OLD | NEW |
1 // Copyright 2007-2009 the V8 project authors. All rights reserved. | 1 // Copyright 2007-2009 the V8 project authors. All rights reserved. |
2 // Redistribution and use in source and binary forms, with or without | 2 // Redistribution and use in source and binary forms, with or without |
3 // modification, are permitted provided that the following conditions are | 3 // modification, are permitted provided that the following conditions are |
4 // met: | 4 // met: |
5 // | 5 // |
6 // * Redistributions of source code must retain the above copyright | 6 // * Redistributions of source code must retain the above copyright |
7 // notice, this list of conditions and the following disclaimer. | 7 // notice, this list of conditions and the following disclaimer. |
8 // * Redistributions in binary form must reproduce the above | 8 // * Redistributions in binary form must reproduce the above |
9 // copyright notice, this list of conditions and the following | 9 // copyright notice, this list of conditions and the following |
10 // disclaimer in the documentation and/or other materials provided | 10 // disclaimer in the documentation and/or other materials provided |
(...skipping 5115 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
5126 // the global object for env2 which has the same security token as env1. | 5126 // the global object for env2 which has the same security token as env1. |
5127 result = CompileRun("other.p"); | 5127 result = CompileRun("other.p"); |
5128 CHECK(result->IsInt32()); | 5128 CHECK(result->IsInt32()); |
5129 CHECK_EQ(42, result->Int32Value()); | 5129 CHECK_EQ(42, result->Int32Value()); |
5130 | 5130 |
5131 env2.Dispose(); | 5131 env2.Dispose(); |
5132 env3.Dispose(); | 5132 env3.Dispose(); |
5133 } | 5133 } |
5134 | 5134 |
5135 | 5135 |
| 5136 static bool allowed_access_type[v8::ACCESS_KEYS + 1] = { false }; |
5136 static bool NamedAccessBlocker(Local<v8::Object> global, | 5137 static bool NamedAccessBlocker(Local<v8::Object> global, |
5137 Local<Value> name, | 5138 Local<Value> name, |
5138 v8::AccessType type, | 5139 v8::AccessType type, |
5139 Local<Value> data) { | 5140 Local<Value> data) { |
5140 return Context::GetCurrent()->Global()->Equals(global); | 5141 return Context::GetCurrent()->Global()->Equals(global) || |
| 5142 allowed_access_type[type]; |
5141 } | 5143 } |
5142 | 5144 |
5143 | 5145 |
5144 static bool IndexedAccessBlocker(Local<v8::Object> global, | 5146 static bool IndexedAccessBlocker(Local<v8::Object> global, |
5145 uint32_t key, | 5147 uint32_t key, |
5146 v8::AccessType type, | 5148 v8::AccessType type, |
5147 Local<Value> data) { | 5149 Local<Value> data) { |
5148 return Context::GetCurrent()->Global()->Equals(global); | 5150 return Context::GetCurrent()->Global()->Equals(global) || |
| 5151 allowed_access_type[type]; |
5149 } | 5152 } |
5150 | 5153 |
5151 | 5154 |
5152 static int g_echo_value = -1; | 5155 static int g_echo_value = -1; |
5153 static v8::Handle<Value> EchoGetter(Local<String> name, | 5156 static v8::Handle<Value> EchoGetter(Local<String> name, |
5154 const AccessorInfo& info) { | 5157 const AccessorInfo& info) { |
5155 return v8_num(g_echo_value); | 5158 return v8_num(g_echo_value); |
5156 } | 5159 } |
5157 | 5160 |
5158 | 5161 |
