Ensure that privates are private. - Remove JS code injection functionality from UtilsNativeHandler. - Ensure that utils.expose only exposes public properties. - Prevent privates from getting poisoned via arbitrary constructor invocations. - Prevent privates from leaking through prototypes. BUG=603748 Review URL: https://codereview.chromium.org/1903303002 Cr-Commit-Position: refs/heads/master@{#389292}

commit: 77e0fbe12e32b16d5c1d7c0380b45fde363004b2 [log] [tgz]
author: rob <[email protected]> Fri Apr 22 23:16:54 2016
committer: Commit bot <[email protected]> Fri Apr 22 23:19:06 2016
tree: f27b7b05ad40f796187bcdd9a332618f08790d39
parent: b891cd667f263782a6f97466e264de3e729d3bc0 [diff] [blame]
diff --git a/extensions/renderer/module_system.cc b/extensions/renderer/module_system.cc
index 9f708bf..dd13786 100644
--- a/extensions/renderer/module_system.cc
+++ b/extensions/renderer/module_system.cc

@@ -618,6 +618,10 @@
           ToV8StringUnsafe(GetIsolate(), "Failed to create privates"));
       return;
     }
+    v8::Maybe<bool> maybe =
+        privates.As<v8::Object>()->SetPrototype(context()->v8_context(),
+                                                v8::Null(args.GetIsolate()));
+    CHECK(maybe.IsJust() && maybe.FromJust());
     SetPrivate(obj, "privates", privates);
   }
   args.GetReturnValue().Set(privates);
commit	77e0fbe12e32b16d5c1d7c0380b45fde363004b2	[log] [tgz]
author	rob <[email protected]>	Fri Apr 22 23:16:54 2016
committer	Commit bot <[email protected]>	Fri Apr 22 23:19:06 2016
tree	f27b7b05ad40f796187bcdd9a332618f08790d39
parent	b891cd667f263782a6f97466e264de3e729d3bc0 [diff] [blame]