fix: strict type check for cross realms (#21669)

Deno v1.39 introduces `vm.runInNewContext`. This may cause problems when using `Object.prototype.isPrototypeOf` to check built-in types. ```js import vm from "node:vm"; const err = new Error(); const crossErr = vm.runInNewContext(`new Error()`); console.assert( !(crossErr instanceof Error) ); console.assert( Object.getPrototypeOf(err) !== Object.getPrototypeOf(crossErr) ); ``` This PR changes to check using internal slots solves them. --- current: ``` > import vm from "node:vm"; undefined > vm.runInNewContext(`new Error("message")`) Error {} > vm.runInNewContext(`new Date("2018-12-10T02:26:59.002Z")`) Date {} ``` this PR: ``` > import vm from "node:vm"; undefined > vm.runInNewContext(`new Error("message")`) Error: message at <anonymous>:1:1 > vm.runInNewContext(`new Date("2018-12-10T02:26:59.002Z")`) 2018-12-10T02:26:59.002Z ``` --------- Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
author: Kenta Moriuchi <moriken@kimamass.com> 2024-01-04 13:12:38 +0900
committer: GitHub <noreply@github.com> 2024-01-04 09:42:38 +0530
commit: b2cd254c35b6b1b128beea0eacdb8e814d91e003 (patch)
tree: d55fa5910e32d8a664aff5b680e07debea93181e /ext/http/01_http.js
parent: 48556748577ba46db5f9212d14a0fcaa90d632f6 (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/ext/http/01_http.js b/ext/http/01_http.js
index c873889b7..64951ee0f 100644
--- a/ext/http/01_http.js
+++ b/ext/http/01_http.js
@@ -60,8 +60,8 @@ const {
   Symbol,
   SymbolAsyncIterator,
   TypeError,
+  TypedArrayPrototypeGetSymbolToStringTag,
   Uint8Array,
-  Uint8ArrayPrototype,
 } = primordials;
 const {
   op_http_accept,
@@ -272,7 +272,7 @@ function createRespondWith(
       }
       const isStreamingResponseBody = !(
         typeof respBody === "string" ||
-        ObjectPrototypeIsPrototypeOf(Uint8ArrayPrototype, respBody)
+        TypedArrayPrototypeGetSymbolToStringTag(respBody) === "Uint8Array"
       );
       try {
         await op_http_write_headers(
@@ -339,7 +339,9 @@ function createRespondWith(
           while (true) {
             const { value, done } = await reader.read();
             if (done) break;
-            if (!ObjectPrototypeIsPrototypeOf(Uint8ArrayPrototype, value)) {
+            if (
+              TypedArrayPrototypeGetSymbolToStringTag(value) !== "Uint8Array"
+            ) {
               await reader.cancel(new TypeError("Value not a Uint8Array"));
               break;
             }
author	Kenta Moriuchi <moriken@kimamass.com>	2024-01-04 13:12:38 +0900
committer	GitHub <noreply@github.com>	2024-01-04 09:42:38 +0530
commit	b2cd254c35b6b1b128beea0eacdb8e814d91e003 (patch)
tree	d55fa5910e32d8a664aff5b680e07debea93181e /ext/http/01_http.js
parent	48556748577ba46db5f9212d14a0fcaa90d632f6 (diff)