diff --git a/rewriter/src/main_.rs b/rewriter/src/main.rs similarity index 94% rename from rewriter/src/main_.rs rename to rewriter/src/main.rs index 5d16d24..61f3b00 100644 --- a/rewriter/src/main_.rs +++ b/rewriter/src/main.rs @@ -25,7 +25,7 @@ fn main() -> std::io::Result<()> { let path = Path::new(&name); let source_text = std::fs::read_to_string(path)?; - dbg!(rewrite(&source_text)); + println!("{}", rewrite(&source_text)); Ok(()) } diff --git a/rewriter/src/rewrite.rs b/rewriter/src/rewrite.rs index 71ba524..d3545b1 100644 --- a/rewriter/src/rewrite.rs +++ b/rewriter/src/rewrite.rs @@ -1,6 +1,9 @@ use oxc_allocator::Allocator; use oxc_ast::{ - ast::{AssignmentTarget, Class, Function, IdentifierReference, MemberExpression, TSImportType}, + ast::{ + AssignmentTarget, Class, Expression, Function, IdentifierReference, MemberExpression, + TSImportType, + }, visit::walk, Visit, }; @@ -55,19 +58,85 @@ impl<'a> Visit<'a> for Rewriter { // } // } fn visit_member_expression(&mut self, it: &MemberExpression<'a>) { - match it { - MemberExpression::StaticMemberExpression(s) => { - if s.property.name.to_string() == "location" { + self.trace_member(it); + // match it { + // MemberExpression::StaticMemberExpression(s) => { + // dbg!(s); + // if s.property.name.to_string() == "location" { + // self.jschanges.push(JsChange::GenericChange { + // span: s.property.span, + // text: "$s(location)".to_string(), + // }); + // } + // } + // _ => {} + // } + } +} + +// js MUST not be able to get a reference to any of these because sbx +const UNSAFE_GLOBALS: [&str; 7] = [ + "window", + "self", + "globalThis", + "this", + "parent", + "top", + "location", +]; + +impl Rewriter { + fn trace_member<'a>(&mut self, it: &MemberExpression<'a>) { + match &it { + MemberExpression::StaticMemberExpression(s) => match &s.object { + Expression::Identifier(obj) => { + dbg!(obj); + if UNSAFE_GLOBALS.contains(&obj.name.to_string().as_str()) { + self.jschanges.push(JsChange::GenericChange { + span: obj.span, + text: format!("$s({})", obj.name), + }); + } + } + Expression::ThisExpression(obj) => { self.jschanges.push(JsChange::GenericChange { - span: s.property.span, - text: "$s(location)".to_string(), + span: obj.span, + text: "$s(this)".to_string(), }); } - } + _ => { + if it.object().is_member_expression() { + self.trace_member(it.object().as_member_expression().unwrap()); + } + } + }, + MemberExpression::ComputedMemberExpression(s) => match &s.object { + Expression::Identifier(obj) => { + dbg!(obj); + if UNSAFE_GLOBALS.contains(&obj.name.to_string().as_str()) { + self.jschanges.push(JsChange::GenericChange { + span: obj.span, + text: format!("$s({})", obj.name), + }); + } + } + Expression::ThisExpression(obj) => { + self.jschanges.push(JsChange::GenericChange { + span: obj.span, + text: "$s(this)".to_string(), + }); + } + _ => { + if it.object().is_member_expression() { + self.trace_member(it.object().as_member_expression().unwrap()); + } + } + }, _ => {} } } } + pub fn rewrite(js: &str) -> String { let source_text = js.to_string(); let allocator = Allocator::default(); @@ -81,6 +150,8 @@ pub fn rewrite(js: &str) -> String { let program = ret.program; + dbg!(&program); + let mut ast_pass = Rewriter::default(); ast_pass.visit_program(&program); diff --git a/rewriter/test.js b/rewriter/test.js new file mode 100644 index 0000000..9326d2c --- /dev/null +++ b/rewriter/test.js @@ -0,0 +1,10 @@ + +window.location.href = "http://example.com" + + +console.log(top.window.aaa) +consle.log(globalThis["win" + "dow"]) + +globalThis.eval("..") + +let ref = { b: this.top.window, c: globalThis["win" + "dow"] }