mirror of
https://github.com/nodejs/node.git
synced 2024-11-30 07:27:22 +01:00
554ffa3432
PR-URL: https://github.com/nodejs/node/pull/28254 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com>
418 lines
12 KiB
JavaScript
418 lines
12 KiB
JavaScript
// Adapted from SES/Caja - Copyright (C) 2011 Google Inc.
|
|
// Copyright (C) 2018 Agoric
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
// Based upon:
|
|
// https://github.com/google/caja/blob/master/src/com/google/caja/ses/startSES.js
|
|
// https://github.com/google/caja/blob/master/src/com/google/caja/ses/repairES5.js
|
|
// https://github.com/tc39/proposal-ses/blob/e5271cc42a257a05dcae2fd94713ed2f46c08620/shim/src/freeze.js
|
|
|
|
/* global WebAssembly, SharedArrayBuffer, console */
|
|
/* eslint-disable no-restricted-globals */
|
|
'use strict';
|
|
|
|
module.exports = function() {
|
|
const {
|
|
defineProperty,
|
|
freeze,
|
|
getOwnPropertyDescriptor,
|
|
getOwnPropertyDescriptors,
|
|
getOwnPropertyNames,
|
|
getOwnPropertySymbols,
|
|
getPrototypeOf
|
|
} = Object;
|
|
const objectHasOwnProperty = Object.prototype.hasOwnProperty;
|
|
const { ownKeys } = Reflect;
|
|
const {
|
|
clearImmediate,
|
|
clearInterval,
|
|
clearTimeout,
|
|
setImmediate,
|
|
setInterval,
|
|
setTimeout
|
|
} = require('timers');
|
|
|
|
const intrinsicPrototypes = [
|
|
// Anonymous Intrinsics
|
|
// IteratorPrototype
|
|
getPrototypeOf(
|
|
getPrototypeOf(new Array()[Symbol.iterator]())
|
|
),
|
|
// ArrayIteratorPrototype
|
|
getPrototypeOf(new Array()[Symbol.iterator]()),
|
|
// StringIteratorPrototype
|
|
getPrototypeOf(new String()[Symbol.iterator]()),
|
|
// MapIteratorPrototype
|
|
getPrototypeOf(new Map()[Symbol.iterator]()),
|
|
// SetIteratorPrototype
|
|
getPrototypeOf(new Set()[Symbol.iterator]()),
|
|
// GeneratorFunction
|
|
getPrototypeOf(function* () {}),
|
|
// AsyncFunction
|
|
getPrototypeOf(async function() {}),
|
|
// AsyncGeneratorFunction
|
|
getPrototypeOf(async function* () {}),
|
|
// TypedArray
|
|
getPrototypeOf(Uint8Array),
|
|
|
|
// 19 Fundamental Objects
|
|
Object.prototype, // 19.1
|
|
Function.prototype, // 19.2
|
|
Boolean.prototype, // 19.3
|
|
|
|
Error.prototype, // 19.5
|
|
EvalError.prototype,
|
|
RangeError.prototype,
|
|
ReferenceError.prototype,
|
|
SyntaxError.prototype,
|
|
TypeError.prototype,
|
|
URIError.prototype,
|
|
|
|
// 20 Numbers and Dates
|
|
Number.prototype, // 20.1
|
|
Date.prototype, // 20.3
|
|
|
|
// 21 Text Processing
|
|
String.prototype, // 21.1
|
|
RegExp.prototype, // 21.2
|
|
|
|
// 22 Indexed Collections
|
|
Array.prototype, // 22.1
|
|
|
|
Int8Array.prototype,
|
|
Uint8Array.prototype,
|
|
Uint8ClampedArray.prototype,
|
|
Int16Array.prototype,
|
|
Uint16Array.prototype,
|
|
Int32Array.prototype,
|
|
Uint32Array.prototype,
|
|
Float32Array.prototype,
|
|
