1 /*
2 * Copyright (C) 2009 Google Inc. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are
6 * met:
7 *
8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above
11 * copyright notice, this list of conditions and the following disclaimer
12 * in the documentation and/or other materials provided with the
13 * distribution.
14 * * Neither the name of Google Inc. nor the names of its
15 * contributors may be used to endorse or promote products derived from
16 * this software without specific prior written permission.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 */
30
31 #include "config.h"
32 #include "ScriptEventListener.h"
33
34 #include "Attribute.h"
35 #include "Document.h"
36 #include "EventListener.h"
37 #include "JSNode.h"
38 #include "Frame.h"
39 #include "XSSAuditor.h"
40 #include <runtime/JSLock.h>
41
42 using namespace JSC;
43
44 namespace WebCore {
45
eventParameterName(bool isSVGEvent)46 static const String& eventParameterName(bool isSVGEvent)
47 {
48 DEFINE_STATIC_LOCAL(const String, eventString, ("event"));
49 DEFINE_STATIC_LOCAL(const String, evtString, ("evt"));
50 return isSVGEvent ? evtString : eventString;
51 }
52
createAttributeEventListener(Node * node,Attribute * attr)53 PassRefPtr<JSLazyEventListener> createAttributeEventListener(Node* node, Attribute* attr)
54 {
55 ASSERT(node);
56 ASSERT(attr);
57 if (attr->isNull())
58 return 0;
59
60 int lineNumber = 1;
61 String sourceURL;
62 JSObject* wrapper = 0;
63
64 // FIXME: We should be able to provide accurate source information for frameless documents, too (e.g. for importing nodes from XMLHttpRequest.responseXML).
65 if (Frame* frame = node->document()->frame()) {
66 ScriptController* scriptController = frame->script();
67 if (!scriptController->canExecuteScripts())
68 return 0;
69
70 if (!scriptController->xssAuditor()->canCreateInlineEventListener(attr->localName().string(), attr->value())) {
71 // This script is not safe to execute.
72 return 0;
73 }
74
75 lineNumber = scriptController->eventHandlerLineNumber();
76 sourceURL = node->document()->url().string();
77
78 JSC::JSLock lock(SilenceAssertionsOnly);
79 JSDOMGlobalObject* globalObject = toJSDOMGlobalObject(node->document(), mainThreadNormalWorld());
80 wrapper = asObject(toJS(globalObject->globalExec(), globalObject, node));
81 }
82
83 return JSLazyEventListener::create(attr->localName().string(), eventParameterName(node->isSVGElement()), attr->value(), node, sourceURL, lineNumber, wrapper, mainThreadNormalWorld());
84 }
85
createAttributeEventListener(Frame * frame,Attribute * attr)86 PassRefPtr<JSLazyEventListener> createAttributeEventListener(Frame* frame, Attribute* attr)
87 {
88 if (!frame)
89 return 0;
90
91 ASSERT(attr);
92 if (attr->isNull())
93 return 0;
94
95 int lineNumber = 1;
96 String sourceURL;
97
98 ScriptController* scriptController = frame->script();
99 if (!scriptController->canExecuteScripts())
100 return 0;
101
102 if (!scriptController->xssAuditor()->canCreateInlineEventListener(attr->localName().string(), attr->value())) {
103 // This script is not safe to execute.
104 return 0;
105 }
106
107 lineNumber = scriptController->eventHandlerLineNumber();
108 sourceURL = frame->document()->url().string();
109 JSObject* wrapper = toJSDOMWindow(frame, mainThreadNormalWorld());
110 return JSLazyEventListener::create(attr->localName().string(), eventParameterName(frame->document()->isSVGDocument()), attr->value(), 0, sourceURL, lineNumber, wrapper, mainThreadNormalWorld());
111 }
112
getEventListenerHandlerBody(ScriptExecutionContext * context,ScriptState * scriptState,EventListener * eventListener)113 String getEventListenerHandlerBody(ScriptExecutionContext* context, ScriptState* scriptState, EventListener* eventListener)
114 {
115 const JSEventListener* jsListener = JSEventListener::cast(eventListener);
116 if (!jsListener)
117 return "";
118 JSC::JSObject* jsFunction = jsListener->jsFunction(context);
119 if (!jsFunction)
120 return "";
121 return jsFunction->toString(scriptState);
122 }
123
124 } // namespace WebCore
125