FlowSafe: Difference between revisions

83 bytes added ,  31 October 2009
Line 18: Line 18:


# Add <code>JSTrustLabel</code> to the JS API, a union of <code>JSPrincipals</code> (trust labels replace principals)
# Add <code>JSTrustLabel</code> to the JS API, a union of <code>JSPrincipals</code> (trust labels replace principals)
# Have [https://developer.mozilla.org/En/SpiderMonkey/Internals/Property_cache#Shape shapes] imply trust labels so that distinct origins get different shapes for standard objects, equivalent property list patterns, etc.
# Extend <code>JSExtendedClass</code> to delegate <code>typeof</code> so we can build <code>LabeledPrimitiveValue</code> wrappers for primitives
## Also need to rebox results of all primitive operators, e.g. <code>-x</code> for <code>x = new LabeledPrimitiveValue(42)</code> should be a <code>LabeledPrimitiveValue</code> instance, not the number <code>-42</code>
# <code>JSScript</code> has a <code>JSTrustLabel</code>
# <code>JSScript</code> has a <code>JSTrustLabel</code>
# Interpreter <code>pc</code> has a <code>JSTrustLabel</code>
# Interpreter <code>pc</code> has a <code>JSTrustLabel</code>
# Variable objects (even those optimized away) have a <code>JSTrustLabel</code>
# Extend <code>JSExtendedClass</code> to delegate <code>typeof</code> so we can build <code>LabeledValue</code> wrappers for primitives
## Also need to rebox results of all primitive operators, e.g. <code>-x</code> for <code>x = new LabeledValue(42)</code> should be a <code>LabeledValue</code> instance, not the number <code>-42</code>
# Have [https://developer.mozilla.org/En/SpiderMonkey/Internals/Property_cache#Shape shapes] imply trust labels so that distinct origins get different shapes for standard objects, equivalent property list patterns, etc.
## So objects have trust labels because objects have shapes
## Beware shapeless objects
## Cormac's semantics requires labeled references too, another use-case for <code>LabeledValue</code>
# Add policy JS API that allows custom assignment, control flow branching, and input/output policy decision points -- does this mean SSA in one pass?
# Add policy JS API that allows custom assignment, control flow branching, and input/output policy decision points -- does this mean SSA in one pass?
# Add shell functions for testing and write tests
# Add shell functions for testing and write tests
Confirmed users, Bureaucrats and Sysops emeriti
419

edits