Received: by 10.205.122.65 with SMTP id gf1mr1457693bkc.2.1337348618859;
        Fri, 18 May 2012 06:43:38 -0700 (PDT)
X-BeenThere: v8-dev@googlegroups.com
Received: by 10.204.129.208 with SMTP id p16ls2133643bks.7.gmail; Fri, 18 May
 2012 06:43:37 -0700 (PDT)
Received: by 10.204.143.145 with SMTP id v17mr910264bku.7.1337348616962;
        Fri, 18 May 2012 06:43:36 -0700 (PDT)
Received: by 10.204.143.145 with SMTP id v17mr910263bku.7.1337348616943;
        Fri, 18 May 2012 06:43:36 -0700 (PDT)
Return-Path: <jkumme...@google.com>
Received: from mail-bk0-f50.google.com (mail-bk0-f50.google.com [209.85.214.50])
        by gmr-mx.google.com with ESMTPS id p5si10014187bks.1.2012.05.18.06.43.36
        (version=TLSv1/SSLv3 cipher=OTHER);
        Fri, 18 May 2012 06:43:36 -0700 (PDT)
Received-SPF: pass (google.com: domain of jkumme...@google.com designates 209.85.214.50 as permitted sender) client-ip=209.85.214.50;
Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of jkumme...@google.com designates 209.85.214.50 as permitted sender) smtp.mail=jkumme...@google.com; dkim=pass header...@google.com
Received: by bkcjg9 with SMTP id jg9so2593132bkc.9
        for <v8-dev@googlegroups.com>; Fri, 18 May 2012 06:43:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20120113;
        h=mime-version:sender:in-reply-to:references:from:date
         :x-google-sender-auth:message-id:subject:to:cc:content-type
         :x-system-of-record;
        bh=Ucd25geqzGUsczd7NCL7a3uOTaxSdFH1SOtfMkEKbtE=;
        b=Jg/6l2AKYKEhk/tbyKf8lKOghiUzC2FluvViXk1kux4ZERFR+TMUqIfRqDgcAKlZbn
         8xpA5c+9gPaZi5cyUVdNwkq6ubOY9dK46+oPip8XuW8VVYRoQYtoEEq2Vzfv3Txm9sJP
         M8rxCQ/ZeUUJrvUJXfQID42gK/m8P7o28z/QSqpXw2Wid2jOLFD3PLV2hQOzsnnjs9nu
         rGiyGB41q0kRtT0Rmyy3r182WO9M67pRUX4D2qYhtWfRoM3Uz7rFPWwahkHLimr236BA
         E4U3OvH7ym2cQ8MiXQ91IDDnM51RHHwmYxXJhK1/Il9TLYQOn2ySPRRgYNa96fCqEGVs
         AWFQ==
        d=google.com; s=20120113;
        h=mime-version:sender:in-reply-to:references:from:date
         :x-google-sender-auth:message-id:subject:to:cc:content-type
         :x-system-of-record:x-gm-message-state;
        bh=Ucd25geqzGUsczd7NCL7a3uOTaxSdFH1SOtfMkEKbtE=;
        b=FW5qWoKSsIKDqPwadJmyxxMB+fgH6U9tM47n+deMhElyHFg+z8RdCm+zUsVSKJaWdh
         Y5kDW/o6UvAqPVDDe9LmiZSPPDQuk2qzVUJ7sHvV47WVIdtwV0V63JUDDHH6mridDm6J
         5bNL42ONRMPnhb0Kf4QxmBVmRrSoQu14kXTaTPkueDhs6ctE4vcDg/ZQ1mNt9x9TaeMH
         dft0Hs9iZoP2pmK5VKZDshmyXk4Fk2eqhi7jTA42VLr/Djih/2lDzlLF+hqWfcXbFbKd
         sNj7qrJgjFRadyH8Hhqv9Afeet2zGhSUg4bSP3SBVPwSa7U9NTR41aOShtJQrCFMgzmc
         sCsA==
Received: by 10.204.156.155 with SMTP id x27mr4004235bkw.84.1337348616545;
        Fri, 18 May 2012 06:43:36 -0700 (PDT)
Received: by 10.204.156.155 with SMTP id x27mr4004223bkw.84.1337348616334;
 Fri, 18 May 2012 06:43:36 -0700 (PDT)
MIME-Version: 1.0
Sender: jkumme...@google.com
Received: by 10.204.38.199 with HTTP; Fri, 18 May 2012 06:43:16 -0700 (PDT)
In-Reply-To: <0912bef0-8187-437b-99b5-af823bb97cc6@googlegroups.com>
References: <0912bef0-8187-437b-99b5-af823bb97cc6@googlegroups.com>
From: Jakob Kummerow <jkumme...@chromium.org>
Date: Fri, 18 May 2012 15:43:16 +0200
Message-ID: <CAKSzg3RbGfhYC9BQsc95NKCfAuM7nhq+AcUe=Kyh5BMMtit...@mail.gmail.com>
Subject: Re: [v8-dev] Access to DOM implementation in Webkit/Chromium
To: sqrts...@googlemail.com
Cc: v8-dev@googlegroups.com
Content-Type: multipart/alternative; boundary=0015175df1fc37ae5504c04fbd05
X-System-Of-Record: true
X-Gm-Message-State: ALoCoQkSkXygtC9eos3ZORb0+5t12KpHl2TCiRH/ec+6jE1d75VjeOIPupVMGeC7EIpC69zBrjIdIAiHgpMMZs3M78adQqcVqYweu1w6AAP9LMlO3xEl8o3xDMGL9MiJMi9C7RwgNxQCNh6+RXTXGgoCRRrx1f5Etw==

