Sanitize inheritance in callers of utils.expose

extensions/renderer/resources/utils.js

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 var nativeDeepCopy = requireNative('utils').deepCopy;
 var schemaRegistry = requireNative('schema_registry');
 var CHECK = requireNative('logging').CHECK;
 var DCHECK = requireNative('logging').DCHECK;
 var WARNING = requireNative('logging').WARNING;
 
@@ skipping 46 matching lines @@
     var types = schemaRegistry.GetSchema(schemaName).types;
   }
   for (var i = 0; i < types.length; ++i) {
     if (types[i].id == typeName)
       return types[i];
   }
   return null;
 }
 
 /**
+ * Sets a property |value| on |obj| with property name |key|. Like
+ *
+ *     obj[key] = value;
+ *
+ * but without triggering setters.
+ */
+function defineProperty(obj, key, value) {
+  $Object.defineProperty(obj, key, {
+    __proto__: null,
+    configurable: true,
+    enumerable: true,
+    writable: true,
+    value: value,
+  });
+}
+
+/**
  * Takes a private class implementation |privateClass| and exposes a subset of
  * its methods |functions| and properties |properties| and |readonly| to a
  * public wrapper class that should be passed in. Within bindings code, you can
  * access the implementation from an instance of the wrapper class using
  * privates(instance).impl, and from the implementation class you can access
  * the wrapper using this.wrapper (or implInstance.wrapper if you have another
  * instance of the implementation class).
  *
  * |publicClass| should be a constructor that calls constructPrivate() like so:
  *
  *     privates(publicClass).constructPrivate(this, arguments);
  *
  * @param {function} publicClass The publicly exposed wrapper class. This must
  *     be a named function, and the name appears in stack traces.
  * @param {Object} privateClass The class implementation.
  * @param {{superclass: ?Function,
  *          functions: ?Array<string>,
  *          properties: ?Array<string>,
  *          readonly: ?Array<string>}} exposed The names of properties on the
  *     implementation class to be exposed. |superclass| represents the
  *     constructor of the class to be used as the superclass of the exposed
  *     class; |functions| represents the names of functions which should be
  *     delegated to the implementation; |properties| are gettable/settable
  *     properties and |readonly| are read-only properties.
  */
 function expose(publicClass, privateClass, exposed) {
-  // TODO(robwu): Fix callers and uncomment this assertion.
-  // DCHECK(!(privateClass instanceof $Object.self));
+  DCHECK(!(privateClass.prototype instanceof $Object.self));
 
   $Object.setPrototypeOf(exposed, null);
 
   // This should be called by publicClass.
   privates(publicClass).constructPrivate = function(self, args) {
     if (!(self instanceof publicClass)) {
       throw new Error('Please use "new ' + publicClass.name + '"');
     }
     // The "instanceof publicClass" check can easily be spoofed, so we check
     // whether the private impl is already set before continuing.
@@ skipping 106 matching lines @@
       else
         resolve($Array.slice(arguments));
     });
     $Function.apply(func, null, args);
   });
 }
 
 exports.$set('forEach', forEach);
 exports.$set('loadTypeSchema', loadTypeSchema);
 exports.$set('lookup', lookup);
+exports.$set('defineProperty', defineProperty);
 exports.$set('expose', expose);
 exports.$set('deepCopy', deepCopy);
 exports.$set('promise', promise);