1 /*
2 * Copyright (C) 2006, 2007, 2008, 2009 Google Inc. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are
6 * met:
7 *
8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above
11 * copyright notice, this list of conditions and the following disclaimer
12 * in the documentation and/or other materials provided with the
13 * distribution.
14 * * Neither the name of Google Inc. nor the names of its
15 * contributors may be used to endorse or promote products derived from
16 * this software without specific prior written permission.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 */
30
31 #include "config.h"
32
33 #include "V8NPObject.h"
34
35 #include "HTMLPlugInElement.h"
36 #include "IdentifierRep.h"
37 #include "NPV8Object.h"
38 #include "V8DOMMap.h"
39 #include "V8HTMLAppletElement.h"
40 #include "V8HTMLEmbedElement.h"
41 #include "V8HTMLObjectElement.h"
42 #include "V8Helpers.h"
43 #include "V8NPUtils.h"
44 #include "V8Proxy.h"
45 #include "npruntime_impl.h"
46 #include "npruntime_priv.h"
47 #include <wtf/OwnArrayPtr.h>
48
49 using namespace WebCore;
50
51 enum InvokeFunctionType {
52 InvokeMethod = 1,
53 InvokeConstruct = 2,
54 InvokeDefault = 3
55 };
56
57 // FIXME: need comments.
58 // Params: holder could be HTMLEmbedElement or NPObject
npObjectInvokeImpl(const v8::Arguments & args,InvokeFunctionType functionId)59 static v8::Handle<v8::Value> npObjectInvokeImpl(const v8::Arguments& args, InvokeFunctionType functionId)
60 {
61 NPObject* npObject;
62
63 // These three types are subtypes of HTMLPlugInElement.
64 if (V8HTMLAppletElement::HasInstance(args.Holder()) || V8HTMLEmbedElement::HasInstance(args.Holder())
65 || V8HTMLObjectElement::HasInstance(args.Holder())) {
66 // The holder object is a subtype of HTMLPlugInElement.
67 HTMLPlugInElement* element;
68 if (V8HTMLAppletElement::HasInstance(args.Holder()))
69 element = V8HTMLAppletElement::toNative(args.Holder());
70 else if (V8HTMLEmbedElement::HasInstance(args.Holder()))
71 element = V8HTMLEmbedElement::toNative(args.Holder());
72 else
73 element = V8HTMLObjectElement::toNative(args.Holder());
74 ScriptInstance scriptInstance = element->getInstance();
75 if (scriptInstance)
76 npObject = v8ObjectToNPObject(scriptInstance->instance());
77 else
78 npObject = 0;
79 } else {
80 // The holder object is not a subtype of HTMLPlugInElement, it must be an NPObject which has three
81 // internal fields.
82 if (args.Holder()->InternalFieldCount() != npObjectInternalFieldCount)
83 return throwError("NPMethod called on non-NPObject", V8Proxy::ReferenceError);
84
85 npObject = v8ObjectToNPObject(args.Holder());
86 }
87
88 // Verify that our wrapper wasn't using a NPObject which has already been deleted.
89 if (!npObject || !_NPN_IsAlive(npObject))
90 return throwError("NPObject deleted", V8Proxy::ReferenceError);
91
92 // Wrap up parameters.
93 int numArgs = args.Length();
94 OwnArrayPtr<NPVariant> npArgs(new NPVariant[numArgs]);
95
96 for (int i = 0; i < numArgs; i++)
97 convertV8ObjectToNPVariant(args[i], npObject, &npArgs[i]);
98
99 NPVariant result;
100 VOID_TO_NPVARIANT(result);
101
102 bool retval = true;
103 switch (functionId) {
104 case InvokeMethod:
105 if (npObject->_class->invoke) {
106 v8::Handle<v8::String> functionName(v8::String::Cast(*args.Data()));
107 NPIdentifier identifier = getStringIdentifier(functionName);
108 retval = npObject->_class->invoke(npObject, identifier, npArgs.get(), numArgs, &result);
109 }
110 break;
111 case InvokeConstruct:
112 if (npObject->_class->construct)
113 retval = npObject->_class->construct(npObject, npArgs.get(), numArgs, &result);
114 break;
115 case InvokeDefault:
116 if (npObject->_class->invokeDefault)
117 retval = npObject->_class->invokeDefault(npObject, npArgs.get(), numArgs, &result);
118 break;
119 default:
120 break;
121 }
122
123 if (!retval)
124 throwError("Error calling method on NPObject!", V8Proxy::GeneralError);
125
126 for (int i = 0; i < numArgs; i++)
127 _NPN_ReleaseVariantValue(&npArgs[i]);
128
129 // Unwrap return values.
