"ses-lite" missing permit for %InertStaticModuleRecord%
See original GitHub issueUsing ses@0.10.3
, I call require('ses/dist/lockdown.cjs')
and then lockdown()
. The following error is thrown:
Uncaught Error: Expected permit object at whitelist.%InertStaticModuleRecord%
at Object.completePrototypes (...)
at repairIntrinsics (...)
at assign.lockdown (...)
If I remove the line '%InertStaticModuleRecord%': InertStaticModuleRecord,
from the intrinsics
object inside ses/dist/lockdown.cjs
, the error no longer occurs and everything appears to work, although the following messages appear in the console:
Toggle console message visibility
Removing intrinsics.Promise.any
Removing intrinsics.%InertFunction%.arguments
Removing intrinsics.%InertFunction%.caller
Removing intrinsics.%InertGeneratorFunction%.arguments
Removing intrinsics.%InertGeneratorFunction%.caller
Removing intrinsics.%InertAsyncFunction%.arguments
Removing intrinsics.%InertAsyncFunction%.caller
Removing intrinsics.%InertAsyncGeneratorFunction%.arguments
Removing intrinsics.%InertAsyncGeneratorFunction%.caller
Removing intrinsics.%InitialDate%.arguments
Removing intrinsics.%InitialDate%.caller
Removing intrinsics.%SharedDate%.arguments
Removing intrinsics.%SharedDate%.caller
Removing intrinsics.%InitialError%.arguments
Removing intrinsics.%InitialError%.caller
Removing intrinsics.%SharedError%.arguments
Removing intrinsics.%SharedError%.caller
Removing intrinsics.%InitialRegExp%.arguments
Removing intrinsics.%InitialRegExp%.caller
Removing intrinsics.%SharedRegExp%.arguments
Removing intrinsics.%SharedRegExp%.caller
Removing intrinsics.%InertCompartment%.arguments
Removing intrinsics.%InertCompartment%.caller
Removing intrinsics.%StringPrototype%.replaceAll
My execution environment is a Web Worker using the latest version of Google Chrome. The error is not thrown if I require('ses')
using ses@0.10.3
or ses@0.9.1
.
Issue Analytics
- State:
- Created 3 years ago
- Comments:5 (5 by maintainers)
Top Results From Across the Web
No results found
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Core problem diagnosed, but with some remaining mysteries.
We recently divided the whitelist into
whitelist
which applies to ses-without modules, andmoduleWhitelist
with the additional elements to be added towhitelist
when doing ses-with-modules. Loading just lockdown runs ses-without-modules. The non-module whitelist doesn’t have%InertStaticModuleRecord%
. But the intrinsics do.completePrototypes
goes through the intrinsics, looking up their entry in the whitelist, to figure out how to do its thing (add in the appropriate prototype objects).%InertStaticModuleRecord%
is in the intrinsics it starts with.No idea yet why this fails on the web but works on Node. So far, the bug seems like it should be host-independent.
I’ve been able to reproduce this error with this script in Chrome 85.
I’ve also reproduced it separately in a web worker, but that appears to not be germane.