[webkit-dev] ExecState::thisObject()

Maciej Stachowiak mjs at apple.com
Mon Jul 13 14:26:16 PDT 2009

On Jul 13, 2009, at 2:18 PM, Sam Weinig wrote:

> I discussed this a bit with Darin and Geoff, and we came to the  
> conclusion that the correct fix is to have each JS DOMObject store a  
> JSGlobalObject pointer and augment the toJS methods to pass a global  
> object instead of an ExecState (close to you #1).

You probably mean "in addition to" rather than "instead of".

  - Maciej

(As a side note, I'm not sure this is really a security issue, since  
we're primarily talking about same-origin access here. For the few  
cases where cross-origin access is allowed, we would *not* want to  
expose the home window's prototype chain. So for Window.postMessage  
for instance, cross-origin access need to give you a distinct wrapper.)

More information about the webkit-dev mailing list