From 92bddae77cc8a051b99420352f4ca9195052ac81 Mon Sep 17 00:00:00 2001
From: Kuitos <kuitos.lau@gmail.com>
Date: Mon, 1 Feb 2021 14:41:08 +0800
Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20hijack=20accessing=20window=20objec?=
 =?UTF-8?q?t=20with=20globalThis=20keyword=20(#1246)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/sandbox/__tests__/proxySandbox.test.ts | 5 +++++
 src/sandbox/proxySandbox.ts                | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/src/sandbox/__tests__/proxySandbox.test.ts b/src/sandbox/__tests__/proxySandbox.test.ts
index 05405ac..1c3694a 100644
--- a/src/sandbox/__tests__/proxySandbox.test.ts
+++ b/src/sandbox/__tests__/proxySandbox.test.ts
@@ -71,6 +71,11 @@ test('window.self & window.window & window.top & window.parent should equals wit
   expect(proxy.parent).toBe(proxy);
 });
 
+test('globalThis should equals with sandbox', () => {
+  const { proxy } = new ProxySandbox('globalThis');
+  expect(proxy.globalThis).toBe(proxy);
+});
+
 test('allow window.top & window.parent to escape sandbox while in iframe', () => {
   // change window.parent to cheat ProxySandbox is in iframe
   Object.defineProperty(window, 'parent', { value: 'parent' });
diff --git a/src/sandbox/proxySandbox.ts b/src/sandbox/proxySandbox.ts
index 2c968ac..50826bf 100644
--- a/src/sandbox/proxySandbox.ts
+++ b/src/sandbox/proxySandbox.ts
@@ -223,6 +223,11 @@ export default class ProxySandbox implements SandBox {
           return proxy;
         }
 
+        // hijack global accessing with globalThis keyword
+        if (p === 'globalThis') {
+          return proxy;
+        }
+
         if (
           p === 'top' ||
           p === 'parent' ||