1 /*
2 * Copyright (C) 2008, 2009 Google Inc. All rights reserved.
3 * Copyright (C) 2009 Apple Inc. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are
7 * met:
8 *
9 * * Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * * Redistributions in binary form must reproduce the above
12 * copyright notice, this list of conditions and the following disclaimer
13 * in the documentation and/or other materials provided with the
14 * distribution.
15 * * Neither the name of Google Inc. nor the names of its
16 * contributors may be used to endorse or promote products derived from
17 * this software without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
22 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
23 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
24 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
25 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
26 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
27 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 */
31
32 #include "config.h"
33 #include "bindings/v8/ScriptController.h"
34
35 #include "V8Event.h"
36 #include "V8HTMLElement.h"
37 #include "V8Window.h"
38 #include "bindings/v8/BindingSecurity.h"
39 #include "bindings/v8/NPV8Object.h"
40 #include "bindings/v8/ScriptCallStackFactory.h"
41 #include "bindings/v8/ScriptSourceCode.h"
42 #include "bindings/v8/ScriptValue.h"
43 #include "bindings/v8/V8Binding.h"
44 #include "bindings/v8/V8GCController.h"
45 #include "bindings/v8/V8HiddenPropertyName.h"
46 #include "bindings/v8/V8NPObject.h"
47 #include "bindings/v8/V8PerContextData.h"
48 #include "bindings/v8/V8ScriptRunner.h"
49 #include "bindings/v8/V8WindowShell.h"
50 #include "bindings/v8/npruntime_impl.h"
51 #include "bindings/v8/npruntime_priv.h"
52 #include "core/dom/Document.h"
53 #include "core/dom/Node.h"
54 #include "core/dom/ScriptableDocumentParser.h"
55 #include "core/events/Event.h"
56 #include "core/events/EventListener.h"
57 #include "core/events/ThreadLocalEventNames.h"
58 #include "core/html/HTMLPlugInElement.h"
59 #include "core/inspector/InspectorInstrumentation.h"
60 #include "core/inspector/ScriptCallStack.h"
61 #include "core/loader/DocumentLoader.h"
62 #include "core/loader/FrameLoader.h"
63 #include "core/loader/FrameLoaderClient.h"
64 #include "core/frame/ContentSecurityPolicy.h"
65 #include "core/frame/DOMWindow.h"
66 #include "core/frame/Frame.h"
67 #include "core/frame/Settings.h"
68 #include "core/plugins/PluginView.h"
69 #include "platform/NotImplemented.h"
70 #include "platform/TraceEvent.h"
71 #include "platform/UserGestureIndicator.h"
72 #include "platform/Widget.h"
73 #include "platform/weborigin/SecurityOrigin.h"
74 #include "public/platform/Platform.h"
75 #include "wtf/CurrentTime.h"
76 #include "wtf/StdLibExtras.h"
77 #include "wtf/StringExtras.h"
78 #include "wtf/text/CString.h"
79 #include "wtf/text/StringBuilder.h"
80 #include "wtf/text/TextPosition.h"
81
82 namespace WebCore {
83
canAccessFromCurrentOrigin(Frame * frame)84 bool ScriptController::canAccessFromCurrentOrigin(Frame *frame)
85 {
86 return !v8::Isolate::GetCurrent()->InContext() || BindingSecurity::shouldAllowAccessToFrame(frame);
87 }
88
ScriptController(Frame * frame)89 ScriptController::ScriptController(Frame* frame)
90 : m_frame(frame)
91 , m_sourceURL(0)
92 , m_isolate(v8::Isolate::GetCurrent())
93 , m_windowShell(V8WindowShell::create(frame, mainThreadNormalWorld(), m_isolate))
94 , m_windowScriptNPObject(0)
95 {
96 }
97
~ScriptController()98 ScriptController::~ScriptController()
99 {
100 clearForClose(true);
101 }
102
clearScriptObjects()103 void ScriptController::clearScriptObjects()
104 {
105 PluginObjectMap::iterator it = m_pluginObjects.begin();
106 for (; it != m_pluginObjects.end(); ++it) {
107 _NPN_UnregisterObject(it->value);
108 _NPN_ReleaseObject(it->value);
109 }
110 m_pluginObjects.clear();
111
112 if (m_windowScriptNPObject) {
113 // Dispose of the underlying V8 object before releasing our reference
114 // to it, so that if a plugin fails to release it properly we will
115 // only leak the NPObject wrapper, not the object, its document, or
116 // anything else they reference.
