1 /* 2 * Copyright (C) 2009 Google Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are 6 * met: 7 * 8 * * Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * * Redistributions in binary form must reproduce the above 11 * copyright notice, this list of conditions and the following disclaimer 12 * in the documentation and/or other materials provided with the 13 * distribution. 14 * * Neither the name of Google Inc. nor the names of its 15 * contributors may be used to endorse or promote products derived from 16 * this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31 #ifndef DOMWrapperWorld_h 32 #define DOMWrapperWorld_h 33 34 #include "bindings/v8/ScriptState.h" 35 #include "platform/weborigin/SecurityOrigin.h" 36 #include "wtf/MainThread.h" 37 #include "wtf/PassRefPtr.h" 38 #include "wtf/RefCounted.h" 39 #include "wtf/RefPtr.h" 40 #include "wtf/text/WTFString.h" 41 #include <v8.h> 42 43 namespace WebCore { 44 45 class DOMDataStore; 46 class ExecutionContext; 47 class ScriptController; 48 49 enum WorldIdConstants { 50 MainWorldId = 0, 51 // Embedder isolated worlds can use IDs in [1, 1<<29). 52 EmbedderWorldIdLimit = (1 << 29), 53 ScriptPreprocessorIsolatedWorldId, 54 IsolatedWorldIdLimit, 55 WorkerWorldId, 56 TestingWorldId, 57 }; 58 59 // This class represent a collection of DOM wrappers for a specific world. 60 class DOMWrapperWorld : public RefCounted<DOMWrapperWorld> { 61 public: 62 static PassRefPtr<DOMWrapperWorld> create(int worldId = -1, int extensionGroup = -1); 63 64 static const int mainWorldExtensionGroup = 0; 65 static PassRefPtr<DOMWrapperWorld> ensureIsolatedWorld(int worldId, int extensionGroup); 66 ~DOMWrapperWorld(); 67 void dispose(); 68 isolatedWorldsExist()69 static bool isolatedWorldsExist() { return isolatedWorldCount; } 70 static void allWorldsInMainThread(Vector<RefPtr<DOMWrapperWorld> >& worlds); 71 world(v8::Handle<v8::Context> context)72 static DOMWrapperWorld& world(v8::Handle<v8::Context> context) 73 { 74 return ScriptState::from(context)->world(); 75 } 76 current(v8::Isolate * isolate)77 static DOMWrapperWorld& current(v8::Isolate* isolate) 78 { 79 if (isMainThread() && worldOfInitializingWindow) { 80 // It's possible that current() is being called while window is being initialized. 81 // In order to make current() workable during the initialization phase, 82 // we cache the world of the initializing window on worldOfInitializingWindow. 83 // If there is no initiazing window, worldOfInitializingWindow is 0. 84 return *worldOfInitializingWindow; 85 } 86 return world(isolate->GetCurrentContext()); 87 } 88 89 static DOMWrapperWorld& mainWorld(); 90 91 // Associates an isolated world (see above for description) with a security 92 // origin. XMLHttpRequest instances used in that world will be considered 93 // to come from that origin, not the frame's. 94 static void setIsolatedWorldSecurityOrigin(int worldId, PassRefPtr<SecurityOrigin>); 95 SecurityOrigin* isolatedWorldSecurityOrigin(); 96 97 // Associated an isolated world with a Content Security Policy. Resources 98 // embedded into the main world's DOM from script executed in an isolated 99 // world should be restricted based on the isolated world's DOM, not the 100 // main world's. 101 // 102 // FIXME: Right now, resource injection simply bypasses the main world's 103 // DOM. More work is necessary to allow the isolated world's policy to be 104 // applied correctly. 105 static void setIsolatedWorldContentSecurityPolicy(int worldId, const String& policy); 106 bool isolatedWorldHasContentSecurityPolicy(); 107 isMainWorld()108 bool isMainWorld() const { return m_worldId == MainWorldId; } isWorkerWorld()109 bool isWorkerWorld() const { return m_worldId == WorkerWorldId; } isIsolatedWorld()110 bool isIsolatedWorld() const { return MainWorldId < m_worldId && m_worldId < IsolatedWorldIdLimit; } 111 worldId()112 int worldId() const { return m_worldId; } extensionGroup()113 int extensionGroup() const { return m_extensionGroup; } domDataStore()114 DOMDataStore& domDataStore() const { return *m_domDataStore; } 115 setWorldOfInitializingWindow(DOMWrapperWorld * world)116 static void setWorldOfInitializingWindow(DOMWrapperWorld* world) 117 { 118 ASSERT(isMainThread()); 119 worldOfInitializingWindow = world; 120 } 121 // FIXME: Remove this method once we fix crbug.com/345014. windowIsBeingInitialized()122 static bool windowIsBeingInitialized() { return !!worldOfInitializingWindow; } 123 124 private: 125 DOMWrapperWorld(int worldId, int extensionGroup); 126 127 static unsigned isolatedWorldCount; 128 static DOMWrapperWorld* worldOfInitializingWindow; 129 130 const int m_worldId; 131 const int m_extensionGroup; 132 OwnPtr<DOMDataStore> m_domDataStore; 133 }; 134 135 } // namespace WebCore 136 137 #endif // DOMWrapperWorld_h 138