Skip to content

Commit

Permalink
Update EnsureCSPDoesNotBlockStringCompilation to match updated HostEn…
Browse files Browse the repository at this point in the history 
…sureCanCompileStrings definition
  • Loading branch information
@lukewarlow
lukewarlow committed Jun 13, 2024
1 parent 8fe5fe8 commit 15443fe
Showing 1 changed file with 7 additions and 6 deletions.
13 changes: 7 additions & 6 deletions index.bs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,8 @@ spec:html
text: style
type: element-attr
text: ping
type:interface
text:SharedWorker
spec:fetch
type: dfn
text: main fetch
Expand Down Expand Up @@ -1442,10 +1444,11 @@ spec: WebRTC; urlPrefix: https://www.w3.org/TR/webrtc/
to determine whether such compilation ought to be blocked.

<h4 id="can-compile-strings" algorithm dfn export>
EnsureCSPDoesNotBlockStringCompilation(|realm|, |source|)
EnsureCSPDoesNotBlockStringCompilation(|realm|, |parameterStrings|, |bodyString|, |codeString|, |compilationType|, |parameterArgs|, |bodyArg|)
</h4>

Given a <a>realm</a> |realm| and a string |source|, this algorithm
Given a <a>realm</a> |realm|, a list of strings |parameterStrings|, a string |bodyString|, a string |codeString|, an enum (|compilationType|),
a list of ECMAScript language values (|parameterArgs|), and an ECMAScript language value (|bodyArg|), this algorithm
returns normally if string compilation is allowed, and throws an "`EvalError`"
if not:

Expand Down Expand Up @@ -1474,7 +1477,7 @@ spec: WebRTC; urlPrefix: https://www.w3.org/TR/webrtc/

3. If |source-list| [=list/contains=] the expression
"<a grammar>`'report-sample'`</a>", then set |violation|'s [=violation/sample=] to
the substring of |source| containing its first 40 characters.
the substring of |codeString| containing its first 40 characters.

4. Execute [[#report-violation]] on |violation|.

Expand All @@ -1483,9 +1486,7 @@ spec: WebRTC; urlPrefix: https://www.w3.org/TR/webrtc/

4. If |result| is "`Blocked`", throw an `EvalError` exception.

ISSUE(tc39/ecma262#938): {{HostEnsureCanCompileStrings()}} does not include the string which is
going to be compiled as a parameter. We'll also need to update HTML to pipe that value through
to CSP.
Note: |parameterStrings|, |bodyString|, |compilationType|, |parameterArgs|, and |bodyArg| are currently unused. They are included for future use.

<h3 id="wasm-integration">Integration with WebAssembly</h3>

Expand Down

0 comments on commit 15443fe

Please sign in to comment.