f510c66b96
evaluate() bypassed CSP for unsafe-eval by default. This is a useful option for debugging clients, but is not always what we want. e.g. in the devtools console we want to match the page's CSP settings to make debugging CSP issues on the page easier. Add a toggle that keeps the current behavior by default. Bug: chromium:1084558 Change-Id: Ia01142d5be00f8ef5f65e5eeba17549efc6f9120 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2250245 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#68432}
67 lines
2.7 KiB
JavaScript
67 lines
2.7 KiB
JavaScript
// Copyright 2018 the V8 project authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
let {session, contextGroup, Protocol} = InspectorTest.start(
|
|
'Tests that evaluation works when code generation from strings is not allowed.');
|
|
|
|
Protocol.Debugger.enable();
|
|
Protocol.Runtime.enable();
|
|
|
|
InspectorTest.runAsyncTestSuite([
|
|
async function testEvaluateNotPaused() {
|
|
contextGroup.addScript(`inspector.setAllowCodeGenerationFromStrings(false);
|
|
var global1 = 'Global1';`);
|
|
await Protocol.Debugger.onceScriptParsed();
|
|
InspectorTest.logMessage(
|
|
await Protocol.Runtime.evaluate({expression: 'global1'}));
|
|
},
|
|
|
|
async function testEvaluatePaused() {
|
|
contextGroup.addScript(`inspector.setAllowCodeGenerationFromStrings(false);
|
|
var global2 = 'Global2';
|
|
function foo(x) {
|
|
var local = 'Local';
|
|
debugger;
|
|
return local + x;
|
|
}
|
|
foo();`);
|
|
let {params: {callFrames: [{callFrameId}]}} =
|
|
await Protocol.Debugger.oncePaused();
|
|
|
|
InspectorTest.logMessage(
|
|
await Protocol.Runtime.evaluate({expression: 'global2'}));
|
|
InspectorTest.logMessage(await Protocol.Debugger.evaluateOnCallFrame(
|
|
{callFrameId, expression: 'local'}));
|
|
await Protocol.Debugger.resume();
|
|
},
|
|
|
|
async function testEvaluateUnsafeEval() {
|
|
contextGroup.addScript(`inspector.setAllowCodeGenerationFromStrings(false);`);
|
|
await Protocol.Debugger.onceScriptParsed();
|
|
InspectorTest.logMessage(
|
|
await Protocol.Runtime.evaluate({expression: 'eval("1+1")'}));
|
|
InspectorTest.logMessage(
|
|
await Protocol.Runtime.evaluate({expression: 'new Function("return 1+1")()'}));
|
|
},
|
|
|
|
async function testEvaluateUnsafeEvalDisableBypass() {
|
|
contextGroup.addScript(`inspector.setAllowCodeGenerationFromStrings(false);`);
|
|
await Protocol.Debugger.onceScriptParsed();
|
|
InspectorTest.logMessage(
|
|
await Protocol.Runtime.evaluate({expression: 'eval("1+1")', allowUnsafeEvalBlockedByCSP: false}));
|
|
InspectorTest.logMessage(
|
|
await Protocol.Runtime.evaluate({expression: 'new Function("return 1+1")()', allowUnsafeEvalBlockedByCSP: false}));
|
|
},
|
|
|
|
async function testCallFunctionOn() {
|
|
await contextGroup.addScript(`inspector.setAllowCodeGenerationFromStrings(false);`);
|
|
const globalObject = await Protocol.Runtime.evaluate({expression: 'this'});
|
|
const objectId = globalObject.result.result.objectId;
|
|
InspectorTest.logMessage(await Protocol.Runtime.callFunctionOn({objectId, functionDeclaration: 'function() { return eval("1 + 2"); }'}));
|
|
|
|
await contextGroup.addScript(`this.value = eval("1 + 2");`);
|
|
InspectorTest.logMessage(await Protocol.Runtime.evaluate({expression: 'this.value'}));
|
|
}
|
|
]);
|