Comments (3)
@Jack-Works I believe what you're asking here is a use-cases solved by https://github.com/caridy/secure-javascript-environment, which is an abstraction on top of realms-shim. In the examples, you there are two explicit example show casing how expandos are handled, and how polyfilling (changing the protochain of a provided DOM api), without affecting the outer realm.
Now, the ambiguity of your example comes from the first line (HTMLElement.prototype.a = 1
), which is executed in the outer realm, there are 3 main things to keep in mind/discuss:
- outer realm should be prepared (usually referenced as polyfilling the outer realm), in case it is broken for the realms-shim point of view.
- how do you know that
HTMLElement.prototype.a = 1
is not part of that preparation? - usually, the outer realm is protected, and mutations on it should be safe if all untrusted code is executed inside a sandbox.
from realms-shim.
In our use case, the outer realm is untrusted and code run in the sandbox is trusted. We need it to run in the sandbox to avoid secret information leak out to the dangerous outer realm.
We're loading our WebExtension polyfill by WKWebkit and we can ensure we can run our code before any other dangerous code runs. So when we're preparing the execution environment of WebExtension, the globalThis is clean, not modified by anyone.
from realms-shim.
So execution order of our code is:
-> Webview onCommitted. The JS environment is just created. No code has run.
-> Inject WebExtension polyfill, prepare the environment. At this point, the JS environment is clean. WebExtension polyfill will copy everything on the globalThis for future use.
-> Webpage loaded, run its own code. JS environment is polluted. (HTMLElement.prototype.a = 1
)
-> Codes now loaded in WebExtension, with a clean environment preserved in step 1. (HTMLElement.prototype.b = 2
)
-> Now both outside code and inside code are ready.
Expected outside code cannot access HTMLElement.prototype.b
because it's secret info.
Expected inside code cannot access HTMLElement.prototype.a
because it may be dangerous.
from realms-shim.
Related Issues (20)
- make new release
- Match the new Realms proposal API
- Need to shut down or transfer this shim project HOT 1
- Give an option to close rejectDangerousSourcesTransform HOT 1
- Realm is not a constructor HOT 1
- SyntaxError: possible html comment syntax rejected around line 1
- Any signal about supporting ESModules? HOT 22
- Breakout via RangeError: Maximum call stack size exceeded HOT 3
- sandbox breach: host objects, evaluator mode switch, Reflect.construct HOT 14
- Function.prototype.constructor is tamed in the host HOT 7
- The minified build is broken HOT 1
- Errors in realm is hard to debug HOT 2
- Rename option `sloppyGlobals` as `sloppyGlobalsMode`
- sandbox breach: rewrite transforms HOT 5
- Add `globalThis` as the global object in the Realms
- sandbox breach: symbol.Unscopables HOT 1
- transforms rely upon Array-ness of user-supplied argument HOT 1
- transforms rely upon user-provided "string", can capture wrong-realm RegExp HOT 1
- Realms Issue #202: Publish Realms Shim on NPM HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from realms-shim.