Syntax based anonymous intrinsics are subject to transpiler modifications

[mhofman]

Currently get-anonymous-intrinsics.js, uses direct syntax to grab some anonymous intrinsics. This is susceptible to transpilers which rewrite the SES shim's code to replace those syntax that didn't exists in previous JavaScript versions. If the actual target in which the transpiled code runs actually has those intrinsics implemented, the SES shim won't grab and harden them.

While there is no way to protect against a malicious transpiler, we should detect and error early in the presence of transpilers that were mistakenly applied to the SES shim. One way to do this is to also eval the syntax used to reach the intrinsic and compare the 2 values.

[mhofman]

@kumavis I heard you may have looked into this before but haven't found any open issues.

[kriskowal]

We have found that there’s a tension between this need and the need to support lockdown in a no-unsafe-eval environment. We may need a lockdown option to balance the two needs.

[kumavis]

kumavis I heard you may have looked into this before but haven't found any open issues.

I've encounter the transpiling issue a few times (via babel). I do think we could add some detection for transpiling for the common cases (eg async iterators i think?). and throw an error.

We have found that there’s a tension between this need and the need to support lockdown in a no-unsafe-eval environment

fyi: metamask is a no unsafe eval as part of our CSP