if (allowsAccess && JSGlobalObject::getOwnPropertySlot(thisObject, exec, propertyName, slot)) return true; // We need this code here because otherwise JSDOMWindowBase will stop the search before we even get to the // prototype due to the blanket same origin (shouldAllowAccessToDOMWindow) check at the end of getOwnPropertySlot. // Also, it's important to get the implementation straight out of the DOMWindow prototype regardless of // what prototype is actually set on this object. if (propertyName == exec->propertyNames().blur) { if (!allowsAccess) { slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionBlur, 0>); return true; } } else if (propertyName == exec->propertyNames().close) { if (!allowsAccess) { slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionClose, 0>); return true; } } else if (propertyName == exec->propertyNames().focus) { if (!allowsAccess) { slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionFocus, 0>); return true; } } else if (propertyName == exec->propertyNames().postMessage) { if (!allowsAccess) { slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionPostMessage, 2>); return true; } } else if (propertyName == exec->propertyNames().showModalDialog) { if (!DOMWindow::canShowModalDialog(thisObject->impl().frame())) { slot.setUndefined(); return true; } } else if (propertyName == exec->propertyNames().toString) { // Allow access to toString() cross-domain, but always Object.prototype.toString. if (!allowsAccess) { slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, objectToStringFunctionGetter); return true; } } const HashTableValue* entry = JSDOMWindow::info()->propHashTable(exec)->entry(exec, propertyName); if (entry) { slot.setCacheableCustom(thisObject, allowsAccess ? entry->attributes() : ReadOnly | DontDelete | DontEnum, entry->propertyGetter()); return true; } #if ENABLE(USER_MESSAGE_HANDLERS) if (propertyName == exec->propertyNames().webkit && thisObject->impl().shouldHaveWebKitNamespaceForWorld(thisObject->world())) { slot.setCacheableCustom(thisObject, allowsAccess ? DontDelete | ReadOnly : ReadOnly | DontDelete | DontEnum, jsDOMWindowWebKit); return true; } #endif // Do prototype lookup early so that functions and attributes in the prototype can have // precedence over the index and name getters. JSValue proto = thisObject->prototype(); if (proto.isObject()) { if (asObject(proto)->getPropertySlot(exec, propertyName, slot)) { if (!allowsAccess) { thisObject->printErrorMessage(errorMessage); slot.setUndefined(); } return true; } } // After this point it is no longer valid to cache any results because of // the impure nature of the property accesses which follow. We can move this // statement further down when we add ways to mitigate these impurities with, // for example, watchpoints. slot.disableCaching(); // Check for child frames by name before built-in properties to // match Mozilla. This does not match IE, but some sites end up // naming frames things that conflict with window properties that // are in Moz but not IE. Since we have some of these, we have to do // it the Moz way. if (thisObject->impl().frame()->tree().scopedChild(propertyNameToAtomicString(propertyName))) { slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, childFrameGetter); return true; } // FIXME: Search the whole frame hierarchy somewhere around here. // We need to test the correct priority order. // allow window[1] or parent[1] etc. (#56983) unsigned i = propertyName.asIndex(); if (i < thisObject->impl().frame()->tree().scopedChildCount()) { ASSERT(i != PropertyName::NotAnIndex); slot.setValue(thisObject, ReadOnly | DontDelete | DontEnum, toJS(exec, thisObject->impl().frame()->tree().scopedChild(i)->document()->domWindow())); return true; } if (!allowsAccess) { thisObject->printErrorMessage(errorMessage); slot.setUndefined(); return true; } // Allow shortcuts like 'Image1' instead of document.images.Image1 Document* document = thisObject->impl().frame()->document(); if (document->isHTMLDocument()) { AtomicStringImpl* atomicPropertyName = findAtomicString(propertyName); if (atomicPropertyName && toHTMLDocument(document)->hasWindowNamedItem(*atomicPropertyName)) { slot.setCustom(thisObject, ReadOnly | DontDelete | DontEnum, namedItemGetter); return true; } } return Base::getOwnPropertySlot(thisObject, exec, propertyName, slot); }