117 disposeUnderlyingV8Object(m_windowScriptNPObject, m_isolate);
118 _NPN_ReleaseObject(m_windowScriptNPObject);
119 m_windowScriptNPObject = 0;
120 }
121 }
122
clearForOutOfMemory()123 void ScriptController::clearForOutOfMemory()
124 {
125 clearForClose(true);
126 }
127
clearForClose(bool destroyGlobal)128 void ScriptController::clearForClose(bool destroyGlobal)
129 {
130 m_windowShell->clearForClose(destroyGlobal);
131 for (IsolatedWorldMap::iterator iter = m_isolatedWorlds.begin(); iter != m_isolatedWorlds.end(); ++iter)
132 iter->value->clearForClose(destroyGlobal);
133 V8GCController::hintForCollectGarbage();
134 }
135
clearForClose()136 void ScriptController::clearForClose()
137 {
138 double start = currentTime();
139 clearForClose(false);
140 blink::Platform::current()->histogramCustomCounts("WebCore.ScriptController.clearForClose", (currentTime() - start) * 1000, 0, 10000, 50);
141 }
142
updateSecurityOrigin()143 void ScriptController::updateSecurityOrigin()
144 {
145 m_windowShell->updateSecurityOrigin();
146 }
147
callFunction(v8::Handle<v8::Function> function,v8::Handle<v8::Object> receiver,int argc,v8::Handle<v8::Value> info[])148 v8::Local<v8::Value> ScriptController::callFunction(v8::Handle<v8::Function> function, v8::Handle<v8::Object> receiver, int argc, v8::Handle<v8::Value> info[])
149 {
150 // Keep Frame (and therefore ScriptController) alive.
151 RefPtr<Frame> protect(m_frame);
152 return ScriptController::callFunction(m_frame->document(), function, receiver, argc, info, m_isolate);
153 }
154
resourceInfo(const v8::Handle<v8::Function> function,String & resourceName,int & lineNumber)155 static bool resourceInfo(const v8::Handle<v8::Function> function, String& resourceName, int& lineNumber)
156 {
157 v8::ScriptOrigin origin = function->GetScriptOrigin();
158 if (origin.ResourceName().IsEmpty()) {
159 resourceName = "undefined";
160 lineNumber = 1;
161 } else {
162 V8TRYCATCH_FOR_V8STRINGRESOURCE_RETURN(V8StringResource<>, stringResourceName, origin.ResourceName(), false);
163 resourceName = stringResourceName;
164 lineNumber = function->GetScriptLineNumber() + 1;
165 }
166 return true;
167 }
168
callFunction(ExecutionContext * context,v8::Handle<v8::Function> function,v8::Handle<v8::Object> receiver,int argc,v8::Handle<v8::Value> info[],v8::Isolate * isolate)169 v8::Local<v8::Value> ScriptController::callFunction(ExecutionContext* context, v8::Handle<v8::Function> function, v8::Handle<v8::Object> receiver, int argc, v8::Handle<v8::Value> info[], v8::Isolate* isolate)
170 {
171 InspectorInstrumentationCookie cookie;
172 if (InspectorInstrumentation::timelineAgentEnabled(context)) {
173 String resourceName;
174 int lineNumber;
175 if (!resourceInfo(function, resourceName, lineNumber))
176 return v8::Local<v8::Value>();
177 cookie = InspectorInstrumentation::willCallFunction(context, resourceName, lineNumber);
178 }
179
180 v8::Local<v8::Value> result = V8ScriptRunner::callFunction(function, context, receiver, argc, info, isolate);
181
182 InspectorInstrumentation::didCallFunction(cookie);
183 return result;
184 }
185
executeScriptAndReturnValue(v8::Handle<v8::Context> context,const ScriptSourceCode & source,AccessControlStatus corsStatus)186 v8::Local<v8::Value> ScriptController::executeScriptAndReturnValue(v8::Handle<v8::Context> context, const ScriptSourceCode& source, AccessControlStatus corsStatus)
187 {
188 v8::Context::Scope scope(context);
189
190 InspectorInstrumentationCookie cookie = InspectorInstrumentation::willEvaluateScript(m_frame, source.url().isNull() ? String() : source.url().string(), source.startLine());
191
192 v8::Local<v8::Value> result;
193 {
194 // Isolate exceptions that occur when compiling and executing
195 // the code. These exceptions should not interfere with
196 // javascript code we might evaluate from C++ when returning
197 // from here.
