diff options
| author | Luke Wilde <lukew@serenityos.org> | 2023-02-28 01:08:49 +0000 |
|---|---|---|
| committer | Sam Atkins <atkinssj@gmail.com> | 2023-02-28 08:45:23 +0000 |
| commit | 1c918e826c337bb46277cb224e29107ce576eeab (patch) | |
| tree | cf8266556ff5cb051acba34d8cfa83fbe9c8cc9a /Userland | |
| parent | f3d1be933aca149e33a1be143a2b13bf2a6501b7 (diff) | |
| download | serenity-1c918e826c337bb46277cb224e29107ce576eeab.zip | |
LibWeb: Define navigator/clientInformation with define_native_accessor
Defining it as a direct property causes it to have no getter/setter
function, which causes an empty Optional crash when attempting to
access such getter on a cross-origin iframe.
Fixes amazon.com crashing on this particular crash.
Diffstat (limited to 'Userland')
| -rw-r--r-- | Userland/Libraries/LibWeb/HTML/Window.cpp | 10 | ||||
| -rw-r--r-- | Userland/Libraries/LibWeb/HTML/Window.h | 2 |
2 files changed, 10 insertions, 2 deletions
diff --git a/Userland/Libraries/LibWeb/HTML/Window.cpp b/Userland/Libraries/LibWeb/HTML/Window.cpp index b21314182e..b6634d508f 100644 --- a/Userland/Libraries/LibWeb/HTML/Window.cpp +++ b/Userland/Libraries/LibWeb/HTML/Window.cpp @@ -1146,8 +1146,8 @@ void Window::initialize_web_interfaces(Badge<WindowEnvironmentSettingsObject>) m_location = heap().allocate<HTML::Location>(realm, realm).release_allocated_value_but_fixme_should_propagate_errors(); m_navigator = heap().allocate<HTML::Navigator>(realm, realm).release_allocated_value_but_fixme_should_propagate_errors(); - define_direct_property("navigator", m_navigator, JS::Attribute::Enumerable | JS::Attribute::Configurable); - define_direct_property("clientInformation", m_navigator, JS::Attribute::Enumerable | JS::Attribute::Configurable); + define_native_accessor(realm, "navigator", navigator_getter, {}, JS::Attribute::Enumerable | JS::Attribute::Configurable); + define_native_accessor(realm, "clientInformation", navigator_getter, {}, JS::Attribute::Enumerable | JS::Attribute::Configurable); // NOTE: location is marked as [LegacyUnforgeable], meaning it isn't configurable. define_native_accessor(realm, "location", location_getter, location_setter, JS::Attribute::Enumerable); @@ -1898,6 +1898,12 @@ JS_DEFINE_NATIVE_FUNCTION(Window::name_setter) return JS::js_undefined(); } +JS_DEFINE_NATIVE_FUNCTION(Window::navigator_getter) +{ + auto* impl = TRY(impl_from(vm)); + return impl->m_navigator; +} + #define __ENUMERATE(attribute, event_name) \ JS_DEFINE_NATIVE_FUNCTION(Window::attribute##_getter) \ { \ diff --git a/Userland/Libraries/LibWeb/HTML/Window.h b/Userland/Libraries/LibWeb/HTML/Window.h index 7e2c69a034..9a1d8c85da 100644 --- a/Userland/Libraries/LibWeb/HTML/Window.h +++ b/Userland/Libraries/LibWeb/HTML/Window.h @@ -275,6 +275,8 @@ private: JS_DECLARE_NATIVE_FUNCTION(crypto_getter); + JS_DECLARE_NATIVE_FUNCTION(navigator_getter); + #define __ENUMERATE(attribute, event_name) \ JS_DECLARE_NATIVE_FUNCTION(attribute##_getter); \ JS_DECLARE_NATIVE_FUNCTION(attribute##_setter); |