DescriptionPrior to this CL, SES assumes it can freeze a property on the global
object straightforwardly, by doing
Object.defineProperty(.., .., {.., configurable: false})
However, because of the browser split between Window and WindowProxy,
any browser that allows this breaks the ES6 invariants. Instead, on
browsers that implement the draft spec
https://github.com/domenic/window-proxy-spec
it is still possible to freeze these properties by roundabout
means. At the time of this writing, FF Nightly is the only browser
that obeys part of this new behavior though it does not implement all
of it. This CL changes the logic of freezing global properties so that
it works on
* browsers implementing the old behavior (currently, all but FF
Nightly)
* FF Nightly
* browsers implementing the new draft spec (which do not exist,
making this assertion hard to test)
* non-browsers, where there is no split of the global object.
Fixes
https://github.com/google/caja/issues/1974
See
https://esdiscuss.org/topic/figuring-out-the-behavior-of-windowproxy-in-the-face-of-non-configurable-properties
https://esdiscuss.org/topic/a-dom-use-case-that-can-t-be-emulated-with-direct-proxies
https://github.com/domenic/window-proxy-spec
Patch Set 1 #
Total comments: 37
Patch Set 2 : Freeze globals successfully even on standards-conformant browsers. #
MessagesTotal messages: 6
|