130 v8::Handle<v8::Value> returnValue = convertNPVariantToV8Object(&result, npObject);
131 _NPN_ReleaseVariantValue(&result);
132
133 return returnValue;
134 }
135
136
npObjectMethodHandler(const v8::Arguments & args)137 v8::Handle<v8::Value> npObjectMethodHandler(const v8::Arguments& args)
138 {
139 return npObjectInvokeImpl(args, InvokeMethod);
140 }
141
142
npObjectInvokeDefaultHandler(const v8::Arguments & args)143 v8::Handle<v8::Value> npObjectInvokeDefaultHandler(const v8::Arguments& args)
144 {
145 if (args.IsConstructCall())
146 return npObjectInvokeImpl(args, InvokeConstruct);
147
148 return npObjectInvokeImpl(args, InvokeDefault);
149 }
150
151
152 static void weakTemplateCallback(v8::Persistent<v8::Value>, void* parameter);
153
154 // NPIdentifier is PrivateIdentifier*.
155 static WeakReferenceMap<PrivateIdentifier, v8::FunctionTemplate> staticTemplateMap(&weakTemplateCallback);
156
weakTemplateCallback(v8::Persistent<v8::Value> object,void * parameter)157 static void weakTemplateCallback(v8::Persistent<v8::Value> object, void* parameter)
158 {
159 PrivateIdentifier* identifier = static_cast<PrivateIdentifier*>(parameter);
160 ASSERT(identifier);
161 ASSERT(staticTemplateMap.contains(identifier));
162
163 staticTemplateMap.forget(identifier);
164 }
165
166
npObjectGetProperty(v8::Local<v8::Object> self,NPIdentifier identifier,v8::Local<v8::Value> key)167 static v8::Handle<v8::Value> npObjectGetProperty(v8::Local<v8::Object> self, NPIdentifier identifier, v8::Local<v8::Value> key)
168 {
169 NPObject* npObject = v8ObjectToNPObject(self);
170
171 // Verify that our wrapper wasn't using a NPObject which
172 // has already been deleted.
173 if (!npObject || !_NPN_IsAlive(npObject))
174 return throwError("NPObject deleted", V8Proxy::ReferenceError);
175
176
177 if (npObject->_class->hasProperty && npObject->_class->hasProperty(npObject, identifier)
178 && npObject->_class->getProperty) {
179
180 NPVariant result;
181 VOID_TO_NPVARIANT(result);
182 if (!npObject->_class->getProperty(npObject, identifier, &result))
183 return v8::Handle<v8::Value>();
184
185 v8::Handle<v8::Value> returnValue = convertNPVariantToV8Object(&result, npObject);
186 _NPN_ReleaseVariantValue(&result);
187 return returnValue;
188
189 }
190
191 if (key->IsString() && npObject->_class->hasMethod && npObject->_class->hasMethod(npObject, identifier)) {
192 PrivateIdentifier* id = static_cast<PrivateIdentifier*>(identifier);
193 v8::Persistent<v8::FunctionTemplate> functionTemplate = staticTemplateMap.get(id);
194 // Cache templates using identifier as the key.
195 if (functionTemplate.IsEmpty()) {
196 // Create a new template.
197 v8::Local<v8::FunctionTemplate> temp = v8::FunctionTemplate::New();
198 temp->SetCallHandler(npObjectMethodHandler, key);
199 functionTemplate = v8::Persistent<v8::FunctionTemplate>::New(temp);
200 staticTemplateMap.set(id, functionTemplate);
201 }
202
203 // FunctionTemplate caches function for each context.
204 v8::Local<v8::Function> v8Function = functionTemplate->GetFunction();
205 v8Function->SetName(v8::Handle<v8::String>::Cast(key));
206 return v8Function;
207 }
208
209 return v8::Handle<v8::Value>();
210 }
211
npObjectNamedPropertyGetter(v8::Local<v8::String> name,const v8::AccessorInfo & info)212 v8::Handle<v8::Value> npObjectNamedPropertyGetter(v8::Local<v8::String> name, const v8::AccessorInfo& info)
213 {
214 NPIdentifier identifier = getStringIdentifier(name);
215 return npObjectGetProperty(info.Holder(), identifier, name);
216 }
217
npObjectIndexedPropertyGetter(uint32_t index,const v8::AccessorInfo & info)218 v8::Handle<v8::Value> npObjectIndexedPropertyGetter(uint32_t index, const v8::AccessorInfo& info)
219 {
220 NPIdentifier identifier = _NPN_GetIntIdentifier(index);
221 return npObjectGetProperty(info.Holder(), identifier, v8::Number::New(index));
222 }
223
npObjectGetNamedProperty(v8::Local<v8::Object> self,v8::Local<v8::String> name)224 v8::Handle<v8::Value> npObjectGetNamedProperty(v8::Local<v8::Object> self, v8::Local<v8::String> name)
225 {
226 NPIdentifier identifier = getStringIdentifier(name);
227 return npObjectGetProperty(self, identifier, name);
228 }
229
npObjectGetIndexedProperty(v8::Local<v8::Object> self,uint32_t index)230 v8::Handle<v8::Value> npObjectGetIndexedProperty(v8::Local<v8::Object> self, uint32_t index)
231 {
232 NPIdentifier identifier = _NPN_GetIntIdentifier(index);
233 return npObjectGetProperty(self, identifier, v8::Number::New(index));
234 }
235
npObjectSetProperty(v8::Local<v8::Object> self,NPIdentifier identifier,v8::Local<v8::Value> value)236 static v8::Handle<v8::Value> npObjectSetProperty(v8::Local<v8::Object> self, NPIdentifier identifier, v8::Local<v8::Value> value)
237 {
238 NPObject* npObject = v8ObjectToNPObject(self);
239
240 // Verify that our wrapper wasn't using a NPObject which has already been deleted.
