--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/WebCore/bindings/js/ScriptController.cpp Fri Sep 17 09:02:29 2010 +0300
@@ -0,0 +1,509 @@
+/*
+ * Copyright (C) 1999-2001 Harri Porten (porten@kde.org)
+ * Copyright (C) 2001 Peter Kelly (pmk@post.com)
+ * Copyright (C) 2006, 2007, 2008 Apple Inc. All rights reserved.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#include "config.h"
+#include "ScriptController.h"
+
+#include "ScriptableDocumentParser.h"
+#include "Event.h"
+#include "EventNames.h"
+#include "Frame.h"
+#include "FrameLoaderClient.h"
+#include "GCController.h"
+#include "HTMLPlugInElement.h"
+#include "InspectorTimelineAgent.h"
+#include "JSDocument.h"
+#include "JSMainThreadExecState.h"
+#include "NP_jsobject.h"
+#include "Page.h"
+#include "PageGroup.h"
+#include "ScriptSourceCode.h"
+#include "ScriptValue.h"
+#include "Settings.h"
+#include "StorageNamespace.h"
+#include "UserGestureIndicator.h"
+#include "WebCoreJSClientData.h"
+#include "XSSAuditor.h"
+#include "npruntime_impl.h"
+#include "runtime_root.h"
+#include <debugger/Debugger.h>
+#include <runtime/InitializeThreading.h>
+#include <runtime/JSLock.h>
+#include <wtf/Threading.h>
+
+using namespace JSC;
+using namespace std;
+
+namespace WebCore {
+
+void ScriptController::initializeThreading()
+{
+ JSC::initializeThreading();
+ WTF::initializeMainThread();
+}
+
+ScriptController::ScriptController(Frame* frame)
+ : m_frame(frame)
+ , m_sourceURL(0)
+ , m_inExecuteScript(false)
+ , m_processingTimerCallback(false)
+ , m_paused(false)
+ , m_allowPopupsFromPlugin(false)
+#if ENABLE(NETSCAPE_PLUGIN_API)
+ , m_windowScriptNPObject(0)
+#endif
+#if PLATFORM(MAC)
+ , m_windowScriptObject(0)
+#endif
+ , m_XSSAuditor(new XSSAuditor(frame))
+{
+#if PLATFORM(MAC) && ENABLE(JAVA_BRIDGE)
+ static bool initializedJavaJSBindings;
+ if (!initializedJavaJSBindings) {
+ initializedJavaJSBindings = true;
+ initJavaJSBindings();
+ }
+#endif
+}
+
+ScriptController::~ScriptController()
+{
+ disconnectPlatformScriptObjects();
+
+ if (m_cacheableBindingRootObject) {
+ m_cacheableBindingRootObject->invalidate();
+ m_cacheableBindingRootObject = 0;
+ }
+
+ // It's likely that destroying m_windowShells will create a lot of garbage.
+ if (!m_windowShells.isEmpty()) {
+ while (!m_windowShells.isEmpty())
+ destroyWindowShell(m_windowShells.begin()->first.get());
+ gcController().garbageCollectSoon();
+ }
+}
+
+void ScriptController::destroyWindowShell(DOMWrapperWorld* world)
+{
+ ASSERT(m_windowShells.contains(world));
+ m_windowShells.remove(world);
+ world->didDestroyWindowShell(this);
+}
+
+JSDOMWindowShell* ScriptController::createWindowShell(DOMWrapperWorld* world)
+{
+ ASSERT(!m_windowShells.contains(world));
+ JSDOMWindowShell* windowShell = new JSDOMWindowShell(m_frame->domWindow(), world);
+ m_windowShells.add(world, windowShell);
+ world->didCreateWindowShell(this);
+ return windowShell;
+}
+
+ScriptValue ScriptController::evaluateInWorld(const ScriptSourceCode& sourceCode, DOMWrapperWorld* world, ShouldAllowXSS shouldAllowXSS)
+{
+ const SourceCode& jsSourceCode = sourceCode.jsSourceCode();
+ String sourceURL = ustringToString(jsSourceCode.provider()->url());
+
+ if (shouldAllowXSS == DoNotAllowXSS && !m_XSSAuditor->canEvaluate(sourceCode.source())) {
+ // This script is not safe to be evaluated.
+ return JSValue();
+ }
+
+ // evaluate code. Returns the JS return value or 0
+ // if there was none, an error occurred or the type couldn't be converted.
+
+ // inlineCode is true for <a href="javascript:doSomething()">
+ // and false for <script>doSomething()</script>. Check if it has the
+ // expected value in all cases.
+ // See smart window.open policy for where this is used.
