1 /* 2 * Copyright (C) 2008, 2009 Google Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are 6 * met: 7 * 8 * * Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * * Redistributions in binary form must reproduce the above 11 * copyright notice, this list of conditions and the following disclaimer 12 * in the documentation and/or other materials provided with the 13 * distribution. 14 * * Neither the name of Google Inc. nor the names of its 15 * contributors may be used to endorse or promote products derived from 16 * this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31 #ifndef ScriptController_h 32 #define ScriptController_h 33 34 #include "bindings/v8/ScriptValue.h" 35 #include "bindings/v8/SharedPersistent.h" 36 37 #include "core/fetch/CrossOriginAccessControl.h" 38 #include "wtf/Forward.h" 39 #include "wtf/HashMap.h" 40 #include "wtf/RefCounted.h" 41 #include "wtf/Vector.h" 42 #include "wtf/text/TextPosition.h" 43 #include <v8.h> 44 45 struct NPObject; 46 47 namespace WebCore { 48 49 class DOMWrapperWorld; 50 class ExecutionContext; 51 class Event; 52 class HTMLDocument; 53 class HTMLPlugInElement; 54 class KURL; 55 class LocalFrame; 56 class ScriptState; 57 class ScriptSourceCode; 58 class SecurityOrigin; 59 class V8WindowShell; 60 class Widget; 61 62 typedef WTF::Vector<v8::Extension*> V8Extensions; 63 64 enum ReasonForCallingCanExecuteScripts { 65 AboutToExecuteScript, 66 NotAboutToExecuteScript 67 }; 68 69 class ScriptController { 70 public: 71 enum ExecuteScriptPolicy { 72 ExecuteScriptWhenScriptsDisabled, 73 DoNotExecuteScriptWhenScriptsDisabled 74 }; 75 76 ScriptController(LocalFrame*); 77 ~ScriptController(); 78 79 bool initializeMainWorld(); 80 V8WindowShell* windowShell(DOMWrapperWorld&); 81 V8WindowShell* existingWindowShell(DOMWrapperWorld&); 82 83 // Evaluate JavaScript in the main world. 84 void executeScriptInMainWorld(const String&, ExecuteScriptPolicy = DoNotExecuteScriptWhenScriptsDisabled); 85 void executeScriptInMainWorld(const ScriptSourceCode&, AccessControlStatus = NotSharableCrossOrigin); 86 v8::Local<v8::Value> executeScriptInMainWorldAndReturnValue(const ScriptSourceCode&); 87 v8::Local<v8::Value> executeScriptAndReturnValue(v8::Handle<v8::Context>, const ScriptSourceCode&, AccessControlStatus = NotSharableCrossOrigin); 88 89 // Executes JavaScript in an isolated world. The script gets its own global scope, 90 // its own prototypes for intrinsic JavaScript objects (String, Array, and so-on), 91 // and its own wrappers for all DOM nodes and DOM constructors. 92 // 93 // If an isolated world with the specified ID already exists, it is reused. 94 // Otherwise, a new world is created. 95 // 96 // FIXME: Get rid of extensionGroup here. 97 void executeScriptInIsolatedWorld(int worldID, const Vector<ScriptSourceCode>& sources, int extensionGroup, Vector<v8::Local<v8::Value> >* results); 98 99 // Returns true if argument is a JavaScript URL. 100 bool executeScriptIfJavaScriptURL(const KURL&); 101 102 v8::Local<v8::Value> callFunction(v8::Handle<v8::Function>, v8::Handle<v8::Value>, int argc, v8::Handle<v8::Value> argv[]); 103 static v8::Local<v8::Value> callFunction(ExecutionContext*, v8::Handle<v8::Function>, v8::Handle<v8::Value> receiver, int argc, v8::Handle<v8::Value> info[], v8::Isolate*); 104 105 // Returns true if the current world is isolated, and has its own Content 106 // Security Policy. In this case, the policy of the main world should be 107 // ignored when evaluating resources injected into the DOM. 108 bool shouldBypassMainWorldContentSecurityPolicy(); 109 110 // Creates a property of the global object of a frame. 111 void bindToWindowObject(LocalFrame*, const String& key, NPObject*); 112 113 PassRefPtr<SharedPersistent<v8::Object> > createPluginWrapper(Widget*); 114 115 void enableEval(); 116 void disableEval(const String& errorMessage); 117 118 static bool canAccessFromCurrentOrigin(LocalFrame*); 119 120 static void setCaptureCallStackForUncaughtExceptions(bool); 121 void collectIsolatedContexts(Vector<std::pair<ScriptState*, SecurityOrigin*> >&); 122 123 bool canExecuteScripts(ReasonForCallingCanExecuteScripts); 124 125 TextPosition eventHandlerPosition() const; 126 127 void clearWindowShell(); 128 void updateDocument(); 129 130 void namedItemAdded(HTMLDocument*, const AtomicString&); 131 void namedItemRemoved(HTMLDocument*, const AtomicString&); 132 133 void updateSecurityOrigin(SecurityOrigin*); 134 void clearScriptObjects(); 135 void cleanupScriptObjectsForPlugin(Widget*); 136 137 void clearForClose(); 138 139 NPObject* createScriptObjectForPluginElement(HTMLPlugInElement*); 140 NPObject* windowScriptNPObject(); 141 142 // Registers a v8 extension to be available on webpages. Will only 143 // affect v8 contexts initialized after this call. Takes ownership of 144 // the v8::Extension object passed. 145 static void registerExtensionIfNeeded(v8::Extension*); 146 static V8Extensions& registeredExtensions(); 147 148 bool setContextDebugId(int); 149 static int contextDebugId(v8::Handle<v8::Context>); 150 isolate()151 v8::Isolate* isolate() const { return m_isolate; } 152 153 private: 154 typedef HashMap<int, OwnPtr<V8WindowShell> > IsolatedWorldMap; 155 typedef HashMap<Widget*, NPObject*> PluginObjectMap; 156 157 v8::Local<v8::Value> evaluateScriptInMainWorld(const ScriptSourceCode&, AccessControlStatus, ExecuteScriptPolicy); 158 159 LocalFrame* m_frame; 160 const String* m_sourceURL; 161 v8::Isolate* m_isolate; 162 163 OwnPtr<V8WindowShell> m_windowShell; 164 IsolatedWorldMap m_isolatedWorlds; 165 166 // A mapping between Widgets and their corresponding script object. 167 // This list is used so that when the plugin dies, we can immediately 168 // invalidate all sub-objects which are associated with that plugin. 169 // The frame keeps a NPObject reference for each item on the list. 170 PluginObjectMap m_pluginObjects; 171 172 NPObject* m_windowScriptNPObject; 173 }; 174 175 } // namespace WebCore 176 177 #endif // ScriptController_h 178