Website updates for buffer coercion

svaarala · svaarala · commit e4e4c568bafb · 2016-10-18T14:38:04.000+03:00
diff --git a/website/guide/custombehavior.html b/website/guide/custombehavior.html
@@ -250,8 +250,11 @@ <h2 id="nodejsbuffer-custombehavior">Node.js Buffer binding</h2>
     0x00 rather than throwing a TypeError.</li>
 <li>Duktape only supports the <code>"utf8"</code> encoding (and accepts no
     spelling variants).  Most API calls ignore an encoding argument, and
-    use the Duktape internal string representation (CESU-8 / extended UTF-8)
-    for string-to-buffer conversion.</li>
+    use UTF-8 implicitly for string-to-buffer coercion.</li>
+<li>UTF-8 decoding replacement character approach follows
+    <a href="http://unicode.org/review/pr-121.html">Unicode Technical Committee Recommended Practice for Replacement Characters</a>
+    which matches WHATWG Encoding API specification but differs from Node.js
+    (at least up to version v6.8.1).</li>
 <li>Node.js Buffer has additional <code>byteLength</code> (matching
     <code>length</code>), <code>byteOffset</code> (= 0), and
     <code>BYTES_PER_ELEMENT</code> (= 1) properties.</li>
diff --git a/website/guide/duktapebuiltins.html b/website/guide/duktapebuiltins.html
@@ -136,6 +136,7 @@ <h3 id="builtin-duktape-enc">enc()</h3>
 "jx" and "jc"), second argument is the value to encode, and any further
 arguments are format specific.</p>
 
+<!-- XXX: maybe remove support for non-buffer inputs? -->
 <p>For "hex" and "base64", buffer values are encoded as is, other values
 are string coerced and the internal byte representation (extended UTF-8)
 is then encoded.  The result is a string.  For example, to encode a string
@@ -168,10 +169,10 @@ <h3 id="builtin-duktape-dec">dec()</h3>
 <p>If you wish to get back a string value, you can coerce the plain buffer to
 a string e.g. as follows:</p>
 <pre class="ecmascript-code">
-// Use Node.js Buffer binding for buffer-to-string coercion.  The buffer
-// data is decoded as UTF-8 and re-encoded into an Ecmascript string (with
-// surrogate pairs used for non-BMP codepoints).
-var result = Buffer.from(Duktape.dec('base64', 'Zm9v')).toString();
+// Use TextDecoder which decodes the input as UTF-8.  You can also use
+// the Node.js Buffer binding to achieve a similar result.
+
+var result = new TextDecoder().decode(Duktape.dec('base64', 'Zm9v'));
 print(typeof result, result);  // prints 'string foo'
 </pre>
 
diff --git a/website/guide/internalproperties.html b/website/guide/internalproperties.html
@@ -85,25 +85,26 @@ <h1 id="internalproperties">Internal properties</h1>
 
 <p>Internal strings cannot be created from Ecmascript code using the default
 built-ins alone.  However, application code can easily add such a binding
-using the C API (this must be considered in sandboxing).</p>
+using the C API which must be considered in sandboxing.</p>
 
 <p>There's no special access control for internal properties: if user code has
 access to the property name (string), it can read/write the property value.
-Any code with the ability to create or use buffers can potentially create an
-internal string by converting a buffer into a string.  However, standard Ecmascript
-code with no access to buffer values or ability to create them cannot create internal
-strings (or any invalid UTF-8 strings in general).  When sandboxing, ensure that
-the sandboxed code has no access to the <code>Duktape</code> built-in or any
-buffer values.</p>
+The default Ecmascript built-ins don't provide a way of creating an internal
+string: buffer-to-string coercions always involve an encoding such as UTF-8
+which will reject or replace invalid byte sequences.  However, C code can
+easily create internal strings.  When sandboxing, ensure that custom C bindings
+don't accidentally provide a mechanism to create internal strings by e.g.
+converting a buffer as-is to a string.</p>
 
-<p>As a concrete example, the internal value of a <code>Date</code> can be
-accessed as follows:</p>
+<p>As a concrete example the internal value of a <code>Date</code> instance
+can be accessed as follows:</p>
 <pre class="ecmascript-code">
-// Print the internal timestamp of a Date instance.  User code should NEVER
-// actually do this because the internal properties may change between
-// versions in an arbitrary manner!
+// Print the internal timestamp of a Date instance.  Assumes a hypothetical
+// rawBufferToString() custom C binding which takes an input buffer and pushes
+// the bytes as-is as a string using duk_push_lstring(), thus creating an
+// internal string.
 
-var key = Duktape.dec('hex', 'ff56616c7565');  // \xFFValue
+var key = rawBufferToString(Duktape.dec('hex', 'ff56616c7565'));  // \xFFValue
 var dt = new Date(123456);
 print('internal value is:', dt[key]);  // prints 123456
 </pre>
diff --git a/website/guide/sandboxing.html b/website/guide/sandboxing.html
@@ -16,5 +16,5 @@ <h1 id="sandboxing">Sandboxing</h1>
 for a detailed discussion of how to implement sandboxing.</p>
 
 <div class="note">
-Sandboxing support in Duktape 1.3 is still a work in progress.
+Sandboxing support in Duktape 2.0 is still a work in progress.
 </div>
