fix(runtime): use more null proto objects (#23921)

This is a primordialization effort to improve resistance against users
tampering with the global `Object` prototype.

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>

6 files changed, 20 insertions, 20 deletions

diff --git a/ext/web/02_event.js b/ext/web/02_event.js
index bb7dea42c..510085aac 100644
--- a/ext/web/02_event.js
+++ b/ext/web/02_event.js
@@ -123,7 +123,7 @@ const _isTrusted = Symbol("[[isTrusted]]");
 const _path = Symbol("[[path]]");
 
 class Event {
-  constructor(type, eventInitDict = {}) {
+  constructor(type, eventInitDict = { __proto__: null }) {
     // TODO(lucacasonato): remove when this interface is spec aligned
     this[SymbolToStringTag] = "Event";
     this[_canceledFlag] = false;
@@ -1095,7 +1095,7 @@ class ErrorEvent extends Event {
       lineno = 0,
       colno = 0,
       error,
-    } = {},
+    } = { __proto__: null },
   ) {
     super(type, {
       bubbles: bubbles,
@@ -1164,7 +1164,7 @@ class CloseEvent extends Event {
     wasClean = false,
     code = 0,
     reason = "",
-  } = {}) {
+  } = { __proto__: null }) {
     super(type, {
       bubbles: bubbles,
       cancelable: cancelable,
@@ -1238,7 +1238,7 @@ const MessageEventPrototype = MessageEvent.prototype;
 class CustomEvent extends Event {
   #detail = null;
 
-  constructor(type, eventInitDict = {}) {
+  constructor(type, eventInitDict = { __proto__: null }) {
     super(type, eventInitDict);
     webidl.requiredArguments(
       arguments.length,
@@ -1280,7 +1280,7 @@ ReflectDefineProperty(CustomEvent.prototype, "detail", {
 // ProgressEvent could also be used in other DOM progress event emits.
 // Current use is for FileReader.
 class ProgressEvent extends Event {
-  constructor(type, eventInitDict = {}) {
+  constructor(type, eventInitDict = { __proto__: null }) {
     super(type, eventInitDict);
 