198 v8::TryCatch tryCatch;
199 tryCatch.SetVerbose(true);
200
201 v8::Handle<v8::String> code = v8String(m_isolate, source.source());
202 OwnPtr<v8::ScriptData> scriptData = V8ScriptRunner::precompileScript(code, source.resource());
203
204 // NOTE: For compatibility with WebCore, ScriptSourceCode's line starts at
205 // 1, whereas v8 starts at 0.
206 v8::Handle<v8::Script> script = V8ScriptRunner::compileScript(code, source.url(), source.startPosition(), scriptData.get(), m_isolate, corsStatus);
207
208 // Keep Frame (and therefore ScriptController) alive.
209 RefPtr<Frame> protect(m_frame);
210 result = V8ScriptRunner::runCompiledScript(script, m_frame->document(), m_isolate);
211 ASSERT(!tryCatch.HasCaught() || result.IsEmpty());
212 }
213
214 InspectorInstrumentation::didEvaluateScript(cookie);
215
216 return result;
217 }
218
initializeMainWorld()219 bool ScriptController::initializeMainWorld()
220 {
221 if (m_windowShell->isContextInitialized())
222 return false;
223 return windowShell(mainThreadNormalWorld())->isContextInitialized();
224 }
225
existingWindowShell(DOMWrapperWorld * world)226 V8WindowShell* ScriptController::existingWindowShell(DOMWrapperWorld* world)
227 {
228 ASSERT(world);
229
230 if (world->isMainWorld())
231 return m_windowShell->isContextInitialized() ? m_windowShell.get() : 0;
232
233 // FIXME: Remove this block. See comment with existingWindowShellWorkaroundWorld().
234 if (world == existingWindowShellWorkaroundWorld())
235 return m_windowShell.get();
236
237 IsolatedWorldMap::iterator iter = m_isolatedWorlds.find(world->worldId());
238 if (iter == m_isolatedWorlds.end())
239 return 0;
240 return iter->value->isContextInitialized() ? iter->value.get() : 0;
241 }
242
windowShell(DOMWrapperWorld * world)243 V8WindowShell* ScriptController::windowShell(DOMWrapperWorld* world)
244 {
245 ASSERT(world);
246
247 V8WindowShell* shell = 0;
248 if (world->isMainWorld())
249 shell = m_windowShell.get();
250 else {
251 IsolatedWorldMap::iterator iter = m_isolatedWorlds.find(world->worldId());
252 if (iter != m_isolatedWorlds.end())
253 shell = iter->value.get();
254 else {
255 OwnPtr<V8WindowShell> isolatedWorldShell = V8WindowShell::create(m_frame, world, m_isolate);
256 shell = isolatedWorldShell.get();
257 m_isolatedWorlds.set(world->worldId(), isolatedWorldShell.release());
258 }
259 }
260 if (!shell->isContextInitialized() && shell->initializeIfNeeded()) {
261 if (world->isMainWorld()) {
262 // FIXME: Remove this if clause. See comment with existingWindowShellWorkaroundWorld().
