5f33383a7b
Previously it only deoptimized the parent scope if the current scope contains direct eval, which is incorrect because code ran in direct eval mode has access to the entire scope chain it was executed in. The fix is to also propagate direct eval's presence if the current scope is marked as being screwed by direct eval. This fixes Google's botguard failing to complete on Google sign in, as it tried to access local variables outside of a direct parent function with eval, causing it throw "unhandled" exceptions. Unhandled is in quotes because their bytecode VM _technically_ caught it, but it was considered an unhandled exception. This was determined by removing get optimizations and then adding debug output for every get operation. Using this, I noticed that for these errors, it would access the 'message' and 'stack' properties. This is because their error handler function noticed this was not a synthesised error, which is never expected to happen. That was determined by using Chrome Devtools 'pause on handled exception' feature, and noticing it never threw a '[var] is not defined' exception, but only synthesized error objects which contained a sentinel value to let it know it was synthesized. I added debug output to eval to print out what was being eval'd because it makes heavy use of eval. This revealed that the exceptions only came from eval. I then dumped every generated executable and noticed the variables it was trying to access were generated as local variables in the top scope. This led to checking what makes a variable considered local or not, which then lead to this block of code in ~ScopePusher that propagates eval presence only to the immediate parent scope. This variable directly controls whether to create all variables properly with variable environments and bindings or allow them to be stored as local registers tied to that function's executable. Since this now lets botguard run to completion, it no longer considers us to be an insecure/potential bot browser when signing in, now allowing us to be able to sign in to Google. |
||
|---|---|---|
| .devcontainer | ||
| .github | ||
| AK | ||
| Base/res | ||
| Documentation | ||
| Libraries | ||
| Meta | ||
| Services | ||
| Tests | ||
| Toolchain | ||
| UI | ||
| Utilities | ||
| .clang-format | ||
| .clang-tidy | ||
| .clangd | ||
| .editorconfig | ||
| .gitattributes | ||
| .gitignore | ||
| .gn | ||
| .mailmap | ||
| .pre-commit-config.yaml | ||
| .prettierignore | ||
| .prettierrc | ||
| .swift-format | ||
| .ycm_extra_conf.py | ||
| CMakeLists.txt | ||
| CMakePresets.json | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| flake.lock | ||
| flake.nix | ||
| ISSUES.md | ||
| LICENSE | ||
| README.md | ||
| SECURITY.md | ||
| shell.nix | ||
| vcpkg-configuration.json | ||
| vcpkg.json | ||
Ladybird
Ladybird is a truly independent web browser, using a novel engine based on web standards.
Important
Ladybird is in a pre-alpha state, and only suitable for use by developers
Features
We aim to build a complete, usable browser for the modern web.
Ladybird uses a multi-process architecture with a main UI process, several WebContent renderer processes, an ImageDecoder process, and a RequestServer process.
Image decoding and network connections are done out of process to be more robust against malicious content. Each tab has its own renderer process, which is sandboxed from the rest of the system.
At the moment, many core library support components are inherited from SerenityOS:
- LibWeb: Web rendering engine
- LibJS: JavaScript engine
- LibWasm: WebAssembly implementation
- LibCrypto/LibTLS: Cryptography primitives and Transport Layer Security
- LibHTTP: HTTP/1.1 client
- LibGfx: 2D Graphics Library, Image Decoding and Rendering
- LibUnicode: Unicode and locale support
- LibMedia: Audio and video playback
- LibCore: Event loop, OS abstraction layer
- LibIPC: Inter-process communication
How do I build and run this?
See build instructions for information on how to build Ladybird.
Ladybird runs on Linux, macOS, Windows (with WSL2), and many other *Nixes.
How do I read the documentation?
Code-related documentation can be found in the documentation folder.
Get in touch and participate!
Join our Discord server to participate in development discussion.
Please read Getting started contributing if you plan to contribute to Ladybird for the first time.
Before opening an issue, please see the issue policy and the detailed issue-reporting guidelines.
The full contribution guidelines can be found in CONTRIBUTING.md.
License
Ladybird is licensed under a 2-clause BSD license.