Bug 1774454 Comment 0 Edit History

Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.

A large portion of the modules implementation in SpiderMonkey is written in self-hosted JS (js/src/builtin/Module.js).  There were good reasons to do this at the time, but this hasn't really been a win overall.

Moving this code to C++ would improve:
 - security: prototype pollution attacks like bug 1770048 would not be possible
 - efficiency: currently execution bounces repeatedly between JS and native code which is not optimal, and all data must uses JS types even when native types would be preferable=
 - debugging: currently there's no debugger support for backtraces through JS stack frames making it harder to investigate issues in the module implementation
A large portion of the modules implementation in SpiderMonkey is written in self-hosted JS (js/src/builtin/Module.js).  There were good reasons to do this at the time, but this hasn't really been a win overall.

Moving this code to C++ would improve:
 - security: prototype pollution attacks would not be possible
 - efficiency: currently execution bounces repeatedly between JS and native code which is not optimal, and all data must uses JS types even when native types would be preferable=
 - debugging: currently there's no debugger support for backtraces through JS stack frames making it harder to investigate issues in the module implementation

Back to Bug 1774454 Comment 0