241 if (!npObject || !_NPN_IsAlive(npObject)) {
242 throwError("NPObject deleted", V8Proxy::ReferenceError);
243 return value; // Intercepted, but an exception was thrown.
244 }
245
246 if (npObject->_class->hasProperty && npObject->_class->hasProperty(npObject, identifier)
247 && npObject->_class->setProperty) {
248
249 NPVariant npValue;
250 VOID_TO_NPVARIANT(npValue);
251 convertV8ObjectToNPVariant(value, npObject, &npValue);
252 bool success = npObject->_class->setProperty(npObject, identifier, &npValue);
253 _NPN_ReleaseVariantValue(&npValue);
254 if (success)
255 return value; // Intercept the call.
256 }
257 return notHandledByInterceptor();
258 }
259
260
npObjectNamedPropertySetter(v8::Local<v8::String> name,v8::Local<v8::Value> value,const v8::AccessorInfo & info)261 v8::Handle<v8::Value> npObjectNamedPropertySetter(v8::Local<v8::String> name, v8::Local<v8::Value> value, const v8::AccessorInfo& info)
262 {
263 NPIdentifier identifier = getStringIdentifier(name);
264 return npObjectSetProperty(info.Holder(), identifier, value);
265 }
266
267
npObjectIndexedPropertySetter(uint32_t index,v8::Local<v8::Value> value,const v8::AccessorInfo & info)268 v8::Handle<v8::Value> npObjectIndexedPropertySetter(uint32_t index, v8::Local<v8::Value> value, const v8::AccessorInfo& info)
269 {
270 NPIdentifier identifier = _NPN_GetIntIdentifier(index);
271 return npObjectSetProperty(info.Holder(), identifier, value);
272 }
273
npObjectSetNamedProperty(v8::Local<v8::Object> self,v8::Local<v8::String> name,v8::Local<v8::Value> value)274 v8::Handle<v8::Value> npObjectSetNamedProperty(v8::Local<v8::Object> self, v8::Local<v8::String> name, v8::Local<v8::Value> value)
275 {
276 NPIdentifier identifier = getStringIdentifier(name);
277 return npObjectSetProperty(self, identifier, value);
278 }
279
npObjectSetIndexedProperty(v8::Local<v8::Object> self,uint32_t index,v8::Local<v8::Value> value)280 v8::Handle<v8::Value> npObjectSetIndexedProperty(v8::Local<v8::Object> self, uint32_t index, v8::Local<v8::Value> value)
281 {
282 NPIdentifier identifier = _NPN_GetIntIdentifier(index);
283 return npObjectSetProperty(self, identifier, value);
284 }
285
npObjectPropertyEnumerator(const v8::AccessorInfo & info,bool namedProperty)286 v8::Handle<v8::Array> npObjectPropertyEnumerator(const v8::AccessorInfo& info, bool namedProperty)
287 {
288 NPObject* npObject = v8ObjectToNPObject(info.Holder());
289
290 // Verify that our wrapper wasn't using a NPObject which
291 // has already been deleted.
