W3C home > Mailing lists > Public > public-html-bugzilla@w3.org > July 2011

[Bug 12101] "Structured clone" can be passed an object with a hostile getter that returns an object identical to itself; "structured clone" does not prevent such an infinite regression.

From: <bugzilla@jessica.w3.org>
Date: Tue, 05 Jul 2011 17:28:02 +0000
To: public-html-bugzilla@w3.org
Message-Id: <E1Qe9Pm-0005gs-45@jessica.w3.org>
http://www.w3.org/Bugs/Public/show_bug.cgi?id=12101

Jonas Sicking <jonas@sicking.cc> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jonas@sicking.cc

--- Comment #6 from Jonas Sicking <jonas@sicking.cc> 2011-07-05 17:28:00 UTC ---
Why do we need to do anything here at all? Why is this different from:

while(1) {}

Browsers have to deal with malicious script that never finishes no matter what.
That mechanism should catch this case too.

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
Received on Tuesday, 5 July 2011 17:28:07 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 16:31:13 UTC