- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Tue, 25 Sep 2012 01:10:11 -0400
- To: whatwg <whatwg@lists.whatwg.org>, "public-script-coord@w3.org" <public-script-coord@w3.org>
- Message-ID: <50613CB3.5030302@mit.edu>
Turns out, some things care about at least the .href and .toString of Location objects for security-check purposes. So they need to be unforgeable. But of course WebIDL doesn't provide a way to make anything other than readonly attributes unforgeable. It seems like it needs to. In terms of current UA behavior for Location, it is full of weird. The only interoparable part seems to be that href and toString can't be effectively redefined. In IE and Gecko, neither can any of the other IDL properties of Location objects. So we have indications that making everything on this interface unforgeable is sufficiently web-compatible. Specifically, on the attached testcase, I see the following behavior: Opera: * toString is not an own prop, is a configurable prop on the proto, but defineProperty on the object for it fails with an exception due to it not being configurable(!) * href is a non-configurable own prop * assign/replace/reload are normal props on the proto * The rest are normal accessor props on the object itself. Chrome: * toString is a non-configurable readonly own prop * href is a non-configurable own prop for which defineProperty silently does nothing. * assign/replace/reload are just like toString * The rest are "normal" data props on the object, except defineProperty does not change the value, which it should for normal props. Safari: * toString is a non-configurable readonly own prop and also a non-configurable writable prop on the proto. Except location.hasOwnProperty("toString") returns false. * href is a non-configurable readonly own prop * assign/replace/reload are just like toString except writable, so defineProperty can change the value. * The rest are all readonly non-configurable props on the object itself. Gecko: * It's all weird, because location is actually a bizarro proxy object (e.g. it has no __proto__ property, returns weird stuff that can't be stringified from Object.getPrototypeOf()). * The key part is that trying to redefine _any_ of the properties that live on Location.prototype on the location object itself is disallowed in Gecko. IE9: * All properties throw when getting property descriptors on location object. * Some properties are configurable on the proto and some are not. * All properties throw when trying to redefine. Including non-IDL properties. Setting expandos works fine, though. * All properties claim to not be own properties. -Boris
Attachments
- text/html attachment: test.html
Received on Tuesday, 25 September 2012 05:13:21 UTC