[Webkit-unassigned] [Bug 81416] [V8] Wrong constructor/__proto__ when using frames
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Mar 16 16:08:22 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=81416
--- Comment #1 from Erik Arvidsson <arv at chromium.org> 2012-03-16 16:08:22 PST ---
The reason why this works correctly for Nodes is that in the generated wrapSlow function we get the proxy from the frame of the node. For non nodes we do not generally have a way to get to the frame.
For things like DOMTokenList and NodeList we sometimes have a pointer to the owner node but maybe a better thing to do is to include the proxy/frame/node in the call to toV8 when we first get the object.
Today:
static v8::Handle<v8::Value> childNodesAttrGetter(v8::Local<v8::String> name, const v8::AccessorInfo& info)
{
INC_STATS("DOM.Node.childNodes._get");
Node* imp = V8Node::toNative(info.Holder());
return toV8(imp->childNodes());
}
maybe we should do something like:
static v8::Handle<v8::Value> childNodesAttrGetter(v8::Local<v8::String> name, const v8::AccessorInfo& info)
{
INC_STATS("DOM.Node.childNodes._get");
Node* imp = V8Node::toNative(info.Holder());
return toV8(imp->childNodes(), imp);
}
and then generate toV8 functions that take T* and a Node*.
Another option might be to enter the context of imp before calling toV8 but seems a lot more expensive.
JSC passes the global into toJS
JSValue result = toJS(exec, castedThis->globalObject(), WTF::getPtr(impl->childNodes()));
Still, this will not work for collections and other things. I think we need to be able to get the global out of the object and pass that to toV8.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list