IE下检测泄露的全局变量,如何遍历所有的全局变量

本文转载自: http://www.cnblogs.com/bluedream2009/archive/2010/04/13/1711288.html 

 

今天在国外博客看到了7个额外的build-in对象:

ScriptEngine,ScriptEngineBuildVersion, ScriptEngineMajorVersion, ScriptEngineMinorVersion, CollectGarbage, RuntimeObject, and GetObject

其中比较感兴趣的两个是ScriptEngineMinorVersion获取IE版本号和另外一个RuntimeObject.

ScriptEngineMinorVersion

1

When the ScriptEngineMajorVersionfunction is called, it returns a value that identifies the minor revision level of the implementation, not the revision level of the ECMAScript or JScript language specification that is currently supported by the implementation. An implementation of JScript 5.x that supports distinct modes that separately implement JScript 5.7 and JScript 5.8 functionality mayreturn a single value that does not vary among modes and that does not reflect the language level implemented by the current mode. Thisreturn value cannot be used as a reliable indicator of the availability or lack of availability of specific language features.

2

3	The JScript 5.x implementation within Microsoft Internet Explorer 7 always returns a value of 7. The JScript 5.x implementation within Microsoft Internet Explorer 8 always returns a value of 8, even when Internet Explorer 8 is operating in IE7 compatibility mode.

 

全局变量外露一直都是JS的一大恶魔.在FF下可以通过fireBug的DOM查看到全局变量.但IE下却没什么好办法.用for in window也无济于事. 那么这时RuntimeObject就派上了用场.他的优点就是能够仅列举出window属性以及用户自定义的全局变量.

测试代码如下:

 

	var gb1 = 10;
	this.gb2 = 20;
	function gb3() {};
	  
	(function() {
	    var ro = RuntimeObject(),
	        ret = [],
	        p;
	    for(p in ro) {
	        ret.push(p);
	    }
	    alert('global var List: '+ ret.join('\n'));
	})();

在IE浏览器下便可以看到全局变量被列举出来了.

 

PS: 另外在IE下今天还发现了个FunctionBoundingList的东西.进而得知IE下可以这样定义函数.

 

1	var foo = {};

2	(function() {

3	functionfoo.bar, baz() { alert('case'); }// 以列表的形式...

4

baz();

5

})();

6	foo.bar();