(...skipping 11 matching lines...) Expand all Loading... |
5170 return v8::Undefined(); | 5173 return v8::Undefined(); |
5171 } | 5174 } |
5172 | 5175 |
5173 | 5176 |
5174 static void UnreachableSetter(Local<String>, Local<Value>, | 5177 static void UnreachableSetter(Local<String>, Local<Value>, |
5175 const AccessorInfo&) { | 5178 const AccessorInfo&) { |
5176 CHECK(false); // This function should nto be called. | 5179 CHECK(false); // This function should nto be called. |
5177 } | 5180 } |
5178 | 5181 |
5179 | 5182 |
5180 THREADED_TEST(AccessControl) { | 5183 TEST(AccessControl) { |
5181 v8::HandleScope handle_scope; | 5184 v8::HandleScope handle_scope; |
5182 v8::Handle<v8::ObjectTemplate> global_template = v8::ObjectTemplate::New(); | 5185 v8::Handle<v8::ObjectTemplate> global_template = v8::ObjectTemplate::New(); |
5183 | 5186 |
5184 global_template->SetAccessCheckCallbacks(NamedAccessBlocker, | 5187 global_template->SetAccessCheckCallbacks(NamedAccessBlocker, |
5185 IndexedAccessBlocker); | 5188 IndexedAccessBlocker); |
5186 | 5189 |
5187 // Add an accessor accessible by cross-domain JS code. | 5190 // Add an accessor accessible by cross-domain JS code. |
5188 global_template->SetAccessor( | 5191 global_template->SetAccessor( |
5189 v8_str("accessible_prop"), | 5192 v8_str("accessible_prop"), |
5190 EchoGetter, EchoSetter, | 5193 EchoGetter, EchoSetter, |
5191 v8::Handle<Value>(), | 5194 v8::Handle<Value>(), |
5192 v8::AccessControl(v8::ALL_CAN_READ | v8::ALL_CAN_WRITE)); | 5195 v8::AccessControl(v8::ALL_CAN_READ | v8::ALL_CAN_WRITE)); |
5193 | 5196 |
5194 // Add an accessor that is not accessible by cross-domain JS code. | 5197 // Add an accessor that is not accessible by cross-domain JS code. |
5195 global_template->SetAccessor(v8_str("blocked_prop"), | 5198 global_template->SetAccessor(v8_str("blocked_prop"), |
5196 UnreachableGetter, UnreachableSetter, | 5199 UnreachableGetter, UnreachableSetter, |
5197 v8::Handle<Value>(), | 5200 v8::Handle<Value>(), |
5198 v8::DEFAULT); | 5201 v8::DEFAULT); |
5199 | 5202 |
5200 // Create an environment | 5203 // Create an environment |
5201 v8::Persistent<Context> context0 = Context::New(NULL, global_template); | 5204 v8::Persistent<Context> context0 = Context::New(NULL, global_template); |
5202 context0->Enter(); | 5205 context0->Enter(); |
5203 | 5206 |
5204 v8::Handle<v8::Object> global0 = context0->Global(); | 5207 v8::Handle<v8::Object> global0 = context0->Global(); |
5205 | 5208 |
| 5209 // Define a property with JS getter and setter. |
| 5210 CompileRun( |
| 5211 "function getter() { return 'getter'; };\n" |
| 5212 "function setter() { return 'setter'; }\n" |
| 5213 "Object.defineProperty(this, 'js_accessor_p', {get:getter, set:setter})"); |
| 5214 |
| 5215 Local<Value> getter = global0->Get(v8_str("getter")); |
| 5216 Local<Value> setter = global0->Get(v8_str("setter")); |
| 5217 |
| 5218 // And define normal element. |
| 5219 global0->Set(239, v8_str("239")); |
| 5220 |
| 5221 // Define an element with JS getter and setter. |
| 5222 CompileRun( |
| 5223 "function el_getter() { return 'el_getter'; };\n" |
| 5224 "function el_setter() { return 'el_setter'; };\n" |
| 5225 "Object.defineProperty(this, '42', {get: el_getter, set: el_setter});"); |
| 5226 |
| 5227 Local<Value> el_getter = global0->Get(v8_str("el_getter")); |
| 5228 Local<Value> el_setter = global0->Get(v8_str("el_setter")); |
| 5229 |
5206 v8::HandleScope scope1; | 5230 v8::HandleScope scope1; |
5207 | 5231 |
5208 v8::Persistent<Context> context1 = Context::New(); | 5232 v8::Persistent<Context> context1 = Context::New(); |
5209 context1->Enter(); | 5233 context1->Enter(); |
5210 | 5234 |
5211 v8::Handle<v8::Object> global1 = context1->Global(); | 5235 v8::Handle<v8::Object> global1 = context1->Global(); |
5212 global1->Set(v8_str("other"), global0); | 5236 global1->Set(v8_str("other"), global0); |
5213 | 5237 |
| 5238 // Access blocked property. |
| 5239 CompileRun("other.blocked_prop = 1"); |
| 5240 |
| 5241 ExpectUndefined("other.blocked_prop"); |
| 5242 ExpectUndefined( |
| 5243 "Object.getOwnPropertyDescriptor(other, 'blocked_prop')"); |
| 5244 ExpectFalse("propertyIsEnumerable.call(other, 'blocked_prop')"); |
| 5245 |
| 5246 // Enable ACCESS_HAS |
| 5247 allowed_access_type[v8::ACCESS_HAS] = true; |
| 5248 ExpectUndefined("other.blocked_prop"); |
| 5249 // ... and now we can get the descriptor... |
| 5250 ExpectUndefined( |
| 5251 "Object.getOwnPropertyDescriptor(other, 'blocked_prop').value"); |
| 5252 // ... and enumerate the property. |
| 5253 ExpectTrue("propertyIsEnumerable.call(other, 'blocked_prop')"); |
| 5254 allowed_access_type[v8::ACCESS_HAS] = false; |
| 5255 |
| 5256 // Access blocked element. |
| 5257 CompileRun("other[239] = 1"); |
| 5258 |
| 5259 ExpectUndefined("other[239]"); |
| 5260 ExpectUndefined("Object.getOwnPropertyDescriptor(other, '239')"); |
| 5261 ExpectFalse("propertyIsEnumerable.call(other, '239')"); |
| 5262 |
| 5263 // Enable ACCESS_HAS |
| 5264 allowed_access_type[v8::ACCESS_HAS] = true; |
| 5265 ExpectUndefined("other[239]"); |
| 5266 // ... and now we can get the descriptor... |
| 5267 ExpectUndefined("Object.getOwnPropertyDescriptor(other, '239').value"); |
| 5268 // ... and enumerate the property. |
| 5269 ExpectTrue("propertyIsEnumerable.call(other, '239')"); |
| 5270 allowed_access_type[v8::ACCESS_HAS] = false; |
| 5271 |
| 5272 // Access a property with JS accessor. |
| 5273 CompileRun("other.js_accessor_p = 2"); |
| 5274 |
| 5275 ExpectUndefined("other.js_accessor_p"); |
| 5276 ExpectUndefined( |
| 5277 "Object.getOwnPropertyDescriptor(other, 'js_accessor_p')"); |
| 5278 |
| 5279 // Enable ACCESS_HAS. |
| 5280 allowed_access_type[v8::ACCESS_HAS] = true; |
| 5281 ExpectUndefined("other.js_accessor_p"); |
| 5282 ExpectUndefined( |
| 5283 "Object.getOwnPropertyDescriptor(other, 'js_accessor_p').get"); |
| 5284 ExpectUndefined( |
| 5285 "Object.getOwnPropertyDescriptor(other, 'js_accessor_p').set"); |
| 5286 ExpectUndefined( |
| 5287 "Object.getOwnPropertyDescriptor(other, 'js_accessor_p').value"); |
| 5288 allowed_access_type[v8::ACCESS_HAS] = false; |
| 5289 |
| 5290 // Enable both ACCESS_HAS and ACCESS_GET. |
| 5291 allowed_access_type[v8::ACCESS_HAS] = true; |
| 5292 allowed_access_type[v8::ACCESS_GET] = true; |
| 5293 |
| 5294 ExpectString("other.js_accessor_p", "getter"); |
| 5295 ExpectObject( |
| 5296 "Object.getOwnPropertyDescriptor(other, 'js_accessor_p').get", getter); |
| 5297 ExpectUndefined( |
| 5298 "Object.getOwnPropertyDescriptor(other, 'js_accessor_p').set"); |
| 5299 ExpectUndefined( |
| 5300 "Object.getOwnPropertyDescriptor(other, 'js_accessor_p').value"); |
| 5301 |
| 5302 allowed_access_type[v8::ACCESS_GET] = false; |
| 5303 allowed_access_type[v8::ACCESS_HAS] = false; |
| 5304 |
| 5305 // Enable both ACCESS_HAS and ACCESS_SET. |
| 5306 allowed_access_type[v8::ACCESS_HAS] = true; |
| 5307 allowed_access_type[v8::ACCESS_SET] = true; |
| 5308 |
| 5309 ExpectUndefined("other.js_accessor_p"); |
| 5310 ExpectUndefined( |
| 5311 "Object.getOwnPropertyDescriptor(other, 'js_accessor_p').get"); |
| 5312 ExpectObject( |
| 5313 "Object.getOwnPropertyDescriptor(other, 'js_accessor_p').set", setter); |
| 5314 ExpectUndefined( |
| 5315 "Object.getOwnPropertyDescriptor(other, 'js_accessor_p').value"); |
| 5316 |
| 5317 allowed_access_type[v8::ACCESS_SET] = false; |
| 5318 allowed_access_type[v8::ACCESS_HAS] = false; |
| 5319 |
| 5320 // Enable both ACCESS_HAS, ACCESS_GET and ACCESS_SET. |
| 5321 allowed_access_type[v8::ACCESS_HAS] = true; |
| 5322 allowed_access_type[v8::ACCESS_GET] = true; |
| 5323 allowed_access_type[v8::ACCESS_SET] = true; |
| 5324 |
| 5325 ExpectString("other.js_accessor_p", "getter"); |
| 5326 ExpectObject( |
| 5327 "Object.getOwnPropertyDescriptor(other, 'js_accessor_p').get", getter); |
| 5328 ExpectObject( |
| 5329 "Object.getOwnPropertyDescriptor(other, 'js_accessor_p').set", setter); |
| 5330 ExpectUndefined( |
| 5331 "Object.getOwnPropertyDescriptor(other, 'js_accessor_p').value"); |
| 5332 |
| 5333 allowed_access_type[v8::ACCESS_SET] = false; |
| 5334 allowed_access_type[v8::ACCESS_GET] = false; |
| 5335 allowed_access_type[v8::ACCESS_HAS] = false; |
| 5336 |
| 5337 // Access an element with JS accessor. |
| 5338 CompileRun("other[42] = 2"); |
| 5339 |
| 5340 ExpectUndefined("other[42]"); |
| 5341 ExpectUndefined("Object.getOwnPropertyDescriptor(other, '42')"); |
| 5342 |
| 5343 // Enable ACCESS_HAS. |
| 5344 allowed_access_type[v8::ACCESS_HAS] = true; |
| 5345 ExpectUndefined("other[42]"); |
| 5346 ExpectUndefined("Object.getOwnPropertyDescriptor(other, '42').get"); |
| 5347 ExpectUndefined("Object.getOwnPropertyDescriptor(other, '42').set"); |
| 5348 ExpectUndefined("Object.getOwnPropertyDescriptor(other, '42').value"); |
| 5349 allowed_access_type[v8::ACCESS_HAS] = false; |
| 5350 |
| 5351 // Enable both ACCESS_HAS and ACCESS_GET. |
| 5352 allowed_access_type[v8::ACCESS_HAS] = true; |
| 5353 allowed_access_type[v8::ACCESS_GET] = true; |
| 5354 |
| 5355 ExpectString("other[42]", "el_getter"); |
| 5356 ExpectObject("Object.getOwnPropertyDescriptor(other, '42').get", el_getter); |
| 5357 ExpectUndefined("Object.getOwnPropertyDescriptor(other, '42').set"); |
| 5358 ExpectUndefined("Object.getOwnPropertyDescriptor(other, '42').value"); |
| 5359 |
| 5360 allowed_access_type[v8::ACCESS_GET] = false; |
| 5361 allowed_access_type[v8::ACCESS_HAS] = false; |
| 5362 |
| 5363 // Enable both ACCESS_HAS and ACCESS_SET. |
| 5364 allowed_access_type[v8::ACCESS_HAS] = true; |
| 5365 allowed_access_type[v8::ACCESS_SET] = true; |
| 5366 |
| 5367 ExpectUndefined("other[42]"); |
| 5368 ExpectUndefined("Object.getOwnPropertyDescriptor(other, '42').get"); |
| 5369 ExpectObject("Object.getOwnPropertyDescriptor(other, '42').set", el_setter); |