+ JSDOMWindowShell* shell = windowShell(world);
+ ExecState* exec = shell->window()->globalExec();
+ const String* savedSourceURL = m_sourceURL;
+ m_sourceURL = &sourceURL;
+
+ JSLock lock(SilenceAssertionsOnly);
+
+ RefPtr<Frame> protect = m_frame;
+
+#if ENABLE(INSPECTOR)
+ if (InspectorTimelineAgent* timelineAgent = m_frame->page() ? m_frame->page()->inspectorTimelineAgent() : 0)
+ timelineAgent->willEvaluateScript(sourceURL, sourceCode.startLine());
+#endif
+
+ exec->globalData().timeoutChecker.start();
+ Completion comp = JSMainThreadExecState::evaluate(exec, exec->dynamicGlobalObject()->globalScopeChain(), jsSourceCode, shell);
+ exec->globalData().timeoutChecker.stop();
+
+#if ENABLE(INSPECTOR)
+ if (InspectorTimelineAgent* timelineAgent = m_frame->page() ? m_frame->page()->inspectorTimelineAgent() : 0)
+ timelineAgent->didEvaluateScript();
+#endif
+
+ // Evaluating the JavaScript could cause the frame to be deallocated
+ // so we start the keep alive timer here.
+ m_frame->keepAlive();
+
+ if (comp.complType() == Normal || comp.complType() == ReturnValue) {
+ m_sourceURL = savedSourceURL;
+ return comp.value();
+ }
+
+ if (comp.complType() == Throw || comp.complType() == Interrupted)
+ reportException(exec, comp.value());
+
+ m_sourceURL = savedSourceURL;
+ return JSValue();
+}
+
+ScriptValue ScriptController::evaluate(const ScriptSourceCode& sourceCode, ShouldAllowXSS shouldAllowXSS)
+{
+ return evaluateInWorld(sourceCode, mainThreadNormalWorld(), shouldAllowXSS);
+}
+
+PassRefPtr<DOMWrapperWorld> ScriptController::createWorld()
+{
+ return DOMWrapperWorld::create(JSDOMWindow::commonJSGlobalData());
+}
+
+void ScriptController::getAllWorlds(Vector<DOMWrapperWorld*>& worlds)
+{
+ static_cast<WebCoreJSClientData*>(JSDOMWindow::commonJSGlobalData()->clientData)->getAllWorlds(worlds);
+}
+
+void ScriptController::clearWindowShell(bool goingIntoPageCache)
+{
+ if (m_windowShells.isEmpty())
+ return;
+
+ JSLock lock(SilenceAssertionsOnly);
+
+ for (ShellMap::iterator iter = m_windowShells.begin(); iter != m_windowShells.end(); ++iter) {
+ JSDOMWindowShell* windowShell = iter->second;
+
+ // Clear the debugger from the current window before setting the new window.
+ attachDebugger(windowShell, 0);
+
+ windowShell->window()->willRemoveFromWindowShell();
+ windowShell->setWindow(m_frame->domWindow());
+
+ if (Page* page = m_frame->page()) {
+ attachDebugger(windowShell, page->debugger());
+ windowShell->window()->setProfileGroup(page->group().identifier());
+ }
+ }
+
+ // It's likely that resetting our windows created a lot of garbage, unless
+ // it went in a back/forward cache.
+ if (!goingIntoPageCache)
+ gcController().garbageCollectSoon();
+}
+
+JSDOMWindowShell* ScriptController::initScript(DOMWrapperWorld* world)
+{
+ ASSERT(!m_windowShells.contains(world));
+
+ JSLock lock(SilenceAssertionsOnly);
+
+ JSDOMWindowShell* windowShell = createWindowShell(world);
+
+ windowShell->window()->updateDocument();
+
+ if (Page* page = m_frame->page()) {
+ attachDebugger(windowShell, page->debugger());
+ windowShell->window()->setProfileGroup(page->group().identifier());
+ }
+
+ m_frame->loader()->dispatchDidClearWindowObjectInWorld(world);
+
+ return windowShell;
+}
+
+int ScriptController::eventHandlerLineNumber() const
+{
+ // JSC expects 1-based line numbers, so we must add one here to get it right.
+ ScriptableDocumentParser* parser = m_frame->document()->scriptableDocumentParser();
+ if (parser)
+ return parser->lineNumber() + 1;
+ return 0;
+}
+
+bool ScriptController::processingUserGesture(DOMWrapperWorld* world) const
+{
+ if (m_allowPopupsFromPlugin || isJavaScriptAnchorNavigation())
+ return true;
+
+ // If a DOM event is being processed, check that it was initiated by the user
+ // and that it is in the whitelist of event types allowed to generate pop-ups.