263 m_frame->loader().dispatchDidClearWindowObjectInWorld(existingWindowShellWorkaroundWorld());
264 } else {
265 m_frame->loader().dispatchDidClearWindowObjectInWorld(world);
266 }
267 }
268 return shell;
269 }
270
shouldBypassMainWorldContentSecurityPolicy()271 bool ScriptController::shouldBypassMainWorldContentSecurityPolicy()
272 {
273 if (DOMWrapperWorld* world = isolatedWorldForEnteredContext(m_isolate))
274 return world->isolatedWorldHasContentSecurityPolicy();
275 return false;
276 }
277
eventHandlerPosition() const278 TextPosition ScriptController::eventHandlerPosition() const
279 {
280 ScriptableDocumentParser* parser = m_frame->document()->scriptableDocumentParser();
281 if (parser)
282 return parser->textPosition();
283 return TextPosition::minimumPosition();
284 }
285
contextForWorld(ScriptController & scriptController,DOMWrapperWorld * world)286 static inline v8::Local<v8::Context> contextForWorld(ScriptController& scriptController, DOMWrapperWorld* world)
287 {
288 return scriptController.windowShell(world)->context();
289 }
290
currentWorldContext()291 v8::Local<v8::Context> ScriptController::currentWorldContext()
292 {
293 if (!isolate()->InContext())
294 return contextForWorld(*this, mainThreadNormalWorld());
295
296 v8::Handle<v8::Context> context = isolate()->GetEnteredContext();
297 DOMWrapperWorld* isolatedWorld = DOMWrapperWorld::isolatedWorld(context);
298 if (!isolatedWorld)
299 return contextForWorld(*this, mainThreadNormalWorld());
300
301 Frame* frame = toFrameIfNotDetached(context);
302 if (m_frame == frame)
303 return v8::Local<v8::Context>::New(m_isolate, context);
304
305 return contextForWorld(*this, isolatedWorld);
306 }
307
mainWorldContext()308 v8::Local<v8::Context> ScriptController::mainWorldContext()
309 {
310 return contextForWorld(*this, mainThreadNormalWorld());
311 }
312
mainWorldContext(Frame * frame)313 v8::Local<v8::Context> ScriptController::mainWorldContext(Frame* frame)
314 {
315 if (!frame)
316 return v8::Local<v8::Context>();
317
318 return contextForWorld(frame->script(), mainThreadNormalWorld());
319 }
320
321 // Create a V8 object with an interceptor of NPObjectPropertyGetter.
bindToWindowObject(Frame * frame,const String & key,NPObject * object)322 void ScriptController::bindToWindowObject(Frame* frame, const String& key, NPObject* object)
323 {
324 v8::HandleScope handleScope(m_isolate);
325
326 v8::Handle<v8::Context> v8Context = ScriptController::mainWorldContext(frame);
327 if (v8Context.IsEmpty())
328 return;
329
330 v8::Context::Scope scope(v8Context);
331
332 v8::Handle<v8::Object> value = createV8ObjectForNPObject(object, 0, m_isolate);
333
334 // Attach to the global object.
335 v8::Handle<v8::Object> global = v8Context->Global();
336 global->Set(v8String(m_isolate, key), value);
337 }
338
enableEval()339 void ScriptController::enableEval()
340 {
341 if (!m_windowShell->isContextInitialized())
342 return;
343 v8::HandleScope handleScope(m_isolate);
344 m_windowShell->context()->AllowCodeGenerationFromStrings(true);
345 }
346
disableEval(const String & errorMessage)347 void ScriptController::disableEval(const String& errorMessage)
348 {
349 if (!m_windowShell->isContextInitialized())
350 return;
351 v8::HandleScope handleScope(m_isolate);
352 v8::Local<v8::Context> v8Context = m_windowShell->context();
353 v8Context->AllowCodeGenerationFromStrings(false);
354 v8Context->SetErrorMessageForCodeGenerationFromStrings(v8String(m_isolate, errorMessage));
355 }
356
createPluginWrapper(Widget * widget)357 PassRefPtr<SharedPersistent<v8::Object> > ScriptController::createPluginWrapper(Widget* widget)
358 {
359 ASSERT(widget);
360
361 if (!widget->isPluginView())
362 return 0;
363
364 NPObject* npObject = toPluginView(widget)->scriptableObject();
365 if (!npObject)
366 return 0;
367
368 // Frame Memory Management for NPObjects
369 // -------------------------------------
370 // NPObjects are treated differently than other objects wrapped by JS.
371 // NPObjects can be created either by the browser (e.g. the main
372 // window object) or by the plugin (the main plugin object
373 // for a HTMLEmbedElement). Further, unlike most DOM Objects, the frame
374 // is especially careful to ensure NPObjects terminate at frame teardown because
375 // if a plugin leaks a reference, it could leak its objects (or the browser's objects).