bool JSDOMWindow::getOwnPropertyDescriptor(JSObject* object, ExecState* exec, PropertyName propertyName, PropertyDescriptor& descriptor) { JSDOMWindow* thisObject = jsCast<JSDOMWindow*>(object); // Never allow cross-domain getOwnPropertyDescriptor if (!BindingSecurity::shouldAllowAccessToDOMWindow(exec, thisObject->impl())) return false; const HashEntry* entry; // We don't want any properties other than "close" and "closed" on a closed window. if (!thisObject->impl()->frame()) { // The following code is safe for cross-domain and same domain use. // It ignores any custom properties that might be set on the DOMWindow (including a custom prototype). entry = s_info.propHashTable(exec)->entry(exec, propertyName); if (entry && !(entry->attributes() & JSC::Function) && entry->propertyGetter() == jsDOMWindowClosed) { descriptor.setDescriptor(jsBoolean(true), ReadOnly | DontDelete | DontEnum); return true; } entry = JSDOMWindowPrototype::s_info.propHashTable(exec)->entry(exec, propertyName); if (entry && (entry->attributes() & JSC::Function) && entry->function() == jsDOMWindowPrototypeFunctionClose) { PropertySlot slot; slot.setCustom(thisObject, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionClose, 0>); descriptor.setDescriptor(slot.getValue(exec, propertyName), ReadOnly | DontDelete | DontEnum); return true; } descriptor.setUndefined(); return true; } entry = JSDOMWindow::s_info.propHashTable(exec)->entry(exec, propertyName); if (entry) { PropertySlot slot; slot.setCustom(thisObject, entry->propertyGetter()); descriptor.setDescriptor(slot.getValue(exec, propertyName), entry->attributes()); return true; } // Check for child frames by name before built-in properties to // match Mozilla. This does not match IE, but some sites end up // naming frames things that conflict with window properties that // are in Moz but not IE. Since we have some of these, we have to do // it the Moz way. if (thisObject->impl()->frame()->tree()->scopedChild(propertyNameToAtomicString(propertyName))) { PropertySlot slot; slot.setCustom(thisObject, childFrameGetter); descriptor.setDescriptor(slot.getValue(exec, propertyName), ReadOnly | DontDelete | DontEnum); return true; } unsigned i = propertyName.asIndex(); if (i < thisObject->impl()->frame()->tree()->scopedChildCount()) { ASSERT(i != PropertyName::NotAnIndex); PropertySlot slot; slot.setCustomIndex(thisObject, i, indexGetter); descriptor.setDescriptor(slot.getValue(exec, propertyName), ReadOnly | DontDelete | DontEnum); return true; } // Allow shortcuts like 'Image1' instead of document.images.Image1 Document* document = thisObject->impl()->frame()->document(); if (document->isHTMLDocument()) { AtomicStringImpl* atomicPropertyName = findAtomicString(propertyName); if (atomicPropertyName && (toHTMLDocument(document)->hasNamedItem(atomicPropertyName) || document->hasElementWithId(atomicPropertyName))) { PropertySlot slot; slot.setCustom(thisObject, namedItemGetter); descriptor.setDescriptor(slot.getValue(exec, propertyName), ReadOnly | DontDelete | DontEnum); return true; } } return Base::getOwnPropertyDescriptor(thisObject, exec, propertyName, descriptor); }
// Defined in ES5.1 15.4.5.1 bool JSArray::defineOwnProperty(JSObject* object, ExecState* exec, PropertyName propertyName, PropertyDescriptor& descriptor, bool throwException) { JSArray* array = jsCast<JSArray*>(object); // 3. If P is "length", then if (propertyName == exec->propertyNames().length) { // All paths through length definition call the default [[DefineOwnProperty]], hence: // from ES5.1 8.12.9 7.a. if (descriptor.configurablePresent() && descriptor.configurable()) return reject(exec, throwException, "Attempting to change configurable attribute of unconfigurable property."); // from ES5.1 8.12.9 7.b. if (descriptor.enumerablePresent() && descriptor.enumerable()) return reject(exec, throwException, "Attempting to change enumerable attribute of unconfigurable property."); // a. If the [[Value]] field of Desc is absent, then // a.i. Return the result of calling the default [[DefineOwnProperty]] internal method (8.12.9) on A passing "length", Desc, and Throw as arguments. if (descriptor.isAccessorDescriptor()) return reject(exec, throwException, "Attempting to change access mechanism for an unconfigurable property."); // from ES5.1 8.12.9 10.a. if (!array->isLengthWritable() && descriptor.writablePresent() && descriptor.writable()) return reject(exec, throwException, "Attempting to change writable attribute of unconfigurable property."); // This descriptor is either just making length read-only, or changing nothing! if (!descriptor.value()) { if (descriptor.writablePresent()) array->setLengthWritable(exec, descriptor.writable()); return true; } // b. Let newLenDesc be a copy of Desc. // c. Let newLen be ToUint32(Desc.[[Value]]). unsigned newLen = descriptor.value().toUInt32(exec); // d. If newLen is not equal to ToNumber( Desc.[[Value]]), throw a RangeError exception. if (newLen != descriptor.value().toNumber(exec)) { throwError(exec, createRangeError(exec, "Invalid array length")); return false; } // Based on SameValue check in 8.12.9, this is always okay. if (newLen == array->length()) { if (descriptor.writablePresent()) array->setLengthWritable(exec, descriptor.writable()); return true; } // e. Set newLenDesc.[[Value] to newLen. // f. If newLen >= oldLen, then // f.i. Return the result of calling the default [[DefineOwnProperty]] internal method (8.12.9) on A passing "length", newLenDesc, and Throw as arguments. // g. Reject if oldLenDesc.[[Writable]] is false. if (!array->isLengthWritable()) return reject(exec, throwException, "Attempting to change value of a readonly property."); // h. If newLenDesc.[[Writable]] is absent or has the value true, let newWritable be true. // i. Else, // i.i. Need to defer setting the [[Writable]] attribute to false in case any elements cannot be deleted. // i.ii. Let newWritable be false. // i.iii. Set newLenDesc.[[Writable] to true. // j. Let succeeded be the result of calling the default [[DefineOwnProperty]] internal method (8.12.9) on A passing "length", newLenDesc, and Throw as arguments. // k. If succeeded is false, return false. // l. While newLen < oldLen repeat, // l.i. Set oldLen to oldLen – 1. // l.ii. Let deleteSucceeded be the result of calling the [[Delete]] internal method of A passing ToString(oldLen) and false as arguments. // l.iii. If deleteSucceeded is false, then if (!array->setLength(exec, newLen, throwException)) { // 1. Set newLenDesc.[[Value] to oldLen+1. // 2. If newWritable is false, set newLenDesc.[[Writable] to false. // 3. Call the default [[DefineOwnProperty]] internal method (8.12.9) on A passing "length", newLenDesc, and false as arguments. // 4. Reject. if (descriptor.writablePresent()) array->setLengthWritable(exec, descriptor.writable()); return false; } // m. If newWritable is false, then // i. Call the default [[DefineOwnProperty]] internal method (8.12.9) on A passing "length", // Property Descriptor{[[Writable]]: false}, and false as arguments. This call will always // return true. if (descriptor.writablePresent()) array->setLengthWritable(exec, descriptor.writable()); // n. Return true. return true; } // 4. Else if P is an array index (15.4), then // a. Let index be ToUint32(P). unsigned index = propertyName.asIndex(); if (index != PropertyName::NotAnIndex) { // b. Reject if index >= oldLen and oldLenDesc.[[Writable]] is false. if (index >= array->length() && !array->isLengthWritable()) return reject(exec, throwException, "Attempting to define numeric property on array with non-writable length property."); // c. Let succeeded be the result of calling the default [[DefineOwnProperty]] internal method (8.12.9) on A passing P, Desc, and false as arguments. // d. Reject if succeeded is false. // e. If index >= oldLen // e.i. Set oldLenDesc.[[Value]] to index + 1. // e.ii. Call the default [[DefineOwnProperty]] internal method (8.12.9) on A passing "length", oldLenDesc, and false as arguments. This call will always return true. // f. Return true. return array->defineOwnIndexedProperty(exec, index, descriptor, throwException); } return array->JSObject::defineOwnNonIndexProperty(exec, propertyName, descriptor, throwException); }
bool JSDOMWindow::getOwnPropertySlot(JSCell* cell, ExecState* exec, PropertyName propertyName, PropertySlot& slot) { JSDOMWindow* thisObject = jsCast<JSDOMWindow*>(cell); // When accessing a Window cross-domain, functions are always the native built-in ones, and they // are not affected by properties changed on the Window or anything in its prototype chain. // This is consistent with the behavior of Firefox. const HashEntry* entry; // We don't want any properties other than "close" and "closed" on a frameless window (i.e. one whose page got closed, // or whose iframe got removed). // FIXME: This doesn't fully match Firefox, which allows at least toString in addition to those. if (!thisObject->impl()->frame()) { // The following code is safe for cross-domain and same domain use. // It ignores any custom properties that might be set on the DOMWindow (including a custom prototype). entry = s_info.propHashTable(exec)->entry(exec, propertyName); if (entry && !