[Webkit-unassigned] [Bug 176766] Web Inspector: Implement `queryObjects` Command Line API

Mon Sep 11 21:41:40 PDT 2017

https://bugs.webkit.org/show_bug.cgi?id=176766

Joseph Pecoraro <joepeck at webkit.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |joepeck at webkit.org

--- Comment #1 from Joseph Pecoraro <joepeck at webkit.org> ---
I'd expect something like: (untested)

    Vector<JSCell> queryObjects(ExecState* exec, JSValue *proto)
    {
        Vector<JSCell> instances;

        HeapIterationScope iterationScope(m_vm.heap);
        m_vm.heap.objectSpace().forEachLiveCell([&instances] (HeapCell* cell, HeapCell::Kind kind) {
            if (kind != HeapCell::JSCell)
                return IterationStatus::Continue;

            JSCell* value = static_cast<JSCell*>(heapCell);
            if (JSObject::defaultHasInstance(exec, value, proto))
                instances.append(cell);

            return IterationStatus::Continue;
        });

        return instances;
    }

We probably would want to avoid exposing private / built-in instances of objects. So we would need to special case or deny "Function", which might expose `Promise` and `@Promise`.

"Object" would be at risk of exposing plain Objects inside of builtins, like:

    var promiseCapability = {
        @promise: @undefined,
        @resolve: @undefined,
        @reject: @undefined
    };

but I don't think that is actually a problem because user script can't modify the private @properties of the object itself.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170912/3393cf4f/attachment.html>