Intersection with ShadowRealm API proposal #19
Comments
Lubrsi
added a commit
to Lubrsi/ladybird
that referenced
this issue
Dec 3, 2024
This is an active proposal at stage 3 of the TC39 proposal process. See: https://tc39.es/proposal-dynamic-code-brand-checks/ See: https://github.com/tc39/proposal-dynamic-code-brand-checks This proposal essentially adds support for the TrustedScript type from the Trusted Types specification to eval and Function. This in turn pipes support for the type into the CSP hook to check if the CSP allows dynamic code compilation. However, it currently doesn't support ShadowRealms, so the implementation here is a close approximation, using PerformEval as the basis. See: tc39/proposal-dynamic-code-brand-checks#19 This is required to support the new function signature for the CSP hook, and will allow us to slot in Trusted Types support in the future.
Lubrsi
added a commit
to Lubrsi/ladybird
that referenced
this issue
Dec 4, 2024
This is an active proposal at stage 3 of the TC39 proposal process. See: https://tc39.es/proposal-dynamic-code-brand-checks/ See: https://github.com/tc39/proposal-dynamic-code-brand-checks This proposal essentially adds support for the TrustedScript type from the Trusted Types specification to eval and Function. This in turn pipes support for the type into the CSP hook to check if the CSP allows dynamic code compilation. However, it currently doesn't support ShadowRealms, so the implementation here is a close approximation, using PerformEval as the basis. See: tc39/proposal-dynamic-code-brand-checks#19 This is required to support the new function signature for the CSP hook, and will allow us to slot in Trusted Types support in the future.
Lubrsi
added a commit
to Lubrsi/ladybird
that referenced
this issue
Dec 6, 2024
This is an active proposal at stage 3 of the TC39 proposal process. See: https://tc39.es/proposal-dynamic-code-brand-checks/ See: https://github.com/tc39/proposal-dynamic-code-brand-checks This proposal essentially adds support for the TrustedScript type from the Trusted Types specification to eval and Function. This in turn pipes support for the type into the CSP hook to check if the CSP allows dynamic code compilation. However, it currently doesn't support ShadowRealms, so the implementation here is a close approximation, using PerformEval as the basis. See: tc39/proposal-dynamic-code-brand-checks#19 This is required to support the new function signature for the CSP hook, and will allow us to slot in Trusted Types support in the future.
Lubrsi
added a commit
to Lubrsi/ladybird
that referenced
this issue
Dec 6, 2024
This is an active proposal at stage 3 of the TC39 proposal process. See: https://tc39.es/proposal-dynamic-code-brand-checks/ See: https://github.com/tc39/proposal-dynamic-code-brand-checks This proposal essentially adds support for the TrustedScript type from the Trusted Types specification to eval and Function. This in turn pipes support for the type into the CSP hook to check if the CSP allows dynamic code compilation. However, it currently doesn't support ShadowRealms, so the implementation here is a close approximation, using PerformEval as the basis. See: tc39/proposal-dynamic-code-brand-checks#19 This is required to support the new function signature for the CSP hook, and will allow us to slot in Trusted Types support in the future.
Lubrsi
added a commit
to Lubrsi/ladybird
that referenced
this issue
Dec 9, 2024
This is an active proposal at stage 3 of the TC39 proposal process. See: https://tc39.es/proposal-dynamic-code-brand-checks/ See: https://github.com/tc39/proposal-dynamic-code-brand-checks This proposal essentially adds support for the TrustedScript type from the Trusted Types specification to eval and Function. This in turn pipes support for the type into the CSP hook to check if the CSP allows dynamic code compilation. However, it currently doesn't support ShadowRealms, so the implementation here is a close approximation, using PerformEval as the basis. See: tc39/proposal-dynamic-code-brand-checks#19 This is required to support the new function signature for the CSP hook, and will allow us to slot in Trusted Types support in the future.
Lubrsi
added a commit
to Lubrsi/ladybird
that referenced
this issue
Dec 10, 2024
This is an active proposal at stage 3 of the TC39 proposal process. See: https://tc39.es/proposal-dynamic-code-brand-checks/ See: https://github.com/tc39/proposal-dynamic-code-brand-checks This proposal essentially adds support for the TrustedScript type from the Trusted Types specification to eval and Function. This in turn pipes support for the type into the CSP hook to check if the CSP allows dynamic code compilation. However, it currently doesn't support ShadowRealms, so the implementation here is a close approximation, using PerformEval as the basis. See: tc39/proposal-dynamic-code-brand-checks#19 This is required to support the new function signature for the CSP hook, and will allow us to slot in Trusted Types support in the future.
