1 /* 2 * Copyright (C) 2008, 2009 Google Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are 6 * met: 7 * 8 * * Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * * Redistributions in binary form must reproduce the above 11 * copyright notice, this list of conditions and the following disclaimer 12 * in the documentation and/or other materials provided with the 13 * distribution. 14 * * Neither the name of Google Inc. nor the names of its 15 * contributors may be used to endorse or promote products derived from 16 * this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31 #ifndef ScriptController_h 32 #define ScriptController_h 33 34 #include "bindings/v8/ScriptValue.h" 35 #include "bindings/v8/SharedPersistent.h" 36 37 #include "core/fetch/CrossOriginAccessControl.h" 38 #include "wtf/Forward.h" 39 #include "wtf/HashMap.h" 40 #include "wtf/RefCounted.h" 41 #include "wtf/Vector.h" 42 #include "wtf/text/TextPosition.h" 43 #include <v8.h> 44 45 struct NPObject; 46 47 namespace WebCore { 48 49 class DOMWrapperWorld; 50 class ExecutionContext; 51 class Event; 52 class Frame; 53 class HTMLDocument; 54 class HTMLPlugInElement; 55 class KURL; 56 class ScriptSourceCode; 57 class ScriptState; 58 class SecurityOrigin; 59 class V8WindowShell; 60 class Widget; 61 62 typedef WTF::Vector<v8::Extension*> V8Extensions; 63 64 enum ReasonForCallingCanExecuteScripts { 65 AboutToExecuteScript, 66 NotAboutToExecuteScript 67 }; 68 69 class ScriptController { 70 public: 71 enum ExecuteScriptPolicy { 72 ExecuteScriptWhenScriptsDisabled, 73 DoNotExecuteScriptWhenScriptsDisabled 74 }; 75 76 ScriptController(Frame*); 77 ~ScriptController(); 78 79 bool initializeMainWorld(); 80 V8WindowShell* windowShell(DOMWrapperWorld*); 81 V8WindowShell* existingWindowShell(DOMWrapperWorld*); 82 83 // Evaluate JavaScript in the main world. 84 void executeScriptInMainWorld(const String&, ExecuteScriptPolicy = DoNotExecuteScriptWhenScriptsDisabled); 85 void executeScriptInMainWorld(const ScriptSourceCode&, AccessControlStatus = NotSharableCrossOrigin); 86 ScriptValue executeScriptInMainWorldAndReturnValue(const ScriptSourceCode&); 87 v8::Local<v8::Value> executeScriptAndReturnValue(v8::Handle<v8::Context>, const ScriptSourceCode&, AccessControlStatus = NotSharableCrossOrigin); 88 89 // Executes JavaScript in an isolated world. The script gets its own global scope, 90 // its own prototypes for intrinsic JavaScript objects (String, Array, and so-on), 91 // and its own wrappers for all DOM nodes and DOM constructors. 92 // 93 // If an isolated world with the specified ID already exists, it is reused. 94 // Otherwise, a new world is created. 95 // 96 // FIXME: Get rid of extensionGroup here. 97 void executeScriptInIsolatedWorld(int worldID, const Vector<ScriptSourceCode>& sources, int extensionGroup, Vector<ScriptValue>* results); 98 99 // Returns true if argument is a JavaScript URL. 100 bool executeScriptIfJavaScriptURL(const KURL&); 101 102 v8::Local<v8::Value> callFunction(v8::Handle<v8::Function>, v8::Handle<v8::Object>, int argc, v8::Handle<v8::Value> argv[]); 103 static v8::Local<v8::Value> callFunction(ExecutionContext*, v8::Handle<v8::Function>, v8::Handle<v8::Object> receiver, int argc, v8::Handle<v8::Value> info[], v8::Isolate*); 104 105 // Returns true if the current world is isolated, and has its own Content 106 // Security Policy. In this case, the policy of the main world should be 107 // ignored when evaluating resources injected into the DOM. 108 bool shouldBypassMainWorldContentSecurityPolicy(); 109 110 // Creates a property of the global object of a frame. 111 void bindToWindowObject(Frame*, const String& key, NPObject*); 112 113 PassRefPtr<SharedPersistent<v8::Object> > createPluginWrapper(Widget*); 114 115 void enableEval(); 116 void disableEval(const String& errorMessage); 117 118 static bool canAccessFromCurrentOrigin(Frame*); 119 120 static void setCaptureCallStackForUncaughtExceptions(bool); 121 void collectIsolatedContexts(Vector<std::pair<ScriptState*, SecurityOrigin*> >&); 122 123 bool canExecuteScripts(ReasonForCallingCanExecuteScripts); 124 125 // Returns V8 Context. If none exists, creates a new context. 126 // It is potentially slow and consumes memory. 127 static v8::Local<v8::Context> mainWorldContext(Frame*); 128 v8::Local<v8::Context> mainWorldContext(); 129 v8::Local<v8::Context> currentWorldContext(); 130 131 TextPosition eventHandlerPosition() const; 132 sourceURL()133 const String* sourceURL() const { return m_sourceURL; } // 0 if we are not evaluating any script. 134 135 void clearWindowShell(); 136 void updateDocument(); 137 138 void namedItemAdded(HTMLDocument*, const AtomicString&); 139 void namedItemRemoved(HTMLDocument*, const AtomicString&); 140 141 void updateSecurityOrigin(); 142 void clearScriptObjects(); 143 void cleanupScriptObjectsForPlugin(Widget*); 144 145 void clearForClose(); 146 void clearForOutOfMemory(); 147 148 NPObject* createScriptObjectForPluginElement(HTMLPlugInElement*); 149 NPObject* windowScriptNPObject(); 150 151 // Registers a v8 extension to be available on webpages. Will only 152 // affect v8 contexts initialized after this call. Takes ownership of 153 // the v8::Extension object passed. 154 static void registerExtensionIfNeeded(v8::Extension*); 155 static V8Extensions& registeredExtensions(); 156 157 bool setContextDebugId(int); 158 static int contextDebugId(v8::Handle<v8::Context>); 159 isolate()160 v8::Isolate* isolate() const { return m_isolate; } 161 162 private: 163 typedef HashMap<int, OwnPtr<V8WindowShell> > IsolatedWorldMap; 164 typedef HashMap<Widget*, NPObject*> PluginObjectMap; 165 166 ScriptValue evaluateScriptInMainWorld(const ScriptSourceCode&, AccessControlStatus, ExecuteScriptPolicy); 167 void clearForClose(bool destroyGlobal); 168 169 Frame* m_frame; 170 const String* m_sourceURL; 171 v8::Isolate* m_isolate; 172 173 OwnPtr<V8WindowShell> m_windowShell; 174 IsolatedWorldMap m_isolatedWorlds; 175 176 // A mapping between Widgets and their corresponding script object. 177 // This list is used so that when the plugin dies, we can immediately 178 // invalidate all sub-objects which are associated with that plugin. 179 // The frame keeps a NPObject reference for each item on the list. 180 PluginObjectMap m_pluginObjects; 181 182 NPObject* m_windowScriptNPObject; 183 }; 184 185 } // namespace WebCore 186 187 #endif // ScriptController_h 188