376 //
377 // The Frame maintains a list of plugin objects (m_pluginObjects)
378 // which it can use to quickly find the wrapped embed object.
379 //
380 // Inside the NPRuntime, we've added a few methods for registering
381 // wrapped NPObjects. The purpose of the registration is because
382 // javascript garbage collection is non-deterministic, yet we need to
383 // be able to tear down the plugin objects immediately. When an object
384 // is registered, javascript can use it. When the object is destroyed,
385 // or when the object's "owning" object is destroyed, the object will
386 // be un-registered, and the javascript engine must not use it.
387 //
388 // Inside the javascript engine, the engine can keep a reference to the
389 // NPObject as part of its wrapper. However, before accessing the object
390 // it must consult the _NPN_Registry.
391
392 v8::Local<v8::Object> wrapper = createV8ObjectForNPObject(npObject, 0, m_isolate);
393
394 // Track the plugin object. We've been given a reference to the object.
395 m_pluginObjects.set(widget, npObject);
396
397 return SharedPersistent<v8::Object>::create(wrapper, m_isolate);
398 }
399
cleanupScriptObjectsForPlugin(Widget * nativeHandle)400 void ScriptController::cleanupScriptObjectsForPlugin(Widget* nativeHandle)
401 {
402 PluginObjectMap::iterator it = m_pluginObjects.find(nativeHandle);
403 if (it == m_pluginObjects.end())
404 return;
405 _NPN_UnregisterObject(it->value);
406 _NPN_ReleaseObject(it->value);
407 m_pluginObjects.remove(it);
408 }
409
registeredExtensions()410 V8Extensions& ScriptController::registeredExtensions()
411 {
412 DEFINE_STATIC_LOCAL(V8Extensions, extensions, ());
413 return extensions;
414 }
415
registerExtensionIfNeeded(v8::Extension * extension)416 void ScriptController::registerExtensionIfNeeded(v8::Extension* extension)
417 {
418 const V8Extensions& extensions = registeredExtensions();
419 for (size_t i = 0; i < extensions.size(); ++i) {
420 if (extensions[i] == extension)
421 return;
422 }
423 v8::RegisterExtension(extension);
424 registeredExtensions().append(extension);
425 }
426
createNoScriptObject()427 static NPObject* createNoScriptObject()
428 {
429 notImplemented();
430 return 0;
431 }
432
createScriptObject(Frame * frame,v8::Isolate * isolate)433 static NPObject* createScriptObject(Frame* frame, v8::Isolate* isolate)
434 {
435 v8::HandleScope handleScope(isolate);
436 v8::Handle<v8::Context> v8Context = ScriptController::mainWorldContext(frame);
437 if (v8Context.IsEmpty())
438 return createNoScriptObject();
439
440 v8::Context::Scope scope(v8Context);
441 DOMWindow* window = frame->domWindow();
442 v8::Handle<v8::Value> global = toV8(window, v8::Handle<v8::Object>(), v8Context->GetIsolate());
443 ASSERT(global->IsObject());
444
445 return npCreateV8ScriptObject(0, v8::Handle<v8::Object>::Cast(global), window, isolate);
446 }
447
windowScriptNPObject()448 NPObject* ScriptController::windowScriptNPObject()
449 {
450 if (m_windowScriptNPObject)
451 return m_windowScriptNPObject;
452
453 if (canExecuteScripts(NotAboutToExecuteScript)) {
454 // JavaScript is enabled, so there is a JavaScript window object.
455 // Return an NPObject bound to the window object.
456 m_windowScriptNPObject = createScriptObject(m_frame, m_isolate);
457 _NPN_RegisterObject(m_windowScriptNPObject, 0);
458 } else {
459 // JavaScript is not enabled, so we cannot bind the NPObject to the
460 // JavaScript window object. Instead, we create an NPObject of a
461 // different class, one which is not bound to a JavaScript object.
462 m_windowScriptNPObject = createNoScriptObject();
463 }
464 return m_windowScriptNPObject;
465 }
466
createScriptObjectForPluginElement(HTMLPlugInElement * plugin)467 NPObject* ScriptController::createScriptObjectForPluginElement(HTMLPlugInElement* plugin)
468 {
469 // Can't create NPObjects when JavaScript is disabled.
