-
barraclough@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=97529 Reviewed by Filip Pizlo. A recent patch changed JSC's EvalError behaviour; bring this more into line with other browsers. Source/JavaScriptCore: JSC currently throws an EvalError if you try to call eval with a this object that doesn't match the given eval function. This does not match other browsers, which generally just ignore the this value that was passed, and eval the string in the eval function's environment. * runtime/JSGlobalObjectFunctions.cpp: (JSC::globalFuncEval): - Remove EvalError, ignore passed this value. LayoutTests: * fast/js/eval-cross-window-expected.txt: * fast/js/eval-cross-window.html: - Changed not to expect EvalErrors (this matches other browsers), and modified testThis to check that the this object is always set to the global object. * http/tests/security/resources/xss-eval2.html: * http/tests/security/resources/xss-eval3.html: * http/tests/security/xss-eval-expected.txt: * http/tests/security/xss-eval.html: - Updated. Access via the global environment is not a security risk, since the eval is accessing it's own document's informantion. Access via the shell attempts to access the navigated pages document, tripping an access check & throwing a TypeError. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129592 268f45cc-cd09-0410-ab3c-d52691b4dbfc
b364bcbe