[Webkit-unassigned] [Bug 66994] Implement Error.stack
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Sep 14 10:51:41 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=66994
--- Comment #19 from Oliver Hunt <oliver at apple.com> 2011-09-14 10:51:40 PST ---
(In reply to comment #14)
> It seems like the current implementation will potentially leak function names cross origin. This should probably be avoided.
How does this compare to the leak from walking the call stack with function.caller? Afaict if you were able to call a function (directly or indirectly) you must have some origin permissions. Should we maybe restrict .caller if the global objects don't match? It seems sufficiently edge case to probably be safe?
That said I did just realize something more significant that the origin bypass -> isolated worlds aren't sufficiently isolated: they share a global data, so a change that triggers synchronous JS by code in an isolated world (changing text or something with a world containing a change handler in an isolated world). If such case should be created it may be possible to create a stack trace that leaked the presence of a particular extension, etc.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list