Lubrsi
added a commit
to Lubrsi/ladybird
that referenced
this issue
Dec 10, 2024
This is an active proposal at stage 3 of the TC39 proposal process. See: https://tc39.es/proposal-dynamic-code-brand-checks/ See: https://github.com/tc39/proposal-dynamic-code-brand-checks This proposal essentially adds support for the TrustedScript type from the Trusted Types specification to eval and Function. This in turn pipes support for the type into the CSP hook to check if the CSP allows dynamic code compilation. However, it currently doesn't support ShadowRealms, so the implementation here is a close approximation, using PerformEval as the basis. See: tc39/proposal-dynamic-code-brand-checks#19 This is required to support the new function signature for the CSP hook, and will allow us to slot in Trusted Types support in the future.
Lubrsi
added a commit
to Lubrsi/ladybird
that referenced
this issue
Dec 10, 2024
This is an active proposal at stage 3 of the TC39 proposal process. See: https://tc39.es/proposal-dynamic-code-brand-checks/ See: https://github.com/tc39/proposal-dynamic-code-brand-checks This proposal essentially adds support for the TrustedScript type from the Trusted Types specification to eval and Function. This in turn pipes support for the type into the CSP hook to check if the CSP allows dynamic code compilation. However, it currently doesn't support ShadowRealms, so the implementation here is a close approximation, using PerformEval as the basis. See: tc39/proposal-dynamic-code-brand-checks#19 This is required to support the new function signature for the CSP hook, and will allow us to slot in Trusted Types support in the future.
Lubrsi
added a commit
to Lubrsi/ladybird
that referenced
this issue
Dec 10, 2024
This is an active proposal at stage 3 of the TC39 proposal process. See: https://tc39.es/proposal-dynamic-code-brand-checks/ See: https://github.com/tc39/proposal-dynamic-code-brand-checks This proposal essentially adds support for the TrustedScript type from the Trusted Types specification to eval and Function. This in turn pipes support for the type into the CSP hook to check if the CSP allows dynamic code compilation. However, it currently doesn't support ShadowRealms, so the implementation here is a close approximation, using PerformEval as the basis. See: tc39/proposal-dynamic-code-brand-checks#19 This is required to support the new function signature for the CSP hook, and will allow us to slot in Trusted Types support in the future.
Lubrsi
added a commit
to Lubrsi/ladybird
that referenced
this issue
Dec 10, 2024
This is an active proposal at stage 3 of the TC39 proposal process. See: https://tc39.es/proposal-dynamic-code-brand-checks/ See: https://github.com/tc39/proposal-dynamic-code-brand-checks This proposal essentially adds support for the TrustedScript type from the Trusted Types specification to eval and Function. This in turn pipes support for the type into the CSP hook to check if the CSP allows dynamic code compilation. However, it currently doesn't support ShadowRealms, so the implementation here is a close approximation, using PerformEval as the basis. See: tc39/proposal-dynamic-code-brand-checks#19 This is required to support the new function signature for the CSP hook, and will allow us to slot in Trusted Types support in the future.
Lubrsi
added a commit
to Lubrsi/ladybird
that referenced
this issue
Dec 11, 2024
This is an active proposal at stage 3 of the TC39 proposal process. See: https://tc39.es/proposal-dynamic-code-brand-checks/ See: https://github.com/tc39/proposal-dynamic-code-brand-checks This proposal essentially adds support for the TrustedScript type from the Trusted Types specification to eval and Function. This in turn pipes support for the type into the CSP hook to check if the CSP allows dynamic code compilation. However, it currently doesn't support ShadowRealms, so the implementation here is a close approximation, using PerformEval as the basis. See: tc39/proposal-dynamic-code-brand-checks#19 This is required to support the new function signature for the CSP hook, and will allow us to slot in Trusted Types support in the future.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There is a
PerformShadowRealmEvaloperation defined here:https://tc39.es/proposal-shadowrealm/#sec-performshadowrealmeval
At minimum, the
HostEnsureCanCompileStringscall will need to be tweaked to pass the new parameters defined in the Dynamic Code Brand Checks spec.We might also want
PerformShadowRealmEvalto acceptsourceTextas Object and try to convert them to String usingHostGetCodeForEval, but I'm not sure.cc @koto
The text was updated successfully, but these errors were encountered: