bool DebuggerScope::getOwnPropertySlot(JSObject* object, ExecState* exec, PropertyName propertyName, PropertySlot& slot)
{
DebuggerScope* scope = jsCast<DebuggerScope*>(object);
ASSERT(scope->isValid());
if (!scope->isValid())
return false;
JSObject* thisObject = JSScope::objectAtScope(scope->jsScope());
slot.setThisValue(JSValue(thisObject));
// By default, JSObject::getPropertySlot() will look in the DebuggerScope's prototype
// chain and not the wrapped scope, and JSObject::getPropertySlot() cannot be overridden
// to behave differently for the DebuggerScope.
//
// Instead, we'll treat all properties in the wrapped scope and its prototype chain as
// the own properties of the DebuggerScope. This is fine because the WebInspector
// does not presently need to distinguish between what's owned at each level in the
// prototype chain. Hence, we'll invoke getPropertySlot() on the wrapped scope here
// instead of getOwnPropertySlot().
bool result = thisObject->getPropertySlot(exec, propertyName, slot);
if (result && slot.isValue() && slot.getValue(exec, propertyName) == jsTDZValue()) {
// FIXME:
// We hit a scope property that has the TDZ empty value.
// Currently, we just lie to the inspector and claim that this property is undefined.
// This is not ideal and we should fix it.
// https://bugs.webkit.org/show_bug.cgi?id=144977
slot.setValue(slot.slotBase(), DontEnum, jsUndefined());
return true;
}
return result;
}
void StructureRareData::setObjectToStringValue(ExecState* exec, VM& vm, Structure* ownStructure, JSString* value, PropertySlot toStringTagSymbolSlot)
{
if (m_giveUpOnObjectToStringValueCache)
return;
ObjectPropertyConditionSet conditionSet;
if (toStringTagSymbolSlot.isValue()) {
// We don't handle the own property case of Symbol.toStringTag because we would never know if a new
// object transitioning to the same structure had the same value stored in Symbol.toStringTag.
// Additionally, this is a super unlikely case anyway.
if (!toStringTagSymbolSlot.isCacheable() || toStringTagSymbolSlot.slotBase()->structure(vm) == ownStructure)
return;
// This will not create a condition for the current structure but that is good because we know the Symbol.toStringTag
// is not on the ownStructure so we will transisition if one is added and this cache will no longer be used.
conditionSet = generateConditionsForPrototypePropertyHit(vm, this, exec, ownStructure, toStringTagSymbolSlot.slotBase(), vm.propertyNames->toStringTagSymbol.impl());
ASSERT(!conditionSet.isValid() || conditionSet.hasOneSlotBaseCondition());
} else if (toStringTagSymbolSlot.isUnset())
conditionSet = generateConditionsForPropertyMiss(vm, this, exec, ownStructure, vm.propertyNames->toStringTagSymbol.impl());
else
return;
if (!conditionSet.isValid()) {
m_giveUpOnObjectToStringValueCache = true;
return;
}
ObjectPropertyCondition equivCondition;
for (const ObjectPropertyCondition& condition : conditionSet) {
if (condition.condition().kind() == PropertyCondition::Presence) {
ASSERT(isValidOffset(condition.offset()));
condition.object()->structure(vm)->startWatchingPropertyForReplacements(vm, condition.offset());
equivCondition = condition.attemptToMakeEquivalenceWithoutBarrier();
// The equivalence condition won't be watchable if we have already seen a replacement.
if (!equivCondition.isWatchable()) {
m_giveUpOnObjectToStringValueCache = true;
return;
}
} else if (!condition.isWatchable()) {
m_giveUpOnObjectToStringValueCache = true;
return;
}
}
ASSERT(conditionSet.structuresEnsureValidity());
for (ObjectPropertyCondition condition : conditionSet) {
if (condition.condition().kind() == PropertyCondition::Presence) {
m_objectToStringAdaptiveInferredValueWatchpoint = std::make_unique<ObjectToStringAdaptiveInferredPropertyValueWatchpoint>(equivCondition, this);
m_objectToStringAdaptiveInferredValueWatchpoint->install();
} else
m_objectToStringAdaptiveWatchpointSet.add(condition, this)->install();
}
m_objectToStringValue.set(vm, this, value);
}
// Property access sequence is:
// (1) indexed properties,
// (2) regular own properties,
// (3) named properties (in fact, these shouldn't be on the window, should be on the NPO).
bool JSDOMWindow::getOwnPropertySlot(JSObject* object, ExecState* state, PropertyName propertyName, PropertySlot& slot)
{
// (1) First, indexed properties.
// Hand off all indexed access to getOwnPropertySlotByIndex, which supports the indexed getter.
if (Optional<unsigned> index = parseIndex(propertyName))
return getOwnPropertySlotByIndex(object, state, index.value(), slot);
auto* thisObject = jsCast<JSDOMWindow*>(object);
auto* frame = thisObject->wrapped().frame();
// Hand off all cross-domain/frameless access to jsDOMWindowGetOwnPropertySlotRestrictedAccess.
String errorMessage;
if (!frame || !BindingSecurity::shouldAllowAccessToDOMWindow(*state, thisObject->wrapped(), errorMessage))
return jsDOMWindowGetOwnPropertySlotRestrictedAccess(thisObject, frame, state, propertyName, slot, errorMessage);
// FIXME: this need more explanation.
// (Particularly, is it correct that this exists here but not in getOwnPropertySlotByIndex?)
slot.setWatchpointSet(thisObject->m_windowCloseWatchpoints);
// (2) Regular own properties.
PropertySlot slotCopy = slot;
if (Base::getOwnPropertySlot(thisObject, state, propertyName, slot)) {
// Detect when we're getting the property 'showModalDialog', this is disabled, and has its original value.
bool isShowModalDialogAndShouldHide = propertyName == state->propertyNames().showModalDialog
&& !DOMWindow::canShowModalDialog(frame)
&& slot.isValue() && isHostFunction(slot.getValue(state, propertyName), jsDOMWindowInstanceFunctionShowModalDialog);
// Unless we're in the showModalDialog special case, we're done.
if (!isShowModalDialogAndShouldHide)
return true;
slot = slotCopy;
}
#if ENABLE(USER_MESSAGE_HANDLERS)
if (propertyName == state->propertyNames().webkit && thisObject->wrapped().shouldHaveWebKitNamespaceForWorld(thisObject->world())) {
slot.setCacheableCustom(thisObject, DontDelete | ReadOnly, jsDOMWindowWebKit);
return true;
}
#endif
return false;
}
