Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug 29438 - JSON.stringify as invoked by wrapKey can have side-effects depending on what you pass it #88

Closed
mwatson2 opened this issue May 24, 2016 · 4 comments
Closed

Bug 29438 - JSON.stringify as invoked by wrapKey can have side-effects depending on what you pass it #88

mwatson2 opened this issue May 24, 2016 · 4 comments
Assignees
@mwatson2

Comments

@mwatson2
Copy link
Collaborator

Bug 29438:

The spec says:

Let json be the result of representing key as a UTF-16 string conforming to the
JSON grammar; for example, by executing the JSON.stringify algorithm specified
in ECMA262.

This needs to clearly define where the objects passed to JSON.stringify are coming from, because JSON.stringify will do things like get .toJSON properties and call them, so if the objects come from the page global and someone defines a .toJSON on Object.prototype in the page, that will get invoked during this process. Maybe the intent is that there be no observable side-effects; in that case the behavior needs to be clearly specified so as to avoid them.
@mwatson2
Copy link
Collaborator Author

@bzbarsky @sleevi Any ideas on this one too ?

@bzbarsky
Copy link

Use a clean global for the dictionary-to-ES conversion and the JSON.stringify.

@mwatson2 mwatson2 self-assigned this Jun 8, 2016
mwatson2 added a commit to mwatson2/webcrypto that referenced this issue Jul 11, 2016
@mwatson2
Fix w3c#88: Use a clean global object for conversion from object to J…
1bb5e9e 
…SON for JWK
@mwatson2
Copy link
Collaborator Author

This will be fixed by PR #115

@mwatson2 mwatson2 mentioned this issue Jul 11, 2016
Closed
@ghost
Copy link

ghost commented Jul 20, 2016

Not my area of expertise, but LGTM.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mwatson2 mwatson2

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bzbarsky @mwatson2