[webkit-dev] ExecState::thisObject()

Adam Barth abarth at webkit.org
Mon Jul 13 16:34:13 PDT 2009

On Mon, Jul 13, 2009 at 4:20 PM, Maciej Stachowiak<mjs at apple.com> wrote:
> My own interest would be in weighing the tradeoffs. In the Pro column:
> 1) Are there aspects of this issue that create security holes?

CVE-2009-1702 is an example of such as security hole.  I'm sure that I
can find more if I look for them.

> 2) Are there aspects of this issue that create Web compatibility problems?

I don't know of any web compatibility problems arising from this
behavior.  The great deviation between browsers here makes this less

> 3) Would enforcing a new consistent behavior for this reduce the likelihood
> of future mistakes that cause material problems?

You're already convinced the answer here is yes.

> In the potential Con column:
> A) Will there be a performance or memory penalty?

I suspect the new behavior will take more memory, but I don't know how much.

> B) Will the change increase code complexity?

In some cases, the change might actually reduce code complexity.  For
example, if you look at the bindings code around events and database
transactions, we do a lot of machinating to find the "right" security
context.  Much of this code is buggy.  Having the appropriate
JSGlobalObject nearby might help.

> C) Is there a risk of introducing regressions with the change?

There is indeed a chance of regressions.  We'll want to test thoroughly.

> Personally I am convinced that the answers to (3) and (C) are both "yes",
> and I don't know about any of the other points.

I can try to provide more information as best I can.  Another option
is to make this change incrementally and assess the costs as we go.
For example, we could fix the SVG prototypes first.


More information about the webkit-dev mailing list