Float64Array.prototype,
|
|
BigInt64Array.prototype,
|
|
BigUint64Array.prototype,
|
|
|
|
// 23 Keyed Collections
|
|
Map.prototype, // 23.1
|
|
Set.prototype, // 23.2
|
|
WeakMap.prototype, // 23.3
|
|
WeakSet.prototype, // 23.4
|
|
|
|
// 24 Structured Data
|
|
ArrayBuffer.prototype, // 24.1
|
|
DataView.prototype, // 24.3
|
|
Promise.prototype, // 25.4
|
|
|
|
// Other APIs / Web Compatibility
|
|
console.Console.prototype,
|
|
BigInt.prototype,
|
|
WebAssembly.Module.prototype,
|
|
WebAssembly.Instance.prototype,
|
|
WebAssembly.Table.prototype,
|
|
WebAssembly.Memory.prototype,
|
|
WebAssembly.CompileError.prototype,
|
|
WebAssembly.LinkError.prototype,
|
|
WebAssembly.RuntimeError.prototype,
|
|
SharedArrayBuffer.prototype
|
|
];
|
|
const intrinsics = [
|
|
// Anonymous Intrinsics
|
|
// ThrowTypeError
|
|
getOwnPropertyDescriptor(Function.prototype, 'caller').get,
|
|
// IteratorPrototype
|
|
getPrototypeOf(
|
|
getPrototypeOf(new Array()[Symbol.iterator]())
|
|
),
|
|
// ArrayIteratorPrototype
|
|
getPrototypeOf(new Array()[Symbol.iterator]()),
|
|
// StringIteratorPrototype
|
|
getPrototypeOf(new String()[Symbol.iterator]()),
|
|
// MapIteratorPrototype
|
|
getPrototypeOf(new Map()[Symbol.iterator]()),
|
|
// SetIteratorPrototype
|
|
getPrototypeOf(new Set()[Symbol.iterator]()),
|
|
// GeneratorFunction
|
|
getPrototypeOf(function* () {}),
|
|
// AsyncFunction
|
|
getPrototypeOf(async function() {}),
|
|
// AsyncGeneratorFunction
|
|
getPrototypeOf(async function* () {}),
|
|
// TypedArray
|
|
getPrototypeOf(Uint8Array),
|
|
|
|
// 18 The Global Object
|
|
eval,
|
|
isFinite,
|
|
isNaN,
|
|
parseFloat,
|
|
parseInt,
|
|
decodeURI,
|
|
decodeURIComponent,
|
|
encodeURI,
|
|
encodeURIComponent,
|
|
|
|
// 19 Fundamental Objects
|
|
Object, // 19.1
|
|
Function, // 19.2
|
|
Boolean, // 19.3
|
|
Symbol, // 19.4
|
|
|
|
Error, // 19.5
|
|
EvalError,
|
|
RangeError,
|
|
ReferenceError,
|
|
SyntaxError,
|
|
TypeError,
|
|
URIError,
|
|
|
|
// 20 Numbers and Dates
|
|
Number, // 20.1
|
|
Math, // 20.2
|
|
Date, // 20.3
|
|
|
|
// 21 Text Processing
|
|
String, // 21.1
|
|
RegExp, // 21.2
|
|
|
|
// 22 Indexed Collections
|
|
Array, // 22.1
|
|
|
|
Int8Array,
|
|
Uint8Array,
|
|
Uint8ClampedArray,
|
|
Int16Array,
|
|
Uint16Array,
|
|
Int32Array,
|
|
Uint32Array,
|
|
Float32Array,
|
|
Float64Array,
|
|
BigInt64Array,
|
|
BigUint64Array,
|
|
|
|
// 23 Keyed Collections
|
|
Map, // 23.1
|
|
Set, // 23.2
|
|
WeakMap, // 23.3
|
|
WeakSet, // 23.4
|
|
|
|
// 24 Structured Data
|
|
ArrayBuffer, // 24.1
|
|
DataView, // 24.3
|
|
JSON, // 24.5
|
|
Promise, // 25.4
|
|
|
|
// 26 Reflection
|
|
Reflect, // 26.1
|
|
Proxy, // 26.2
|
|
|
|
// B.2.1
|
|
escape,
|
|
unescape,
|
|
|
|
// Other APIs / Web Compatibility
|
|
clearImmediate,
|
|
clearInterval,
|
|
clearTimeout,
|
|
setImmediate,
|
|
setInterval,
|
|
setTimeout,
|
|
console,
|
|
BigInt,
|
|
Atomics,
|
|
WebAssembly,
|
|
SharedArrayBuffer
|
|
];
|
|
|
|
if (typeof Intl !== 'undefined') {
|
|
intrinsicPrototypes.push(Intl.Collator.prototype);
|
|
intrinsicPrototypes.push(Intl.DateTimeFormat.prototype);
|
|
intrinsicPrototypes.push(Intl.ListFormat.prototype);
|
|
intrinsicPrototypes.push(Intl.NumberFormat.prototype);
|
|
intrinsicPrototypes.push(Intl.PluralRules.prototype);
|
|
intrinsicPrototypes.push(Intl.RelativeTimeFormat.prototype);
|
|
intrinsics.push(Intl);
|
|
}
|
|
|
|
intrinsicPrototypes.forEach(enableDerivedOverrides);
|
|
|
|
const frozenSet = new WeakSet();
|
|
intrinsics.forEach(deepFreeze);
|
|
|
|
// Objects that are deeply frozen.
|
|
function deepFreeze(root) {
|
|
/**
|
|
* "innerDeepFreeze()" acts like "Object.freeze()", except that:
|
|
*
|
|
* To deepFreeze an object is to freeze it and all objects transitively
|
|
* reachable from it via transitive reflective property and prototype
|
|
* traversal.
|
|
*/
|
|
function innerDeepFreeze(node) {
|
|
// Objects that we have frozen in this round.
|
|
const freezingSet = new Set();
|
|
|
|
// If val is something we should be freezing but aren't yet,
|
|
// add it to freezingSet.
|
|
function enqueue(val) {
|
|
if (Object(val) !== val) {
|
|
// ignore primitives
|
|
return;
|
|
}
|
|
const type = typeof val;
|
|
if (type !== 'object' && type !== 'function') {
|
|
// NB: handle for any new cases in future
|
|
}
|
|
if (frozenSet.has(val) || freezingSet.has(val)) {
|
|
// TODO: Use uncurried form
|
|
// Ignore if already frozen or freezing
|
|
return;
|
|
}
|
|
freezingSet.add(val); // TODO: Use uncurried form
|
|
}
|
|
|
|
function doFreeze(obj) {
|
|
// Immediately freeze the object to ensure reactive
|
|
// objects such as proxies won't add properties
|
|
// during traversal, before they get frozen.
|
|
|
|
// Object are verified before being enqueued,
|
|
// therefore this is a valid candidate.
|
|
// Throws if this fails (strict mode).
|
|
freeze(obj);
|
|
|
|
// We rely upon certain commitments of Object.freeze and proxies here
|
|
|
|
// Get stable/immutable outbound links before a Proxy has a chance to do
|
|
// something sneaky.
|
|
const proto = getPrototypeOf(obj);
|
|
const descs = getOwnPropertyDescriptors(obj);
|
|
enqueue(proto);
|
|
ownKeys(descs).forEach((name) => {
|
|
// TODO: Uncurried form
|
|
// TODO: getOwnPropertyDescriptors is guaranteed to return well-formed
|
|
// descriptors, but they still inherit from Object.prototype. If
|
|
// someone has poisoned Object.prototype to add 'value' or 'get'
|
|
// properties, then a simple 'if ("value" in desc)' or 'desc.value'
|
|
// test could be confused. We use hasOwnProperty to be sure about
|
|
// whether 'value' is present or not, which tells us for sure that
|
|
// this is a data property.