470 if (!canExecuteScripts(NotAboutToExecuteScript))
471 return createNoScriptObject();
472
473 v8::HandleScope handleScope(m_isolate);
474 v8::Handle<v8::Context> v8Context = ScriptController::mainWorldContext(m_frame);
475 if (v8Context.IsEmpty())
476 return createNoScriptObject();
477 v8::Context::Scope scope(v8Context);
478
479 DOMWindow* window = m_frame->domWindow();
480 v8::Handle<v8::Value> v8plugin = toV8(plugin, v8::Handle<v8::Object>(), v8Context->GetIsolate());
481 if (!v8plugin->IsObject())
482 return createNoScriptObject();
483
484 return npCreateV8ScriptObject(0, v8::Handle<v8::Object>::Cast(v8plugin), window, v8Context->GetIsolate());
485 }
486
clearWindowShell()487 void ScriptController::clearWindowShell()
488 {
489 double start = currentTime();
490 // V8 binding expects ScriptController::clearWindowShell only be called
491 // when a frame is loading a new page. This creates a new context for the new page.
492 m_windowShell->clearForNavigation();
493 for (IsolatedWorldMap::iterator iter = m_isolatedWorlds.begin(); iter != m_isolatedWorlds.end(); ++iter)
494 iter->value->clearForNavigation();
495 V8GCController::hintForCollectGarbage();
496 blink::Platform::current()->histogramCustomCounts("WebCore.ScriptController.clearWindowShell", (currentTime() - start) * 1000, 0, 10000, 50);
497 }
498
setCaptureCallStackForUncaughtExceptions(bool value)499 void ScriptController::setCaptureCallStackForUncaughtExceptions(bool value)
500 {
501 v8::V8::SetCaptureStackTraceForUncaughtExceptions(value, ScriptCallStack::maxCallStackSizeToCapture, stackTraceOptions);
502 }
503
collectIsolatedContexts(Vector<std::pair<ScriptState *,SecurityOrigin * >> & result)504 void ScriptController::collectIsolatedContexts(Vector<std::pair<ScriptState*, SecurityOrigin*> >& result)
505 {
506 v8::HandleScope handleScope(m_isolate);
507 for (IsolatedWorldMap::iterator it = m_isolatedWorlds.begin(); it != m_isolatedWorlds.end(); ++it) {
508 V8WindowShell* isolatedWorldShell = it->value.get();
509 SecurityOrigin* origin = isolatedWorldShell->world()->isolatedWorldSecurityOrigin();
510 if (!origin)
511 continue;
512 v8::Local<v8::Context> v8Context = isolatedWorldShell->context();
513 if (v8Context.IsEmpty())
514 continue;
515 ScriptState* scriptState = ScriptState::forContext(v8Context);
516 result.append(std::pair<ScriptState*, SecurityOrigin*>(scriptState, origin));
517 }
518 }
519
setContextDebugId(int debugId)520 bool ScriptController::setContextDebugId(int debugId)
521 {
522 ASSERT(debugId > 0);
523 if (!m_windowShell->isContextInitialized())
524 return false;
525 v8::HandleScope scope(m_isolate);
526 v8::Local<v8::Context> context = m_windowShell->context();
527 return V8PerContextDebugData::setContextDebugData(context, "page", debugId);
528 }
529
contextDebugId(v8::Handle<v8::Context> context)530 int ScriptController::contextDebugId(v8::Handle<v8::Context> context)
531 {
532 return V8PerContextDebugData::contextDebugId(context);
533 }
534
updateDocument()535 void ScriptController::updateDocument()
536 {
537 // For an uninitialized main window shell, do not incur the cost of context initialization during FrameLoader::init().
