policy: refactor to use more primordials

PR-URL: #36210
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Bradley Farias <bradley.meck@gmail.com>

lib/internal/policy/manifest.js

@@ -2,8 +2,6 @@
 
 const {
   ArrayIsArray,
-  Map,
-  MapPrototypeSet,
   ObjectCreate,
   ObjectEntries,
   ObjectFreeze,
@@ -12,6 +10,8 @@ const {
   RegExpPrototypeTest,
   SafeMap,
   SafeSet,
+  StringPrototypeEndsWith,
+  StringPrototypeReplace,
   Symbol,
   uncurryThis,
 } = primordials;
@@ -328,14 +328,15 @@ class Manifest {
      * @returns {string}
      */
     const protocolOrResolve = (resourceHREF) => {
-      if (resourceHREF.endsWith(':')) {
+      if (StringPrototypeEndsWith(resourceHREF, ':')) {
         // URL parse will trim these anyway, save the compute
-        resourceHREF = resourceHREF.replace(
+        resourceHREF = StringPrototypeReplace(
+          resourceHREF,
           // eslint-disable-next-line
           /^[\x00-\x1F\x20]|\x09\x0A\x0D|[\x00-\x1F\x20]$/g,
           ''
         );
-        if (/^[a-zA-Z][a-zA-Z+\-.]*:$/.test(resourceHREF)) {
+        if (RegExpPrototypeTest(/^[a-zA-Z][a-zA-Z+\-.]*:$/, resourceHREF)) {
           return resourceHREF;
         }
       }
@@ -418,7 +419,7 @@ class Manifest {
     // Only a few schemes are hierarchical
     if (SPECIAL_SCHEMES.has(currentURL.protocol)) {
       // Make first '..' act like '.'
-      if (currentURL.pathname.slice(-1) !== '/') {
+      if (!StringPrototypeEndsWith(currentURL.pathname, '/')) {
         currentURL.pathname += '/';
       }
       let lastHREF;
@@ -470,7 +471,7 @@ class Manifest {
   assertIntegrity(url, content) {
     const href = `${url}`;
     debug('Checking integrity of %s', href);
-    const realIntegrities = new Map();
+    const realIntegrities = new SafeMap();
     const integrities = this.#resourceIntegrities;
     function processEntry(href) {
       let integrityEntries = integrities.get(href);
@@ -499,8 +500,7 @@ class Manifest {
             timingSafeEqual(digest, expected)) {
             return true;
           }
-          MapPrototypeSet(
-            realIntegrities,
+          realIntegrities.set(
             algorithm,
             BufferToString(digest, 'base64')
           );

lib/internal/policy/sri.js

@@ -3,9 +3,9 @@
 // https://w3c.github.io/webappsec-subresource-integrity/#the-integrity-attribute
 
 const {
+  ArrayPrototype,
   ObjectDefineProperty,
   ObjectFreeze,
-  ObjectGetPrototypeOf,
   ObjectSeal,
   ObjectSetPrototypeOf,
   RegExp,
@@ -32,7 +32,6 @@ const kAllWSP = RegExp(`^${kWSP}*$`);
 ObjectSeal(kAllWSP);
 
 const BufferFrom = require('buffer').Buffer.from;
-const RealArrayPrototype = ObjectGetPrototypeOf([]);
 
 // Returns {algorithm, value (in base64 string), options,}[]
 const parse = (str) => {
@@ -41,10 +40,10 @@ const parse = (str) => {
   const entries = [];
   while (match = RegExpPrototypeExec(kSRIPattern, str)) {
     if (match.index !== prevIndex) {
-      throw new ERR_SRI_PARSE(str, str.charAt(prevIndex), prevIndex);
+      throw new ERR_SRI_PARSE(str, str[prevIndex], prevIndex);
     }
     if (entries.length > 0 && match[1] === '') {
-      throw new ERR_SRI_PARSE(str, str.charAt(prevIndex), prevIndex);
+      throw new ERR_SRI_PARSE(str, str[prevIndex], prevIndex);
     }
 
     // Avoid setters being fired
@@ -63,10 +62,10 @@ const parse = (str) => {
 
   if (prevIndex !== str.length) {
     if (!RegExpPrototypeTest(kAllWSP, StringPrototypeSlice(str, prevIndex))) {
-      throw new ERR_SRI_PARSE(str, str.charAt(prevIndex), prevIndex);
+      throw new ERR_SRI_PARSE(str, str[prevIndex], prevIndex);
     }
   }
-  return ObjectSetPrototypeOf(entries, RealArrayPrototype);
+  return ObjectSetPrototypeOf(entries, ArrayPrototype);
 };
 
 module.exports = {