Please review: change of window property lookup

Harri Porten porten at kde.org
Sat May 28 16:32:21 BST 2005 

Hi (David)!

Seems like there's always one bug left in the way properties are looked up
in the window object. As http://bugs.kde.org/show_bug.cgi?id=104181 shows
it should appearantly not be possible to override window properties by
adding properties to the Object prototype.

I only compared with Firefox but the implementation in other browsers is
really inconsistent. There's no window.prototype

  shouldBeUndefined("window.prototype");

but window.__proto__ is set

  shouldBeTrue("!!window.__proto__");

and the reverse condition is true:

  shouldBeTrue("Object.prototype.isPrototypeOf(window)");

I'll apply the attached patch unless someone sees a problem with it. It
makes Window::get() first check for purely dynamic properties, than window
specific properties and only later it will look into the prototype. Maybe
the second part of the lookup should be positioned elsewhere but the
behaviour will definitely be improved already.

Harri.
-------------- next part --------------
Index: kjs_window.cpp
===================================================================
--- kjs_window.cpp	(revision 418835)
+++ kjs_window.cpp	(working copy)
@@ -487,10 +487,10 @@
   }
 
   // Look for overrides first
-  Value val = ObjectImp::get(exec, p);
-  if (!val.isA(UndefinedType)) {
+  ValueImp *val = getDirect(p);
+  if (val) {
     //kdDebug(6070) << "Window::get found dynamic property '" << p.ascii() << "'" << endl;
-    return isSafeScript(exec) ? val : Undefined();
+    return isSafeScript(exec) ? Value(val) : Undefined();
   }
 
   const HashEntry* entry = Lookup::findEntry(&WindowTable, p);
@@ -764,6 +764,18 @@
       return getListener(exec,DOM::EventImpl::UNLOAD_EVENT);
     }
   }
+
+  // doing the remainder of ObjectImp::get() that is not covered by
+  // the getDirect() call above.
+  Object proto = Object::dynamicCast(prototype());
+  assert(proto.isValid());
+  if (p == specialPrototypePropertyName)
+    return isSafeScript(exec) ? Value(proto) : Undefined();
+  Value val2 = proto.get(exec, p);
+  if (!val2.isA(UndefinedType)) {
+    return isSafeScript(exec) ? val2 : Undefined();
+  }
+
   KParts::ReadOnlyPart *rop = part->findFramePart( p.qstring() );
   if (rop)
     return retrieve(rop);

More information about the kfm-devel mailing list