538 if ((!m_windowShell->isContextInitialized() || !m_windowShell->isGlobalInitialized()) && m_frame->loader().stateMachine()->creatingInitialEmptyDocument())
539 return;
540
541 if (!initializeMainWorld())
542 windowShell(mainThreadNormalWorld())->updateDocument();
543 }
544
namedItemAdded(HTMLDocument * doc,const AtomicString & name)545 void ScriptController::namedItemAdded(HTMLDocument* doc, const AtomicString& name)
546 {
547 windowShell(mainThreadNormalWorld())->namedItemAdded(doc, name);
548 }
549
namedItemRemoved(HTMLDocument * doc,const AtomicString & name)550 void ScriptController::namedItemRemoved(HTMLDocument* doc, const AtomicString& name)
551 {
552 windowShell(mainThreadNormalWorld())->namedItemRemoved(doc, name);
553 }
554
canExecuteScripts(ReasonForCallingCanExecuteScripts reason)555 bool ScriptController::canExecuteScripts(ReasonForCallingCanExecuteScripts reason)
556 {
557 if (m_frame->document() && m_frame->document()->isSandboxed(SandboxScripts)) {
558 // FIXME: This message should be moved off the console once a solution to https://bugs.webkit.org/show_bug.cgi?id=103274 exists.
559 if (reason == AboutToExecuteScript)
560 m_frame->document()->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, "Blocked script execution in '" + m_frame->document()->url().elidedString() + "' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.");
561 return false;
562 }
563
564 if (m_frame->document() && m_frame->document()->isViewSource()) {
565 ASSERT(m_frame->document()->securityOrigin()->isUnique());
566 return true;
567 }
568
569 Settings* settings = m_frame->settings();
570 const bool allowed = m_frame->loader().client()->allowScript(settings && settings->isScriptEnabled());
571 if (!allowed && reason == AboutToExecuteScript)
572 m_frame->loader().client()->didNotAllowScript();
573 return allowed;
574 }
575
executeScriptIfJavaScriptURL(const KURL & url)576 bool ScriptController::executeScriptIfJavaScriptURL(const KURL& url)
577 {
578 if (!protocolIsJavaScript(url))
579 return false;
580
581 if (!m_frame->page()
582 || !m_frame->document()->contentSecurityPolicy()->allowJavaScriptURLs(m_frame->document()->url(), eventHandlerPosition().m_line))
583 return true;
584
585 // We need to hold onto the Frame here because executing script can
586 // destroy the frame.
587 RefPtr<Frame> protector(m_frame);
588 RefPtr<Document> ownerDocument(m_frame->document());
589
590 const int javascriptSchemeLength = sizeof("javascript:") - 1;
591
592 bool locationChangeBefore = m_frame->navigationScheduler().locationChangePending();
593
594 String decodedURL = decodeURLEscapeSequences(url.string());
595 ScriptValue result = evaluateScriptInMainWorld(ScriptSourceCode(decodedURL.substring(javascriptSchemeLength)), NotSharableCrossOrigin, DoNotExecuteScriptWhenScriptsDisabled);
596
597 // If executing script caused this frame to be removed from the page, we
598 // don't want to try to replace its document!
599 if (!m_frame->page())
600 return true;
601
602 String scriptResult;
603 if (!result.getString(scriptResult))
604 return true;
605
606 // We're still in a frame, so there should be a DocumentLoader.
607 ASSERT(m_frame->document()->loader());
608
609 if (!locationChangeBefore && m_frame->navigationScheduler().locationChangePending())
610 return true;
611
612 // DocumentWriter::replaceDocument can cause the DocumentLoader to get deref'ed and possible destroyed,
613 // so protect it with a RefPtr.