+ if (JSDOMWindowShell* shell = existingWindowShell(world))
+ if (Event* event = shell->window()->currentEvent())
+ return event->fromUserGesture();
+
+ return UserGestureIndicator::processingUserGesture();
+}
+
+// FIXME: This seems like an insufficient check to verify a click on a javascript: anchor.
+bool ScriptController::isJavaScriptAnchorNavigation() const
+{
+ // This is the <a href="javascript:window.open('...')> case -> we let it through
+ if (m_sourceURL && m_sourceURL->isNull() && !m_processingTimerCallback)
+ return true;
+
+ // This is the <script>window.open(...)</script> case or a timer callback -> block it
+ return false;
+}
+
+bool ScriptController::anyPageIsProcessingUserGesture() const
+{
+ Page* page = m_frame->page();
+ if (!page)
+ return false;
+
+ const HashSet<Page*>& pages = page->group().pages();
+ HashSet<Page*>::const_iterator end = pages.end();
+ for (HashSet<Page*>::const_iterator it = pages.begin(); it != end; ++it) {
+ for (Frame* frame = page->mainFrame(); frame; frame = frame->tree()->traverseNext()) {
+ ScriptController* script = frame->script();
+
+ if (script->m_allowPopupsFromPlugin)
+ return true;
+
+ const ShellMap::const_iterator iterEnd = m_windowShells.end();
+ for (ShellMap::const_iterator iter = m_windowShells.begin(); iter != iterEnd; ++iter) {
+ JSDOMWindowShell* shell = iter->second.get();
+ Event* event = shell->window()->currentEvent();
+ if (event && event->fromUserGesture())
+ return true;
+ }
+
+ if (isJavaScriptAnchorNavigation())
+ return true;
+ }
+ }
+
+ return false;
+}
+
+bool ScriptController::canAccessFromCurrentOrigin(Frame *frame)
+{
+ ExecState* exec = JSMainThreadExecState::currentState();
+ if (exec)
+ return allowsAccessFromFrame(exec, frame);
+ // If the current state is 0 we're in a call path where the DOM security
+ // check doesn't apply (eg. parser).
+ return true;
+}
+
+void ScriptController::attachDebugger(JSC::Debugger* debugger)
+{
+ for (ShellMap::iterator iter = m_windowShells.begin(); iter != m_windowShells.end(); ++iter)
+ attachDebugger(iter->second, debugger);
+}
+
+void ScriptController::attachDebugger(JSDOMWindowShell* shell, JSC::Debugger* debugger)
+{
+ if (!shell)
+ return;
+
+ JSDOMWindow* globalObject = shell->window();
+ if (debugger)
+ debugger->attach(globalObject);
+ else if (JSC::Debugger* currentDebugger = globalObject->debugger())
+ currentDebugger->detach(globalObject);
+}
+
+void ScriptController::updateDocument()
+{
+ if (!m_frame->document())
+ return;
+
+ JSLock lock(SilenceAssertionsOnly);
+ for (ShellMap::iterator iter = m_windowShells.begin(); iter != m_windowShells.end(); ++iter)
+ iter->second->window()->updateDocument();
+}
+
+void ScriptController::updateSecurityOrigin()
+{
+ // Our bindings do not do anything in this case.
+}
+
+Bindings::RootObject* ScriptController::cacheableBindingRootObject()
+{
+ if (!canExecuteScripts(NotAboutToExecuteScript))
+ return 0;
+
+ if (!m_cacheableBindingRootObject) {
+ JSLock lock(SilenceAssertionsOnly);
+ m_cacheableBindingRootObject = Bindings::RootObject::create(0, globalObject(pluginWorld()));
+ }
+ return m_cacheableBindingRootObject.get();
+}
+
+Bindings::RootObject* ScriptController::bindingRootObject()
+{
+ if (!canExecuteScripts(NotAboutToExecuteScript))
+ return 0;
+
+ if (!m_bindingRootObject) {
+ JSLock lock(SilenceAssertionsOnly);
+ m_bindingRootObject = Bindings::RootObject::create(0, globalObject(pluginWorld()));
+ }
+ return m_bindingRootObject.get();
+}
+
+PassRefPtr<Bindings::RootObject> ScriptController::createRootObject(void* nativeHandle)
+{
+ RootObjectMap::iterator it = m_rootObjects.find(nativeHandle);
+ if (it != m_rootObjects.end())
+ return it->second;
+
+ RefPtr<Bindings::RootObject> rootObject = Bindings::RootObject::create(nativeHandle, globalObject(pluginWorld()));
+
+ m_rootObjects.set(nativeHandle, rootObject);
+ return rootObject.release();
+}
+
+#if ENABLE(INSPECTOR)
+void ScriptController::setCaptureCallStackForUncaughtExceptions(bool)
+{
+}
+#endif
+
+#if ENABLE(NETSCAPE_PLUGIN_API)
+
+NPObject* ScriptController::windowScriptNPObject()
+{
+ if (!m_windowScriptNPObject) {
+ if (canExecuteScripts(NotAboutToExecuteScript)) {
+ // JavaScript is enabled, so there is a JavaScript window object.
