[Webkit-unassigned] [Bug 151134] JS builtins should use secured functions

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Nov 12 04:29:13 PST 2015


--- Comment #6 from Xabier Rodríguez Calvar <calvaris at igalia.com> ---
(In reply to comment #4)
> Ultimately, we might want to run built-in scripts in an isolated world with
> separate DOM prototypes and constructors.
> We would be able to use them on DOM C++ instances (which would have a JS
> wrapper for user scripts and a JS wrapper for built-in scripts). Cost might
> be ok?
> We would then be able to write JS code much more cleanly than we are now.
> One issue though is for pure JS objects, like promises and streams.
> I am not sure how we can handle these properly and efficiently.

I thought of using worlds too, but the problem with worlds is that you have to keep a link with the user world because there are some things that come from there, say user promises, etc. and even more, there are some things that could be generated in an isolated world that should be returned to the user world.

You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20151112/37476dde/attachment.html>

More information about the webkit-unassigned mailing list