(entry->attributes() & JSC::Function) && entry->propertyGetter() == jsDOMWindowClosed) { slot.setCustom(thisObject, entry->propertyGetter()); return true; } entry = JSDOMWindowPrototype::s_info.propHashTable(exec)->entry(exec, propertyName); if (entry && (entry->attributes() & JSC::Function) && entry->function() == jsDOMWindowPrototypeFunctionClose) { slot.setCustom(thisObject, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionClose, 0>); return true; } // FIXME: We should have a message here that explains why the property access/function call was // not allowed. slot.setUndefined(); return true; } // We need to check for cross-domain access here without printing the generic warning message // because we always allow access to some function, just different ones depending whether access // is allowed. String errorMessage; bool allowsAccess = shouldAllowAccessToDOMWindow(exec, thisObject->impl(), errorMessage); // Look for overrides before looking at any of our own properties, but ignore overrides completely // if this is cross-domain access. if (allowsAccess && JSGlobalObject::getOwnPropertySlot(thisObject, exec, propertyName, slot)) return true; // We need this code here because otherwise JSDOMWindowBase will stop the search before we even get to the // prototype due to the blanket same origin (shouldAllowAccessToDOMWindow) check at the end of getOwnPropertySlot. // Also, it's important to get the implementation straight out of the DOMWindow prototype regardless of // what prototype is actually set on this object. entry = JSDOMWindowPrototype::s_info.propHashTable(exec)->entry(exec, propertyName); if (entry) { if (entry->attributes() & JSC::Function) { if (entry->function() == jsDOMWindowPrototypeFunctionBlur) { if (!allowsAccess) { slot.setCustom(thisObject, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionBlur, 0>); return true; } } else if (entry->function() == jsDOMWindowPrototypeFunctionClose) { if (!allowsAccess) { slot.setCustom(thisObject, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionClose, 0>); return true; } } else if (entry->function() == jsDOMWindowPrototypeFunctionFocus) { if (!allowsAccess) { slot.setCustom(thisObject, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionFocus, 0>); return true; } } else if (entry->function() == jsDOMWindowPrototypeFunctionPostMessage) { if (!allowsAccess) { slot.setCustom(thisObject, nonCachingStaticFunctionGetter<jsDOMWindowPrototypeFunctionPostMessage, 2>); return true; } } else if (entry->function() == jsDOMWindowPrototypeFunctionShowModalDialog) { if (!DOMWindow::canShowModalDialog(thisObject->impl()->frame())) { slot.setUndefined(); return true; } } } } else { // Allow access to toString() cross-domain, but always Object.prototype.toString. if (propertyName == exec->propertyNames().toString) { if (!allowsAccess) { slot.setCustom(thisObject, objectToStringFunctionGetter); return true; } } } entry = JSDOMWindow::s_info.propHashTable(exec)->entry(exec, propertyName); if (entry) { slot.setCustom(thisObject, entry->propertyGetter()); return true; } // Check for child frames by name before built-in properties to // match Mozilla. This does not match IE, but some sites end up // naming frames things that conflict with window properties that // are in Moz but not IE. Since we have some of these, we have to do // it the Moz way. if (thisObject->impl()->frame()->tree()->scopedChild(propertyNameToAtomicString(propertyName))) { slot.setCustom(thisObject, childFrameGetter); return true; } // Do prototype lookup early so that functions and attributes in the prototype can have // precedence over the index and name getters. JSValue proto = thisObject->prototype(); if (proto.isObject()) { if (asObject(proto)->getPropertySlot(exec, propertyName, slot)) { if (!allowsAccess) { thisObject->printErrorMessage(errorMessage); slot.setUndefined(); } return true; } } // FIXME: Search the whole frame hierarchy somewhere around here. // We need to test the correct priority order. // allow window[1] or parent[1] etc. (#56983) unsigned i = propertyName.asIndex(); if (i < thisObject->impl()->frame()->tree()->scopedChildCount()) { ASSERT(i != PropertyName::NotAnIndex); slot.setCustomIndex(thisObject, i, indexGetter); return true; } if (!allowsAccess) { thisObject->printErrorMessage(errorMessage); slot.setUndefined(); return true; } // Allow shortcuts like 'Image1' instead of document.images.Image1 Document* document = thisObject->impl()->frame()->document(); if (document->isHTMLDocument()) { AtomicStringImpl* atomicPropertyName = findAtomicString(propertyName); if (atomicPropertyName && (toHTMLDocument(document)->hasNamedItem(atomicPropertyName) || document->hasElementWithId(atomicPropertyName))) { slot.setCustom(thisObject, namedItemGetter); return true; } } return Base::getOwnPropertySlot(thisObject, exec, propertyName, slot); }