614 if (RefPtr<DocumentLoader> loader = m_frame->document()->loader()) {
615 UseCounter::count(*m_frame->document(), UseCounter::ReplaceDocumentViaJavaScriptURL);
616 loader->replaceDocument(scriptResult, ownerDocument.get());
617 }
618 return true;
619 }
620
executeScriptInMainWorld(const String & script,ExecuteScriptPolicy policy)621 void ScriptController::executeScriptInMainWorld(const String& script, ExecuteScriptPolicy policy)
622 {
623 evaluateScriptInMainWorld(ScriptSourceCode(script), NotSharableCrossOrigin, policy);
624 }
625
executeScriptInMainWorld(const ScriptSourceCode & sourceCode,AccessControlStatus corsStatus)626 void ScriptController::executeScriptInMainWorld(const ScriptSourceCode& sourceCode, AccessControlStatus corsStatus)
627 {
628 evaluateScriptInMainWorld(sourceCode, corsStatus, DoNotExecuteScriptWhenScriptsDisabled);
629 }
630
executeScriptInMainWorldAndReturnValue(const ScriptSourceCode & sourceCode)631 ScriptValue ScriptController::executeScriptInMainWorldAndReturnValue(const ScriptSourceCode& sourceCode)
632 {
633 return evaluateScriptInMainWorld(sourceCode, NotSharableCrossOrigin, DoNotExecuteScriptWhenScriptsDisabled);
634 }
635
evaluateScriptInMainWorld(const ScriptSourceCode & sourceCode,AccessControlStatus corsStatus,ExecuteScriptPolicy policy)636 ScriptValue ScriptController::evaluateScriptInMainWorld(const ScriptSourceCode& sourceCode, AccessControlStatus corsStatus, ExecuteScriptPolicy policy)
637 {
638 if (policy == DoNotExecuteScriptWhenScriptsDisabled && !canExecuteScripts(AboutToExecuteScript))
639 return ScriptValue();
640
641 String sourceURL = sourceCode.url();
642 const String* savedSourceURL = m_sourceURL;
643 m_sourceURL = &sourceURL;
644
645 v8::HandleScope handleScope(m_isolate);
646 v8::Handle<v8::Context> v8Context = ScriptController::mainWorldContext(m_frame);
647 if (v8Context.IsEmpty())
648 return ScriptValue();
649
650 RefPtr<Frame> protect(m_frame);
651 if (m_frame->loader().stateMachine()->isDisplayingInitialEmptyDocument())
652 m_frame->loader().didAccessInitialDocument();
653
654 OwnPtr<ScriptSourceCode> maybeProcessedSourceCode = InspectorInstrumentation::preprocess(m_frame, sourceCode);
655 const ScriptSourceCode& sourceCodeToCompile = maybeProcessedSourceCode ? *maybeProcessedSourceCode : sourceCode;
656
657 v8::Local<v8::Value> object = executeScriptAndReturnValue(v8Context, sourceCodeToCompile, corsStatus);
658 m_sourceURL = savedSourceURL;
659
660 if (object.IsEmpty())
661 return ScriptValue();
662
663 return ScriptValue(object, m_isolate);
664 }
665
executeScriptInIsolatedWorld(int worldID,const Vector<ScriptSourceCode> & sources,int extensionGroup,Vector<ScriptValue> * results)666 void ScriptController::executeScriptInIsolatedWorld(int worldID, const Vector<ScriptSourceCode>& sources, int extensionGroup, Vector<ScriptValue>* results)
667 {
668 ASSERT(worldID > 0);
669
670 v8::HandleScope handleScope(m_isolate);
671 v8::Local<v8::Array> v8Results;
672 {
673 v8::EscapableHandleScope evaluateHandleScope(m_isolate);
674 RefPtr<DOMWrapperWorld> world = DOMWrapperWorld::ensureIsolatedWorld(worldID, extensionGroup);
675 V8WindowShell* isolatedWorldShell = windowShell(world.get());
676
677 if (!isolatedWorldShell->isContextInitialized())
678 return;
679
680 v8::Local<v8::Context> context = isolatedWorldShell->context();
681 v8::Context::Scope contextScope(context);
682 v8::Local<v8::Array> resultArray = v8::Array::New(m_isolate, sources.size());
683
684 for (size_t i = 0; i < sources.size(); ++i) {
685 v8::Local<v8::Value> evaluationResult = executeScriptAndReturnValue(context, sources[i]);
686 if (evaluationResult.IsEmpty())
687 evaluationResult = v8::Local<v8::Value>::New(m_isolate, v8::Undefined(m_isolate));
688 resultArray->Set(i, evaluationResult);
689 }
690
691 v8Results = evaluateHandleScope.Escape(resultArray);
692 }
693
694 if (results && !v8Results.IsEmpty()) {
695 for (size_t i = 0; i < v8Results->Length(); ++i)
696 results->append(ScriptValue(v8Results->Get(i), m_isolate));
697 }
698 }
699
700 } // namespace WebCore
701