     this.lengthComputable = eventInitDict?.lengthComputable ?? false;
@@ -1329,7 +1329,7 @@ class PromiseRejectionEvent extends Event {
       composed,
       promise,
       reason,
-    } = {},
+    } = { __proto__: null },
   ) {
     super(type, {
       bubbles: bubbles,
diff --git a/ext/web/06_streams.js b/ext/web/06_streams.js
index 9c2a05980..e01ece6c8 100644
--- a/ext/web/06_streams.js
+++ b/ext/web/06_streams.js
@@ -5274,7 +5274,7 @@ class ReadableStream {
         "Argument 1",
       );
     } else {
-      options = {};
+      options = { __proto__: null };
     }
     if (options.mode === undefined) {
       return acquireReadableStreamDefaultReader(this);
@@ -5290,7 +5290,7 @@ class ReadableStream {
    * @param {PipeOptions=} options
    * @returns {ReadableStream<T>}
    */
-  pipeThrough(transform, options = {}) {
+  pipeThrough(transform, options = { __proto__: null }) {
     webidl.assertBranded(this, ReadableStreamPrototype);
     const prefix = "Failed to execute 'pipeThrough' on 'ReadableStream'";
     webidl.requiredArguments(arguments.length, 1, prefix);
@@ -5329,7 +5329,7 @@ class ReadableStream {
    * @param {PipeOptions=} options
    * @returns {Promise<void>}
    */
-  pipeTo(destination, options = {}) {
+  pipeTo(destination, options = { __proto__: null }) {
     try {
       webidl.assertBranded(this, ReadableStreamPrototype);
       const prefix = "Failed to execute 'pipeTo' on 'ReadableStream'";
@@ -5567,7 +5567,7 @@ class ReadableStreamBYOBReader {
    * @param {ReadableStreamBYOBReaderReadOptions} options
    *  @returns {Promise<ReadableStreamBYOBReadResult>}
    */
-  read(view, options = {}) {
+  read(view, options = { __proto__: null }) {
     try {
       webidl.assertBranded(this, ReadableStreamBYOBReaderPrototype);
       const prefix = "Failed to execute 'read' on 'ReadableStreamBYOBReader'";
@@ -6151,8 +6151,8 @@ class TransformStream {
    */
   constructor(
     transformer = undefined,
-    writableStrategy = {},
-    readableStrategy = {},
+    writableStrategy = { __proto__: null },
+    readableStrategy = { __proto__: null },
   ) {
     const prefix = "Failed to construct 'TransformStream'";
     if (transformer !== undefined) {
diff --git a/ext/web/08_text_encoding.js b/ext/web/08_text_encoding.js
index 1b777d91b..9920a81f8 100644
--- a/ext/web/08_text_encoding.js
+++ b/ext/web/08_text_encoding.js
@@ -63,7 +63,7 @@ class TextDecoder {
    * @param {string} label
    * @param {TextDecoderOptions} options
    */
-  constructor(label = "utf-8", options = {}) {
+  constructor(label = "utf-8", options = { __proto__: null }) {
     const prefix = "Failed to construct 'TextDecoder'";
     label = webidl.converters.DOMString(label, prefix, "Argument 1");
     options = webidl.converters.TextDecoderOptions(
@@ -288,7 +288,7 @@ class TextDecoderStream {
    * @param {string} label
    * @param {TextDecoderOptions} options
    */
-  constructor(label = "utf-8", options = {}) {
+  constructor(label = "utf-8", options = { __proto__: null }) {
     const prefix = "Failed to construct 'TextDecoderStream'";
     label = webidl.converters.DOMString(label, prefix, "Argument 1");
     options = webidl.converters.TextDecoderOptions(
diff --git a/ext/web/09_file.js b/ext/web/09_file.js
index b98784b94..482a14012 100644
--- a/ext/web/09_file.js
+++ b/ext/web/09_file.js
@@ -223,7 +223,7 @@ class Blob {
    * @param {BlobPart[]} blobParts
    * @param {BlobPropertyBag} options
    */
-  constructor(blobParts = [], options = {}) {
+  constructor(blobParts = [], options = { __proto__: null }) {
     const prefix = "Failed to construct 'Blob'";
     blobParts = webidl.converters["sequence<BlobPart>"](
       blobParts,
@@ -500,7 +500,7 @@ class File extends Blob {
    * @param {string} fileName
    * @param {FilePropertyBag} options
    */
-  constructor(fileBits, fileName, options = {}) {
+  constructor(fileBits, fileName, options = { __proto__: null }) {
     const prefix = "Failed to construct 'File'";
     webidl.requiredArguments(arguments.length, 2, prefix);
 
diff --git a/ext/web/13_message_port.js b/ext/web/13_message_port.js
index 93145e8f7..d94ca1382 100644
--- a/ext/web/13_message_port.js
+++ b/ext/web/13_message_port.js
@@ -150,7 +150,7 @@ class MessagePort extends EventTarget {
    * @param {any} message
    * @param {object[] | StructuredSerializeOptions} transferOrOptions
    */
-  postMessage(message, transferOrOptions = {}) {
+  postMessage(message, transferOrOptions = { __proto__: null }) {
     webidl.assertBranded(this, MessagePortPrototype);
     const prefix = "Failed to execute 'postMessage' on 'MessagePort'";
     webidl.requiredArguments(arguments.length, 1, prefix);
diff --git a/ext/web/15_performance.js b/ext/web/15_performance.js
index adaa501b5..5045c0d31 100644
--- a/ext/web/15_performance.js
+++ b/ext/web/15_performance.js
@@ -234,7 +234,7 @@ class PerformanceMark extends PerformanceEntry {
 
   constructor(
     name,
-    options = {},
+    options = { __proto__: null },
   ) {
     const prefix = "Failed to construct 'PerformanceMark'";
     webidl.requiredArguments(arguments.length, 1, prefix);
@@ -441,7 +441,7 @@ class Performance extends EventTarget {
 
   mark(
     markName,
-    markOptions = {},
+    markOptions = { __proto__: null },
   ) {
     webidl.assertBranded(this, PerformancePrototype);
     const prefix = "Failed to execute 'mark' on 'Performance'";
@@ -466,7 +466,7 @@ class Performance extends EventTarget {
 
   measure(
     measureName,
-    startOrMeasureOptions = {},
+    startOrMeasureOptions = { __proto__: null },
     endMark = undefined,
   ) {
     webidl.assertBranded(this, PerformancePrototype);