| Index: test/mjsunit/error-constructors.js
|
| diff --git a/test/mjsunit/error-constructors.js b/test/mjsunit/error-constructors.js
|
| index 5c2aac5b8703cb421a69066465d437c6aae9254f..0f3d74c960cfb04ad84be7919e5dca9eeab8338e 100644
|
| --- a/test/mjsunit/error-constructors.js
|
| +++ b/test/mjsunit/error-constructors.js
|
| @@ -69,11 +69,9 @@
|
| assertTrue(e.hasOwnProperty('stack'));
|
|
|
| // Check that intercepting property access from toString is prevented for
|
| -// compiler errors. This is not specified, but allowing interception through a
|
| -// getter can leak error objects from different script tags in the same context
|
| -// in a browser setting. Use Realm.eval as a proxy for loading scripts. We
|
| -// ignore the exception thrown from it since that would not be catchable from
|
| -// user-land code.
|
| +// compiler errors. This is not specified, but allowing interception
|
| +// through a getter can leak error objects from different
|
| +// script tags in the same context in a browser setting.
|
| var errors = [SyntaxError, ReferenceError, TypeError, RangeError, URIError];
|
| var error_triggers = ["syntax error",
|
| "var error = reference",
|
| @@ -81,12 +79,39 @@
|
| "String.fromCodePoint(0xFFFFFF)",
|
| "decodeURI('%F')"];
|
| for (var i in errors) {
|
| + var name = errors[i].name;
|
| +
|
| // Monkey-patch prototype.
|
| - for (var prop of ["name", "message", "stack"]) {
|
| - errors[i].prototype.__defineGetter__(prop, fail);
|
| + var props = ["name", "message", "stack"];
|
| + for (var j in props) {
|
| + errors[i].prototype.__defineGetter__(props[j], fail);
|
| }
|
| // String conversion should not invoke monkey-patched getters on prototype.
|
| - assertThrows(()=>Realm.eval(0, error_triggers[i]));
|
| + var error;
|
| + try {
|
| + eval(error_triggers[i]);
|
| + } catch (e) {
|
| + error = e;
|
| + }
|
| + assertTrue(error.toString().startsWith(name));
|
| +
|
| + // Deleting message on the error (exposing the getter) is fine.
|
| + delete error.message;
|
| + assertEquals(name, error.toString());
|
| +
|
| + // Custom properties shadowing the name are fine.
|
| + var myerror = { name: "myerror", message: "mymessage"};
|
| + myerror.__proto__ = error;
|
| + assertEquals("myerror: mymessage", myerror.toString());
|
| +
|
| + // Custom getters in actual objects are welcome.
|
| + error.__defineGetter__("name", function() { return "mine"; });
|
| + assertEquals("mine", error.toString());
|
| +
|
| + // Custom properties shadowing the name are fine.
|
| + var myerror2 = { message: "mymessage"};
|
| + myerror2.__proto__ = error;
|
| + assertEquals("mine: mymessage", myerror2.toString());
|
| }
|
|
|
| // Monkey-patching non-internal errors should still be observable.
|
|
|
Chromium Code Reviews
Issue 1510173002:
Revert of Make Error.prototype.toString spec compliant; and fix various side-effect-free error printing metho… (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master