DescriptionFixes several problems in our support for safe debugging.
Fixes https://code.google.com/p/google-caja/issues/detail?id=1516
The UnsafeError object was exposed to privileged code as a property on
ses. Since the ses is accessible only to privileged code, this is not
a vulnerability, but it does violate a stated invariant. Caught by
trying to verify SES using S5
http://blog.brownplt.org/2011/11/11/s5-javascript-semantics.html
Fixes https://code.google.com/p/google-caja/issues/detail?id=1963
Rewires the Error inheritance hierarchy to stay compatible with ES6
while staying safe.
Fixes https://code.google.com/p/google-caja/issues/detail?id=1964
On non-v8, debug.js detects of Error.prototype.stack is an accessor
property. If so, grab its getter for its own internal use. This now
provides proper encapsulation of stack information on FF40
Nightly in addition to the encapsulation we have long had on v8.
Fixes https://code.google.com/p/google-caja/issues/detail?id=1965
When detecting a url into the rawgit service that matches a common
pattern, useHTMLLogger renders this as a link that takes you to the
corresponding page on github with the correct line highlighted.
Patch Set 1 #Patch Set 2 : Fixes several problems in our support for safe debugging. #Patch Set 3 : Fixes several problems in our support for safe debugging. #
Total comments: 6
Patch Set 4 : Fixes several problems in our support for safe debugging. #
Total comments: 3
Patch Set 5 : Fixes several problems in our support for safe debugging. #Patch Set 6 : Fixes several problems in our support for safe debugging. #Patch Set 7 : Fixes several problems in our support for safe debugging. #
MessagesTotal messages: 16
|