• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2008, 2009 Google Inc. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions are
6  * met:
7  *
8  *     * Redistributions of source code must retain the above copyright
9  * notice, this list of conditions and the following disclaimer.
10  *     * Redistributions in binary form must reproduce the above
11  * copyright notice, this list of conditions and the following disclaimer
12  * in the documentation and/or other materials provided with the
13  * distribution.
14  *     * Neither the name of Google Inc. nor the names of its
15  * contributors may be used to endorse or promote products derived from
16  * this software without specific prior written permission.
17  *
18  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29  */
30 
31 #ifndef ScriptController_h
32 #define ScriptController_h
33 
34 #include "bindings/v8/ScriptValue.h"
35 #include "bindings/v8/SharedPersistent.h"
36 
37 #include "core/fetch/CrossOriginAccessControl.h"
38 #include "wtf/Forward.h"
39 #include "wtf/HashMap.h"
40 #include "wtf/RefCounted.h"
41 #include "wtf/Vector.h"
42 #include "wtf/text/TextPosition.h"
43 #include <v8.h>
44 
45 struct NPObject;
46 
47 namespace WebCore {
48 
49 class DOMWrapperWorld;
50 class ExecutionContext;
51 class Event;
52 class Frame;
53 class HTMLDocument;
54 class HTMLPlugInElement;
55 class KURL;
56 class ScriptSourceCode;
57 class ScriptState;
58 class SecurityOrigin;
59 class V8WindowShell;
60 class Widget;
61 
62 typedef WTF::Vector<v8::Extension*> V8Extensions;
63 
64 enum ReasonForCallingCanExecuteScripts {
65     AboutToExecuteScript,
66     NotAboutToExecuteScript
67 };
68 
69 class ScriptController {
70 public:
71     enum ExecuteScriptPolicy {
72         ExecuteScriptWhenScriptsDisabled,
73         DoNotExecuteScriptWhenScriptsDisabled
74     };
75 
76     ScriptController(Frame*);
77     ~ScriptController();
78 
79     bool initializeMainWorld();
80     V8WindowShell* windowShell(DOMWrapperWorld*);
81     V8WindowShell* existingWindowShell(DOMWrapperWorld*);
82 
83     // Evaluate JavaScript in the main world.
84     void executeScriptInMainWorld(const String&, ExecuteScriptPolicy = DoNotExecuteScriptWhenScriptsDisabled);
85     void executeScriptInMainWorld(const ScriptSourceCode&, AccessControlStatus = NotSharableCrossOrigin);
86     ScriptValue executeScriptInMainWorldAndReturnValue(const ScriptSourceCode&);
87     v8::Local<v8::Value> executeScriptAndReturnValue(v8::Handle<v8::Context>, const ScriptSourceCode&, AccessControlStatus = NotSharableCrossOrigin);
88 
89     // Executes JavaScript in an isolated world. The script gets its own global scope,
90     // its own prototypes for intrinsic JavaScript objects (String, Array, and so-on),
91     // and its own wrappers for all DOM nodes and DOM constructors.
92     //
93     // If an isolated world with the specified ID already exists, it is reused.
94     // Otherwise, a new world is created.
95     //
96     // FIXME: Get rid of extensionGroup here.
97     void executeScriptInIsolatedWorld(int worldID, const Vector<ScriptSourceCode>& sources, int extensionGroup, Vector<ScriptValue>* results);
98 
99     // Returns true if argument is a JavaScript URL.
100     bool executeScriptIfJavaScriptURL(const KURL&);
101 
102     v8::Local<v8::Value> callFunction(v8::Handle<v8::Function>, v8::Handle<v8::Object>, int argc, v8::Handle<v8::Value> argv[]);
103     static v8::Local<v8::Value> callFunction(ExecutionContext*, v8::Handle<v8::Function>, v8::Handle<v8::Object> receiver, int argc, v8::Handle<v8::Value> info[], v8::Isolate*);
104 
105     // Returns true if the current world is isolated, and has its own Content
106     // Security Policy. In this case, the policy of the main world should be
107     // ignored when evaluating resources injected into the DOM.
108     bool shouldBypassMainWorldContentSecurityPolicy();
109 
110     // Creates a property of the global object of a frame.
111     void bindToWindowObject(Frame*, const String& key, NPObject*);
112 
113     PassRefPtr<SharedPersistent<v8::Object> > createPluginWrapper(Widget*);
114 
115     void enableEval();
116     void disableEval(const String& errorMessage);
117 
118     static bool canAccessFromCurrentOrigin(Frame*);
119 
120     static void setCaptureCallStackForUncaughtExceptions(bool);
121     void collectIsolatedContexts(Vector<std::pair<ScriptState*, SecurityOrigin*> >&);
122 
123     bool canExecuteScripts(ReasonForCallingCanExecuteScripts);
124 
125     // Returns V8 Context. If none exists, creates a new context.
126     // It is potentially slow and consumes memory.
127     static v8::Local<v8::Context> mainWorldContext(Frame*);
128     v8::Local<v8::Context> mainWorldContext();
129     v8::Local<v8::Context> currentWorldContext();
130 
131     TextPosition eventHandlerPosition() const;
132 
sourceURL()133     const String* sourceURL() const { return m_sourceURL; } // 0 if we are not evaluating any script.
134 
135     void clearWindowShell();
136     void updateDocument();
137 
138     void namedItemAdded(HTMLDocument*, const AtomicString&);
139     void namedItemRemoved(HTMLDocument*, const AtomicString&);
140 
141     void updateSecurityOrigin();
142     void clearScriptObjects();
143     void cleanupScriptObjectsForPlugin(Widget*);
144 
145     void clearForClose();
146     void clearForOutOfMemory();
147 
148     NPObject* createScriptObjectForPluginElement(HTMLPlugInElement*);
149     NPObject* windowScriptNPObject();
150 
151     // Registers a v8 extension to be available on webpages. Will only
152     // affect v8 contexts initialized after this call. Takes ownership of
153     // the v8::Extension object passed.
154     static void registerExtensionIfNeeded(v8::Extension*);
155     static V8Extensions& registeredExtensions();
156 
157     bool setContextDebugId(int);
158     static int contextDebugId(v8::Handle<v8::Context>);
159 
isolate()160     v8::Isolate* isolate() const { return m_isolate; }
161 
162 private:
163     typedef HashMap<int, OwnPtr<V8WindowShell> > IsolatedWorldMap;
164     typedef HashMap<Widget*, NPObject*> PluginObjectMap;
165 
166     ScriptValue evaluateScriptInMainWorld(const ScriptSourceCode&, AccessControlStatus, ExecuteScriptPolicy);
167     void clearForClose(bool destroyGlobal);
168 
169     Frame* m_frame;
170     const String* m_sourceURL;
171     v8::Isolate* m_isolate;
172 
173     OwnPtr<V8WindowShell> m_windowShell;
174     IsolatedWorldMap m_isolatedWorlds;
175 
176     // A mapping between Widgets and their corresponding script object.
177     // This list is used so that when the plugin dies, we can immediately
178     // invalidate all sub-objects which are associated with that plugin.
179     // The frame keeps a NPObject reference for each item on the list.
180     PluginObjectMap m_pluginObjects;
181 
182     NPObject* m_windowScriptNPObject;
183 };
184 
185 } // namespace WebCore
186 
187 #endif // ScriptController_h
188