+ // Return an NPObject bound to the window object.
+ JSC::JSLock lock(SilenceAssertionsOnly);
+ JSObject* win = windowShell(pluginWorld())->window();
+ ASSERT(win);
+ Bindings::RootObject* root = bindingRootObject();
+ m_windowScriptNPObject = _NPN_CreateScriptObject(0, win, root);
+ } else {
+ // JavaScript is not enabled, so we cannot bind the NPObject to the JavaScript window object.
+ // Instead, we create an NPObject of a different class, one which is not bound to a JavaScript object.
+ m_windowScriptNPObject = _NPN_CreateNoScriptObject();
+ }
+ }
+
+ return m_windowScriptNPObject;
+}
+
+NPObject* ScriptController::createScriptObjectForPluginElement(HTMLPlugInElement* plugin)
+{
+ JSObject* object = jsObjectForPluginElement(plugin);
+ if (!object)
+ return _NPN_CreateNoScriptObject();
+
+ // Wrap the JSObject in an NPObject
+ return _NPN_CreateScriptObject(0, object, bindingRootObject());
+}
+
+#endif
+
+JSObject* ScriptController::jsObjectForPluginElement(HTMLPlugInElement* plugin)
+{
+ // Can't create JSObjects when JavaScript is disabled
+ if (!canExecuteScripts(NotAboutToExecuteScript))
+ return 0;
+
+ // Create a JSObject bound to this element
+ JSLock lock(SilenceAssertionsOnly);
+ JSDOMWindow* globalObj = globalObject(pluginWorld());
+ // FIXME: is normal okay? - used for NP plugins?
+ JSValue jsElementValue = toJS(globalObj->globalExec(), globalObj, plugin);
+ if (!jsElementValue || !jsElementValue.isObject())
+ return 0;
+
+ return jsElementValue.getObject();
+}
+
+#if !PLATFORM(MAC)
+
+void ScriptController::updatePlatformScriptObjects()
+{
+}
+
+void ScriptController::disconnectPlatformScriptObjects()
+{
+}
+
+#endif
+
+void ScriptController::cleanupScriptObjectsForPlugin(void* nativeHandle)
+{
+ RootObjectMap::iterator it = m_rootObjects.find(nativeHandle);
+
+ if (it == m_rootObjects.end())
+ return;
+
+ it->second->invalidate();
+ m_rootObjects.remove(it);
+}
+
+void ScriptController::clearScriptObjects()
+{
+ JSLock lock(SilenceAssertionsOnly);
+
+ RootObjectMap::const_iterator end = m_rootObjects.end();
+ for (RootObjectMap::const_iterator it = m_rootObjects.begin(); it != end; ++it)
+ it->second->invalidate();
+
+ m_rootObjects.clear();
+
+ if (m_bindingRootObject) {
+ m_bindingRootObject->invalidate();
+ m_bindingRootObject = 0;
+ }
+
+#if ENABLE(NETSCAPE_PLUGIN_API)
+ if (m_windowScriptNPObject) {
+ // Call _NPN_DeallocateObject() instead of _NPN_ReleaseObject() so that we don't leak if a plugin fails to release the window
+ // script object properly.
+ // This shouldn't cause any problems for plugins since they should have already been stopped and destroyed at this point.
+ _NPN_DeallocateObject(m_windowScriptNPObject);
+ m_windowScriptNPObject = 0;
+ }
+#endif
+}
+
+ScriptValue ScriptController::executeScriptInWorld(DOMWrapperWorld* world, const String& script, bool forceUserGesture, ShouldAllowXSS shouldAllowXSS)
+{
+ ScriptSourceCode sourceCode(script, forceUserGesture ? KURL() : m_frame->loader()->url());
+
+ if (!canExecuteScripts(AboutToExecuteScript) || isPaused())
+ return ScriptValue();
+
+ bool wasInExecuteScript = m_inExecuteScript;
+ m_inExecuteScript = true;
+
+ ScriptValue result = evaluateInWorld(sourceCode, world, shouldAllowXSS);
+
+ if (!wasInExecuteScript) {
+ m_inExecuteScript = false;
+ Document::updateStyleForAllDocuments();
+ }
+
+ return result;
+}
+
+} // namespace WebCore