--0015175df1fc37ae5504c04fbd05
Content-Type: text/plain; charset=ISO-8859-1

The DOM bindings for V8 are part of WebKit, not part of V8. Start looking
here: http://trac.webkit.org/browser/trunk/Source/WebCore/bindings/v8

On Fri, May 18, 2012 at 1:17 PM, <sqrts...@googlemail.com> wrote:

> Hi guys,
>
> I'm working on a project where I want to achieve taint tracking in
> Chromium. In essence, I want to be able to identify things coming from the
> DOM, what might happen to them (concat, substring, etc) and be able to
> identify variables derived from them. My question in a nutshell is: how and
> where are calls to the DOM implemented? I gather that v8 is provided a
> context from the rendering engine and then works on that - couldn't find
> the corresponding code though.
>
> Your help is very much appreciated
>  Ben
>

--0015175df1fc37ae5504c04fbd05
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

The DOM bindings for V8 are part of WebKit, not part of V8. Start looking h=
ere:=A0<a href=3D"http://trac.webkit.org/browser/trunk/Source/WebCore/bindi=
ngs/v8">http://trac.webkit.org/browser/trunk/Source/WebCore/bindings/v8</a>=
<br>

<br><div class=3D"gmail_quote">On Fri, May 18, 2012 at 1:17 PM,  <span dir=
=3D"ltr">&lt;<a href=3D"mailto:sqrts...@googlemail.com" target=3D"_blank">s=
qrts...@googlemail.com</a>&gt;</span> wrote:<br><blockquote class=3D"gmail_=
quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1=
ex">

Hi guys,<div><br></div><div>I&#39;m working on a project where I want to ac=
hieve taint tracking in Chromium. In essence, I want to be able to identify=
 things coming from the DOM, what might happen to them (concat, substring, =
etc) and be able to identify variables derived from them. My question in a =
nutshell is: how and where are calls to the DOM implemented? I gather that =
v8 is provided a context from the rendering engine and then works on that -=
 couldn&#39;t find the corresponding code though.</div>

<div><br></div><div>Your help is very much appreciated</div><div>=A0Ben</di=
v></blockquote></div><br>

--0015175df1fc37ae5504c04fbd05--