• barraclough@apple.com's avatar
    Object.isSealed / Object.isFrozen don't work for native objects · 4e34894f
    barraclough@apple.com authored
    https://bugs.webkit.org/show_bug.cgi?id=79331
    
    Reviewed by Sam Weinig.
    
    Need to inspect all properties, including static ones.
    This exposes a couple of bugs in Array & Arguments:
        - getOwnPropertyDescriptor doesn't correctly report the writable attribute of array length.
        - Arguments object's defineOwnProperty does not handle callee/caller/length correctly.
    
    Source/JavaScriptCore: 
    
    * runtime/Arguments.cpp:
    (JSC::Arguments::defineOwnProperty):
        - Add handling for callee/caller/length.
    * runtime/JSArray.cpp:
    (JSC::JSArray::getOwnPropertyDescriptor):
        - report length's writability correctly.
    * runtime/ObjectConstructor.cpp:
    (JSC::objectConstructorSeal):
    (JSC::objectConstructorFreeze):
    (JSC::objectConstructorIsSealed):
    (JSC::objectConstructorIsFrozen):
        - Add spec-based implementation for non-final objects.
    
    LayoutTests: 
    
    * fast/js/preventExtensions-expected.txt:
    * fast/js/script-tests/preventExtensions.js:
        - Added tests.
    
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@108651 268f45cc-cd09-0410-ab3c-d52691b4dbfc
    4e34894f
JSArray.cpp 72.1 KB