- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Sat, 31 Jan 2009 22:09:22 -0500
Ian Hickson wrote: > I haven't mentioned the 'this' behavior, so right now |this !=== window|, > which breaks the invariant that there is no way to actually get hold of a > reference to the Window object itself (as opposed to the outer WindowProxy > object that forwards to the inner Window object). This requirement would > be a violation of ECMAScript 3.1, so if we could get that changed in > ES3.1, that would be great. Failing that, it should probably be in the > WebIDL JavaScript binding section. As I recall, in Gecko the keyword |this| evaluates to the outer window. I'm not sure what happens to the implicit |this| that's computed when defining a global function, say. The reason for this setup was precisely to prevent script from getting a handle to the inner Window. Since we do security checks for cross-site scripting in the outer Window, any ability to pass inner Windows cross-site would be an automatic security hole. The setup as it exists right now allows scripts that run within a single window and never explicitly touch Window objects to not have to perform security checks on every property access. You might want to double-check with Blake Kaplan, Brendan Eich, or Johnny Stenback on the above, as well as on how this fits in with ECMAScript 3.1. I seem to recall something about that going by in the bugs when this was being worked on, but Brendan is more likely to recall the details than I am to be able to find them... -Boris
Received on Saturday, 31 January 2009 19:09:22 UTC