kylefang/esbuild
1
0
Fork 0
mirror of https://github.com/zhigang1992/esbuild.git synced 2026-04-29 01:45:58 +08:00
Code Issues Packages Projects Releases Wiki Activity

forbid imports named "eval" or "arguments"

Browse Source
This commit is contained in:
Evan Wallace
2020-09-23 22:01:59 -07:00
parent 9a62ea5ed5
commit 448cba1174
3 changed files with 23 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
internal/js_lexer/js_lexer.go
View File

@@ -624,11 +624,11 @@ func RangeOfIdentifier(source logger.Source, loc logger.Loc) logger.Range {
c, width := utf8.DecodeRuneInString(text)
i += width
if IsIdentifierStart(c) {
if IsIdentifierStart(c) || c == '\\' {
// Search for the end of the identifier
for i < len(text) {
c2, width2 := utf8.DecodeRuneInString(text[i:])
if !IsIdentifierContinue(c2) {
if !IsIdentifierContinue(c2) && c2 != '\\' {
return logger.Range{Loc: loc, Len: int32(i)}
}
i += width2

8
internal/js_parser/js_parser.go
View File

@@ -3754,7 +3754,7 @@ func (p *parser) parseImportClause() ([]js_ast.ClauseItem, bool) {
if p.lexer.IsContextualKeyword("as") {
p.lexer.Next()
originalName := p.lexer.Identifier
originalName = p.lexer.Identifier
name = js_ast.LocRef{Loc: p.lexer.Loc(), Ref: p.storeNameInRef(originalName)}
p.lexer.Expect(js_lexer.TIdentifier)
} else if !isIdentifier {
@@ -3762,6 +3762,12 @@ func (p *parser) parseImportClause() ([]js_ast.ClauseItem, bool) {
p.lexer.Unexpected()
}
// Reject forbidden names
if originalName == "eval" || originalName == "arguments" {
r := js_lexer.RangeOfIdentifier(p.source, name.Loc)
p.log.AddRangeError(&p.source, r, fmt.Sprintf("Cannot use %q as an identifier here", originalName))
}
items = append(items, js_ast.ClauseItem{
Alias: alias,
AliasLoc: aliasLoc,

14
internal/js_parser/js_parser_test.go
View File

@@ -1456,6 +1456,20 @@ func TestImport(t *testing.T) {
expectPrinted(t, "import x from \"foo\"; x.y = 1", "import x from \"foo\";\nx.y = 1;\n")
expectPrinted(t, "import x from \"foo\"; x[y] = 1", "import x from \"foo\";\nx[y] = 1;\n")
expectPrinted(t, "import x from \"foo\"; x['y'] = 1", "import x from \"foo\";\nx[\"y\"] = 1;\n")
// "eval" and "arguments" are forbidden import names
expectParseError(t, "import {eval} from 'foo'", "<stdin>: error: Cannot use \"eval\" as an identifier here\n")
expectParseError(t, "import {ev\\u0061l} from 'foo'", "<stdin>: error: Cannot use \"eval\" as an identifier here\n")
expectParseError(t, "import {x as eval} from 'foo'", "<stdin>: error: Cannot use \"eval\" as an identifier here\n")
expectParseError(t, "import {x as ev\\u0061l} from 'foo'", "<stdin>: error: Cannot use \"eval\" as an identifier here\n")
expectPrinted(t, "import {eval as x} from 'foo'", "import {eval as x} from \"foo\";\n")
expectPrinted(t, "import {ev\\u0061l as x} from 'foo'", "import {eval as x} from \"foo\";\n")
expectParseError(t, "import {arguments} from 'foo'", "<stdin>: error: Cannot use \"arguments\" as an identifier here\n")
expectParseError(t, "import {\\u0061rguments} from 'foo'", "<stdin>: error: Cannot use \"arguments\" as an identifier here\n")
expectParseError(t, "import {x as arguments} from 'foo'", "<stdin>: error: Cannot use \"arguments\" as an identifier here\n")
expectParseError(t, "import {x as \\u0061rguments} from 'foo'", "<stdin>: error: Cannot use \"arguments\" as an identifier here\n")
expectPrinted(t, "import {arguments as x} from 'foo'", "import {arguments as x} from \"foo\";\n")
expectPrinted(t, "import {\\u0061rguments as x} from 'foo'", "import {arguments as x} from \"foo\";\n")
}
func TestExport(t *testing.T) {