292 if (!npObject || !_NPN_IsAlive(npObject))
293 throwError("NPObject deleted", V8Proxy::ReferenceError);
294
295 if (NP_CLASS_STRUCT_VERSION_HAS_ENUM(npObject->_class) && npObject->_class->enumerate) {
296 uint32_t count;
297 NPIdentifier* identifiers;
298 if (npObject->_class->enumerate(npObject, &identifiers, &count)) {
299 v8::Handle<v8::Array> properties = v8::Array::New(count);
300 for (uint32_t i = 0; i < count; ++i) {
301 IdentifierRep* identifier = static_cast<IdentifierRep*>(identifiers[i]);
302 if (namedProperty)
303 properties->Set(v8::Integer::New(i), v8::String::New(identifier->string()));
304 else
305 properties->Set(v8::Integer::New(i), v8::Integer::New(identifier->number()));
306 }
307
308 return properties;
309 }
310 }
311
312 return v8::Handle<v8::Array>();
313 }
314
npObjectNamedPropertyEnumerator(const v8::AccessorInfo & info)315 v8::Handle<v8::Array> npObjectNamedPropertyEnumerator(const v8::AccessorInfo& info)
316 {
317 return npObjectPropertyEnumerator(info, true);
318 }
319
npObjectIndexedPropertyEnumerator(const v8::AccessorInfo & info)320 v8::Handle<v8::Array> npObjectIndexedPropertyEnumerator(const v8::AccessorInfo& info)
321 {
322 return npObjectPropertyEnumerator(info, false);
323 }
324
325 static void weakNPObjectCallback(v8::Persistent<v8::Value>, void* parameter);
326
327 static DOMWrapperMap<NPObject> staticNPObjectMap(&weakNPObjectCallback);
328
weakNPObjectCallback(v8::Persistent<v8::Value> object,void * parameter)329 static void weakNPObjectCallback(v8::Persistent<v8::Value> object, void* parameter)
330 {
331 NPObject* npObject = static_cast<NPObject*>(parameter);
332 ASSERT(staticNPObjectMap.contains(npObject));
333 ASSERT(npObject);
334
335 // Must remove from our map before calling _NPN_ReleaseObject(). _NPN_ReleaseObject can call ForgetV8ObjectForNPObject, which
336 // uses the table as well.
337 staticNPObjectMap.forget(npObject);
338
339 if (_NPN_IsAlive(npObject))
340 _NPN_ReleaseObject(npObject);
341 }
342
343
createV8ObjectForNPObject(NPObject * object,NPObject * root)344 v8::Local<v8::Object> createV8ObjectForNPObject(NPObject* object, NPObject* root)
345 {
346 static v8::Persistent<v8::FunctionTemplate> npObjectDesc;
347
348 ASSERT(v8::Context::InContext());
349
350 // If this is a v8 object, just return it.
351 if (object->_class == npScriptObjectClass) {
352 V8NPObject* v8NPObject = reinterpret_cast<V8NPObject*>(object);
353 return v8::Local<v8::Object>::New(v8NPObject->v8Object);
354 }
355
356 // If we've already wrapped this object, just return it.
357 if (staticNPObjectMap.contains(object))
358 return v8::Local<v8::Object>::New(staticNPObjectMap.get(object));
359
360 // FIXME: we should create a Wrapper type as a subclass of JSObject. It has two internal fields, field 0 is the wrapped
361 // pointer, and field 1 is the type. There should be an api function that returns unused type id. The same Wrapper type
362 // can be used by DOM bindings.
363 if (npObjectDesc.IsEmpty()) {
364 npObjectDesc = v8::Persistent<v8::FunctionTemplate>::New(v8::FunctionTemplate::New());
365 npObjectDesc->InstanceTemplate()->SetInternalFieldCount(npObjectInternalFieldCount);
366 npObjectDesc->InstanceTemplate()->SetNamedPropertyHandler(npObjectNamedPropertyGetter, npObjectNamedPropertySetter, 0, 0, npObjectNamedPropertyEnumerator);
367 npObjectDesc->InstanceTemplate()->SetIndexedPropertyHandler(npObjectIndexedPropertyGetter, npObjectIndexedPropertySetter, 0, 0, npObjectIndexedPropertyEnumerator);
368 npObjectDesc->InstanceTemplate()->SetCallAsFunctionHandler(npObjectInvokeDefaultHandler);
369 }
370
371 v8::Handle<v8::Function> v8Function = npObjectDesc->GetFunction();
372 v8::Local<v8::Object> value = SafeAllocation::newInstance(v8Function);
373
374 // If we were unable to allocate the instance, we avoid wrapping and registering the NP object.
375 if (value.IsEmpty())
376 return value;
377
378 wrapNPObject(value, object);
379
380 // KJS retains the object as part of its wrapper (see Bindings::CInstance).
381 _NPN_RetainObject(object);
382
383 _NPN_RegisterObject(object, root);
384
385 // Maintain a weak pointer for v8 so we can cleanup the object.
386 v8::Persistent<v8::Object> weakRef = v8::Persistent<v8::Object>::New(value);
387 staticNPObjectMap.set(object, weakRef);
388
389 return value;
390 }
391
forgetV8ObjectForNPObject(NPObject * object)392 void forgetV8ObjectForNPObject(NPObject* object)
393 {
394 if (staticNPObjectMap.contains(object)) {
395 v8::HandleScope scope;
396 v8::Persistent<v8::Object> handle(staticNPObjectMap.get(object));
397 V8DOMWrapper::setDOMWrapper(handle, WebCore::V8ClassIndex::NPOBJECT, 0);
398 staticNPObjectMap.forget(object);
399 _NPN_ReleaseObject(object);
400 }
401 }
402