|
|
const desc = descs[name];
|
|
if ('value' in desc) {
|
|
// todo uncurried form
|
|
enqueue(desc.value);
|
|
} else {
|
|
enqueue(desc.get);
|
|
enqueue(desc.set);
|
|
}
|
|
});
|
|
}
|
|
|
|
function dequeue() {
|
|
// New values added before forEach() has finished will be visited.
|
|
freezingSet.forEach(doFreeze); // TODO: Curried forEach
|
|
}
|
|
|
|
function commit() {
|
|
// TODO: Curried forEach
|
|
// We capture the real WeakSet.prototype.add above, in case someone
|
|
// changes it. The two-argument form of forEach passes the second
|
|
// argument as the 'this' binding, so we add to the correct set.
|
|
freezingSet.forEach(frozenSet.add, frozenSet);
|
|
}
|
|
|
|
enqueue(node);
|
|
dequeue();
|
|
commit();
|
|
}
|
|
|
|
innerDeepFreeze(root);
|
|
return root;
|
|
}
|
|
|
|
/**
|
|
* For a special set of properties (defined below), it ensures that the
|
|
* effect of freezing does not suppress the ability to override these
|
|
* properties on derived objects by simple assignment.
|
|
*
|
|
* Because of lack of sufficient foresight at the time, ES5 unfortunately
|
|
* specified that a simple assignment to a non-existent property must fail if
|
|
* it would override a non-writable data property of the same name. (In
|
|
* retrospect, this was a mistake, but it is now too late and we must live
|
|
* with the consequences.) As a result, simply freezing an object to make it
|
|
* tamper proof has the unfortunate side effect of breaking previously correct
|
|
* code that is considered to have followed JS best practices, if this
|
|
* previous code used assignment to override.
|
|
*
|
|
* To work around this mistake, deepFreeze(), prior to freezing, replaces
|
|
* selected configurable own data properties with accessor properties which
|
|
* simulate what we should have specified -- that assignments to derived
|
|
* objects succeed if otherwise possible.
|
|
*/
|
|
function enableDerivedOverride(obj, prop, desc) {
|
|
if ('value' in desc && desc.configurable) {
|
|
const value = desc.value;
|
|
|
|
function getter() {
|
|
return value;
|
|
}
|
|
|
|
// Re-attach the data property on the object so
|
|
// it can be found by the deep-freeze traversal process.
|
|
getter.value = value;
|
|
|
|
function setter(newValue) {
|
|
if (obj === this) {
|
|
// eslint-disable-next-line no-restricted-syntax
|
|
throw new TypeError(
|
|
`Cannot assign to read only property '${prop}' of object '${obj}'`
|
|
);
|
|
}
|
|
if (objectHasOwnProperty.call(this, prop)) {
|
|
this[prop] = newValue;
|
|
} else {
|
|
defineProperty(this, prop, {
|
|
value: newValue,
|
|
writable: true,
|
|
enumerable: desc.enumerable,
|
|
configurable: desc.configurable
|
|
});
|
|
}
|
|
}
|
|
|
|
defineProperty(obj, prop, {
|
|
get: getter,
|
|
set: setter,
|
|
enumerable: desc.enumerable,
|
|
configurable: desc.configurable
|
|
});
|
|
}
|
|
}
|
|
|
|
function enableDerivedOverrides(obj) {
|
|
if (!obj) {
|
|
return;
|
|
}
|
|
const descs = getOwnPropertyDescriptors(obj);
|
|
if (!descs) {
|
|
return;
|
|
}
|
|
getOwnPropertyNames(obj).forEach((prop) => {
|
|
return enableDerivedOverride(obj, prop, descs[prop]);
|
|
});
|
|
getOwnPropertySymbols(obj).forEach((prop) => {
|
|
return enableDerivedOverride(obj, prop, descs[prop]);
|
|
});
|
|
}
|
|
};
|