Issue 1938123002: Ensure that privates are private.

Issue 1938123002: Ensure that privates are private. (Closed)

Created:
4 years, 7 months ago by robwu

Modified:
4 years, 7 months ago

Reviewers:

CC:
chromium-reviews

Base URL:
https://chromium.googlesource.com/chromium/src.git@2704

Target Ref:
refs/pending/branch-heads/2704

Project:
chromium

Visibility:
Public.

Description

Ensure that privates are private. - Remove JS code injection functionality from UtilsNativeHandler. - Ensure that utils.expose only exposes public properties. - Prevent privates from getting poisoned via arbitrary constructor invocations. - Prevent privates from leaking through prototypes. BUG=603748 Review URL: https://codereview.chromium.org/1903303002 Cr-Commit-Position: refs/heads/master@{#389292} (cherry picked from commit 77e0fbe12e32b16d5c1d7c0380b45fde363004b2) Committed: https://chromium.googlesource.com/chromium/src/+/f2b970209b08639170042334a2f1f2342f8a9113

Patch Set 1 #

Created: 4 years, 7 months ago

	Unified diffs	Side-by-side diffs	Stats (+285 lines, -207 lines)
M	chrome/renderer/resources/extensions/automation/automation_event.js	View	1 chunk	+15 lines, -5 lines	0 comments
M	chrome/renderer/resources/extensions/automation/automation_node.js	View	1 chunk	+51 lines, -40 lines	0 comments
M	chrome/renderer/resources/extensions/enterprise_platform_keys/key_pair.js	View	1 chunk	+11 lines, -3 lines	0 comments
M	chrome/renderer/resources/extensions/enterprise_platform_keys/subtle_crypto.js	View	2 chunks	+12 lines, -9 lines	0 comments
M	chrome/renderer/resources/extensions/enterprise_platform_keys/token.js	View	1 chunk	+11 lines, -2 lines	0 comments
M	chrome/renderer/resources/extensions/platform_keys/key.js	View	1 chunk	+11 lines, -4 lines	0 comments
M	chrome/renderer/resources/extensions/platform_keys/subtle_crypto.js	View	1 chunk	+12 lines, -6 lines	0 comments
M	chrome/renderer/resources/extensions/web_view/chrome_web_view.js	View	4 chunks	+14 lines, -6 lines	0 comments
M	extensions/renderer/module_system.cc	View	1 chunk	+4 lines, -0 lines	0 comments
M	extensions/renderer/module_system_unittest.cc	View	1 chunk	+10 lines, -0 lines	0 comments
M	extensions/renderer/resources/event.js	View	1 chunk	+16 lines, -11 lines	0 comments
M	extensions/renderer/resources/messaging.js	View	1 chunk	+14 lines, -9 lines	0 comments
M	extensions/renderer/resources/utils.js	View	5 chunks	+65 lines, -16 lines	0 comments
M	extensions/renderer/resources/web_request_internal_custom_bindings.js	View	1 chunk	+14 lines, -11 lines	0 comments
M	extensions/renderer/safe_builtins.cc	View	1 chunk	+1 line, -1 line	0 comments
M	extensions/renderer/utils_native_handler.h	View	1 chunk	+0 lines, -5 lines	0 comments
M	extensions/renderer/utils_native_handler.cc	View	3 chunks	+0 lines, -65 lines	0 comments
M	extensions/test/data/utils_unittest.js	View	2 chunks	+24 lines, -14 lines	0 comments

Messages

Total messages: 2 (1 generated)

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages

robwu

4 years, 7 months ago (2016-05-02 20:24:18 UTC) #2

Message was sent while issue was closed.

Committed patchset #1 (id:1) manually as
f2b970209b08639170042334a2f1f2342f8a9113.

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages