[Webkit-unassigned] [Bug 120052] New: Remove custom getOwnPropertyDescriptor for JSProxy

Mon Aug 19 23:47:06 PDT 2013

https://bugs.webkit.org/show_bug.cgi?id=120052

           Summary: Remove custom getOwnPropertyDescriptor for JSProxy
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: barraclough at apple.com

GET_OWN_PROPERTY_DESCRIPTOR_IMPL runs afoul with JSProxy due to the workaround for JSDOMWindow's broken behavior. Because the window object incorrectly searches the prototype chain in getOwnPropertySlot we check that the base object matches, but in the case of JSProxy we can end up comparing the window object to the window shell & falsely assuming this is a prototype property.  Add toThis conversion to correctly identify proxied own access. I've kept the original slotBase check as a fast case, and also so that direct access on JSDOMWindow still works.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.