Skip to site navigation (Press enter)

[webkit-changes] [283844] trunk/Source/JavaScriptCore

stephan . szabo Fri, 08 Oct 2021 15:36:14 -0700

Title: [283844] trunk/Source/_javascript_Core

Revision: 283844
Author: stephan.sz...@sony.com
Date: 2021-10-08 15:35:14 -0700 (Fri, 08 Oct 2021)

Log Message

[JSC] Add private C API for JSGlobalObject::setEvalEnabled
https://bugs.webkit.org/show_bug.cgi?id=231448


Reviewed by Yusuke Suzuki.

WebCore can prohibit eval (and Function constructor) usage in JS execution based on content security policy;
this patch gives embedders the ability to do similarly.

* API/JSContextRef.cpp:
(JSGlobalContextSetEvalEnabled): Added.
* API/JSContextRefPrivate.h:
* API/tests/testapi.c:

Modified Paths

trunk/Source/_javascript_Core/API/JSContextRef.cpp
trunk/Source/_javascript_Core/API/JSContextRefPrivate.h
trunk/Source/_javascript_Core/API/tests/testapi.c
trunk/Source/_javascript_Core/ChangeLog

Diff

Modified: trunk/Source/_javascript_Core/API/JSContextRef.cpp (283843 => 283844)


--- trunk/Source/_javascript_Core/API/JSContextRef.cpp	2021-10-08 22:21:19 UTC (rev 283843)
+++ trunk/Source/_javascript_Core/API/JSContextRef.cpp	2021-10-08 22:35:14 UTC (rev 283844)
@@ -268,6 +268,20 @@
     globalObject->setUnhandledRejectionCallback(vm, object);
 }
 
+void JSGlobalContextSetEvalEnabled(JSGlobalContextRef ctx, bool enabled, JSStringRef message)
+{
+    if (!ctx) {
+        ASSERT_NOT_REACHED();
+        return;
+    }
+
+    JSGlobalObject* globalObject = toJS(ctx);
+    VM& vm = globalObject->vm();
+    JSLockHolder locker(vm);
+
+    globalObject->setEvalEnabled(enabled, message ? message->string() : String());
+}
+
 class BacktraceFunctor {
 public:
     BacktraceFunctor(StringBuilder& builder, unsigned remainingCapacityForFrameCapture)

Modified: trunk/Source/_javascript_Core/API/JSContextRefPrivate.h (283843 => 283844)


--- trunk/Source/_javascript_Core/API/JSContextRefPrivate.h	2021-10-08 22:21:19 UTC (rev 283843)
+++ trunk/Source/_javascript_Core/API/JSContextRefPrivate.h	2021-10-08 22:35:14 UTC (rev 283844)
@@ -138,6 +138,15 @@
 */
 JS_EXPORT void JSGlobalContextSetUnhandledRejectionCallback(JSGlobalContextRef ctx, JSObjectRef function, JSValueRef* exception) JSC_API_AVAILABLE(macos(10.15.4), ios(13.4));
 
+/*!
+@function
+@abstract Sets whether a context allows use of eval (or the Function constructor).
+@param ctx The JSGlobalContext that you want to change.
+@param enabled The new eval enabled setting for the context.
+@param message The error message to display when user attempts to call eval (or the Function constructor). Pass NULL when setting enabled to true.
+*/
+JS_EXPORT void JSGlobalContextSetEvalEnabled(JSGlobalContextRef ctx, bool enabled, JSStringRef message) JSC_API_AVAILABLE(macos(JSC_MAC_TBA), ios(JSC_IOS_TBA));
+
 #ifdef __cplusplus
 }
 #endif

Modified: trunk/Source/_javascript_Core/API/tests/testapi.c (283843 => 283844)


--- trunk/Source/_javascript_Core/API/tests/testapi.c	2021-10-08 22:21:19 UTC (rev 283843)
+++ trunk/Source/_javascript_Core/API/tests/testapi.c	2021-10-08 22:35:14 UTC (rev 283844)
@@ -33,6 +33,7 @@
 #endif
 
 #include "JSBasePrivate.h"
+#include "JSContextRefPrivate.h"
 #include "JSHeapFinalizerPrivate.h"
 #include "JSMarkingConstraintPrivate.h"
 #include "JSObjectRefPrivate.h"
@@ -1992,6 +1993,19 @@
     JSStringRelease(sourceURL);
     JSStringRelease(sourceURLKey);
 
+    JSGlobalContextSetEvalEnabled(context, false, jsOneIString);
+    exception = NULL;
+    script = JSStringCreateWithUTF8CString("eval(\"3\");");
+    JSEvaluateScript(context, script, NULL, NULL, 1, &exception);
+    ASSERT(exception);
+    JSStringRelease(script);
+    exception = NULL;
+    script = JSStringCreateWithUTF8CString("Function(\"return 3;\");");
+    JSEvaluateScript(context, script, NULL, NULL, 1, &exception);
+    ASSERT(exception);
+    JSStringRelease(script);
+    JSGlobalContextSetEvalEnabled(context, true, NULL);
+
     // Verify that creating a constructor for a class with no static functions does not trigger
     // an assert inside putDirect or lead to a crash during GC. <https://bugs.webkit.org/show_bug.cgi?id=25785>
     nullDefinition = kJSClassDefinitionEmpty;

Modified: trunk/Source/_javascript_Core/ChangeLog (283843 => 283844)


--- trunk/Source/_javascript_Core/ChangeLog	2021-10-08 22:21:19 UTC (rev 283843)
+++ trunk/Source/_javascript_Core/ChangeLog	2021-10-08 22:35:14 UTC (rev 283844)
@@ -1,3 +1,18 @@
+2021-10-08  Ross Kirsling  <ross.kirsl...@sony.com> and Stephan Szabo  <stephan.sz...@sony.com>
+
+        [JSC] Add private C API for JSGlobalObject::setEvalEnabled
+        https://bugs.webkit.org/show_bug.cgi?id=231448
+
+        Reviewed by Yusuke Suzuki.
+
+        WebCore can prohibit eval (and Function constructor) usage in JS execution based on content security policy;
+        this patch gives embedders the ability to do similarly.
+
+        * API/JSContextRef.cpp:
+        (JSGlobalContextSetEvalEnabled): Added.
+        * API/JSContextRefPrivate.h:
+        * API/tests/testapi.c:
+
 2021-10-08  Yusuke Suzuki  <ysuz...@apple.com>
 
         [JSC] UnlinkedCodeBlock::m_instructions can be nullptr

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes