From 765fa337e32fa0d654541537dc097208f89a3abd Mon Sep 17 00:00:00 2001 From: Bjarki Date: Wed, 7 Oct 2020 16:44:47 +0000 Subject: [PATCH] fix(compiler): use Trusted Types policy in JIT compiler (#39210) The JIT compiler uses the Function constructor to compile arbitrary strings into executable code at runtime, which causes Trusted Types violations. To address this, JitEvaluator is instead made to use the Trusted Types compatible Function constructor introduced by Angular's Trusted Types policy for JIT. PR Close #39210 --- packages/compiler/src/output/output_jit.ts | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/packages/compiler/src/output/output_jit.ts b/packages/compiler/src/output/output_jit.ts index 75be4da280..d672098bca 100644 --- a/packages/compiler/src/output/output_jit.ts +++ b/packages/compiler/src/output/output_jit.ts @@ -12,6 +12,7 @@ import {CompileReflector} from '../compile_reflector'; import {EmitterVisitorContext} from './abstract_emitter'; import {AbstractJsEmitterVisitor} from './abstract_js_emitter'; import * as o from './output_ast'; +import {newTrustedFunctionForJIT} from './output_jit_trusted_types'; /** * A helper class to manage the evaluation of JIT generated code. @@ -69,11 +70,11 @@ export class JitEvaluator { // function anonymous(a,b,c // /**/) { ... }``` // We don't want to hard code this fact, so we auto detect it via an empty function first. - const emptyFn = new Function(...fnArgNames.concat('return null;')).toString(); + const emptyFn = newTrustedFunctionForJIT(...fnArgNames.concat('return null;')).toString(); const headerLines = emptyFn.slice(0, emptyFn.indexOf('return null;')).split('\n').length - 1; fnBody += `\n${ctx.toSourceMapGenerator(sourceUrl, headerLines).toJsComment()}`; } - const fn = new Function(...fnArgNames.concat(fnBody)); + const fn = newTrustedFunctionForJIT(...fnArgNames.concat(fnBody)); return this.executeFunction(fn, fnArgValues); }