| 5370 ExpectUndefined("Object.getOwnPropertyDescriptor(other, '42').value"); |
| 5371 |
| 5372 allowed_access_type[v8::ACCESS_SET] = false; |
| 5373 allowed_access_type[v8::ACCESS_HAS] = false; |
| 5374 |
| 5375 // Enable both ACCESS_HAS, ACCESS_GET and ACCESS_SET. |
| 5376 allowed_access_type[v8::ACCESS_HAS] = true; |
| 5377 allowed_access_type[v8::ACCESS_GET] = true; |
| 5378 allowed_access_type[v8::ACCESS_SET] = true; |
| 5379 |
| 5380 ExpectString("other[42]", "el_getter"); |
| 5381 ExpectObject("Object.getOwnPropertyDescriptor(other, '42').get", el_getter); |
| 5382 ExpectObject("Object.getOwnPropertyDescriptor(other, '42').set", el_setter); |
| 5383 ExpectUndefined("Object.getOwnPropertyDescriptor(other, '42').value"); |
| 5384 |
| 5385 allowed_access_type[v8::ACCESS_SET] = false; |
| 5386 allowed_access_type[v8::ACCESS_GET] = false; |
| 5387 allowed_access_type[v8::ACCESS_HAS] = false; |
| 5388 |
5214 v8::Handle<Value> value; | 5389 v8::Handle<Value> value; |
5215 | 5390 |
5216 // Access blocked property | |
5217 value = CompileRun("other.blocked_prop = 1"); | |
5218 value = CompileRun("other.blocked_prop"); | |
5219 CHECK(value->IsUndefined()); | |
5220 | |
5221 value = CompileRun( | |
5222 "Object.getOwnPropertyDescriptor(other, 'blocked_prop').value"); | |
5223 CHECK(value->IsUndefined()); | |
5224 | |
5225 value = CompileRun("propertyIsEnumerable.call(other, 'blocked_prop')"); | |
5226 CHECK(value->IsFalse()); | |
5227 | |
5228 // Access accessible property | 5391 // Access accessible property |
5229 value = CompileRun("other.accessible_prop = 3"); | 5392 value = CompileRun("other.accessible_prop = 3"); |
5230 CHECK(value->IsNumber()); | 5393 CHECK(value->IsNumber()); |
5231 CHECK_EQ(3, value->Int32Value()); | 5394 CHECK_EQ(3, value->Int32Value()); |
5232 CHECK_EQ(3, g_echo_value); | 5395 CHECK_EQ(3, g_echo_value); |
5233 | 5396 |
5234 value = CompileRun("other.accessible_prop"); | 5397 value = CompileRun("other.accessible_prop"); |
5235 CHECK(value->IsNumber()); | 5398 CHECK(value->IsNumber()); |
5236 CHECK_EQ(3, value->Int32Value()); | 5399 CHECK_EQ(3, value->Int32Value()); |
5237 | 5400 |
(...skipping 6635 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
11873 v8::Context::Scope context_scope(context.local()); | 12036 v8::Context::Scope context_scope(context.local()); |
11874 | 12037 |
11875 v8::Handle<v8::ObjectTemplate> tmpl = v8::ObjectTemplate::New(); | 12038 v8::Handle<v8::ObjectTemplate> tmpl = v8::ObjectTemplate::New(); |
11876 tmpl->SetNamedPropertyHandler(Getter, NULL, NULL, NULL, Enumerator); | 12039 tmpl->SetNamedPropertyHandler(Getter, NULL, NULL, NULL, Enumerator); |
11877 context->Global()->Set(v8_str("o"), tmpl->NewInstance()); | 12040 context->Global()->Set(v8_str("o"), tmpl->NewInstance()); |
11878 v8::Handle<v8::Array> result = v8::Handle<v8::Array>::Cast(CompileRun( | 12041 v8::Handle<v8::Array> result = v8::Handle<v8::Array>::Cast(CompileRun( |
11879 "var result = []; for (var k in o) result.push(k); result")); | 12042 "var result = []; for (var k in o) result.push(k); result")); |
11880 CHECK_EQ(1, result->Length()); | 12043 CHECK_EQ(1, result->Length()); |
11881 CHECK_EQ(v8_str("universalAnswer"), result->Get(0)); | 12044 CHECK_EQ(v8_str("universalAnswer"), result->Get(0)); |
11882 } | 12045 } |
OLD | NEW |