From b87c2fae01b1aaf5df012c0b19d460bfe6b63270 Mon Sep 17 00:00:00 2001 From: Max Nordlund Date: Fri, 28 Apr 2017 22:04:56 +0200 Subject: [PATCH] Simplify references to the global object Take advantage of sloppy mode, aka non-strict mode, where unbound functions are called with the global object as `this`. https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Strict_mode#Securing_JavaScript --- packages/regenerator-runtime/runtime-module.js | 5 +---- packages/regenerator-runtime/runtime.js | 10 ++++------ 2 files changed, 5 insertions(+), 10 deletions(-) diff --git a/packages/regenerator-runtime/runtime-module.js b/packages/regenerator-runtime/runtime-module.js index 8e7e2e4c1..57b655799 100644 --- a/packages/regenerator-runtime/runtime-module.js +++ b/packages/regenerator-runtime/runtime-module.js @@ -1,9 +1,6 @@ // This method of obtaining a reference to the global object needs to be // kept identical to the way it is obtained in runtime.js -var g = - typeof global === "object" ? global : - typeof window === "object" ? window : - typeof self === "object" ? self : this; +var g = (function() { return this })() || Function("return this")(); // Use `getOwnPropertyNames` because not all browsers support calling // `hasOwnProperty` on the global `self` object in a worker. See #183. diff --git a/packages/regenerator-runtime/runtime.js b/packages/regenerator-runtime/runtime.js index 5b08c4d34..6f26b1590 100644 --- a/packages/regenerator-runtime/runtime.js +++ b/packages/regenerator-runtime/runtime.js @@ -727,10 +727,8 @@ } }; })( - // Among the various tricks for obtaining a reference to the global - // object, this seems to be the most reliable technique that does not - // use indirect eval (which violates Content Security Policy). - typeof global === "object" ? global : - typeof window === "object" ? window : - typeof self === "object" ? self : this + // In sloppy mode, unbound `this` refers to the global object, fallback to + // Function constructor if we're in global strict mode. That is sadly a form + // of indirect eval which violates Content Security Policy. + (function() { return this })() || Function("return this")() );