-
Notifications
You must be signed in to change notification settings - Fork 2k
Expand file tree
/
Copy pathtst.js
More file actions
54 lines (43 loc) · 1.37 KB
/
tst.js
File metadata and controls
54 lines (43 loc) · 1.37 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
(function() {
let obj = {
foo() {}
};
window.addEventListener('message', (ev) => { // $ Source
let name = JSON.parse(ev.data).name;
obj[ev.data](); // $ Alert - might not be a function
obj[name](); // $ Alert - might not be a function
try {
obj[name](); // OK - exception is caught
} catch(e) {}
let fn = obj[name];
fn(); // $ Alert - might not be a function
if (typeof fn == 'function') {
fn(); // $ Alert - might be `valueOf`
obj[name](); // $ Alert - might be `__defineSetter__`
new fn(); // $ Alert - might be `valueOf` or `toString`
}
if (obj[name])
obj[name](); // $ Alert
if (typeof obj[name] === 'function')
obj[name](); // $ Alert
if (obj.hasOwnProperty(name)) {
obj[name](); // $ MISSING: Alert
}
let key = "$" + name;
obj[key](); // $ Alert
if (typeof obj[key] === 'function')
obj[key](); // $ SPURIOUS: Alert
if (typeof fn === 'function') {
fn.apply(obj);
}
});
let obj2 = Object.create(null);
obj2.foo = function() {};
window.addEventListener('message', (ev) => { // $ Source
let name = JSON.parse(ev.data).name;
let fn = obj2[name];
fn(); // $ Alert - might not be a function
if (typeof fn == 'function')
fn(); // OK - cannot be from prototype
});
})();