Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(169)

Side by Side Diff: extensions/renderer/v8_context_native_handler.cc

Issue 1231803002: extension: Checks the security token of the V8 context at GetModuleSystem(). (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Added a comment. Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « extensions/renderer/v8_context_native_handler.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "extensions/renderer/v8_context_native_handler.h" 5 #include "extensions/renderer/v8_context_native_handler.h"
6 6
7 #include "base/bind.h" 7 #include "base/bind.h"
8 #include "extensions/common/features/feature.h" 8 #include "extensions/common/features/feature.h"
9 #include "extensions/renderer/dispatcher.h" 9 #include "extensions/renderer/dispatcher.h"
10 #include "extensions/renderer/script_context.h" 10 #include "extensions/renderer/script_context.h"
11 11
12 namespace extensions { 12 namespace extensions {
13 13
14 V8ContextNativeHandler::V8ContextNativeHandler(ScriptContext* context, 14 V8ContextNativeHandler::V8ContextNativeHandler(ScriptContext* context,
15 Dispatcher* dispatcher) 15 Dispatcher* dispatcher)
16 : ObjectBackedNativeHandler(context), 16 : ObjectBackedNativeHandler(context),
17 context_(context),
18 dispatcher_(dispatcher) { 17 dispatcher_(dispatcher) {
19 RouteFunction("GetAvailability", 18 RouteFunction("GetAvailability",
20 base::Bind(&V8ContextNativeHandler::GetAvailability, 19 base::Bind(&V8ContextNativeHandler::GetAvailability,
21 base::Unretained(this))); 20 base::Unretained(this)));
22 RouteFunction("GetModuleSystem", 21 RouteFunction("GetModuleSystem",
23 base::Bind(&V8ContextNativeHandler::GetModuleSystem, 22 base::Bind(&V8ContextNativeHandler::GetModuleSystem,
24 base::Unretained(this))); 23 base::Unretained(this)));
25 RouteFunction( 24 RouteFunction(
26 "RunWithNativesEnabledModuleSystem", 25 "RunWithNativesEnabledModuleSystem",
27 base::Bind(&V8ContextNativeHandler::RunWithNativesEnabledModuleSystem, 26 base::Bind(&V8ContextNativeHandler::RunWithNativesEnabledModuleSystem,
28 base::Unretained(this))); 27 base::Unretained(this)));
29 } 28 }
30 29
31 void V8ContextNativeHandler::GetAvailability( 30 void V8ContextNativeHandler::GetAvailability(
32 const v8::FunctionCallbackInfo<v8::Value>& args) { 31 const v8::FunctionCallbackInfo<v8::Value>& args) {
33 CHECK_EQ(args.Length(), 1); 32 CHECK_EQ(args.Length(), 1);
34 v8::Isolate* isolate = args.GetIsolate(); 33 v8::Isolate* isolate = args.GetIsolate();
35 std::string api_name = *v8::String::Utf8Value(args[0]); 34 std::string api_name = *v8::String::Utf8Value(args[0]);
36 Feature::Availability availability = context_->GetAvailability(api_name); 35 Feature::Availability availability = context()->GetAvailability(api_name);
37 36
38 v8::Local<v8::Object> ret = v8::Object::New(isolate); 37 v8::Local<v8::Object> ret = v8::Object::New(isolate);
39 ret->Set(v8::String::NewFromUtf8(isolate, "is_available"), 38 ret->Set(v8::String::NewFromUtf8(isolate, "is_available"),
40 v8::Boolean::New(isolate, availability.is_available())); 39 v8::Boolean::New(isolate, availability.is_available()));
41 ret->Set(v8::String::NewFromUtf8(isolate, "message"), 40 ret->Set(v8::String::NewFromUtf8(isolate, "message"),
42 v8::String::NewFromUtf8(isolate, availability.message().c_str())); 41 v8::String::NewFromUtf8(isolate, availability.message().c_str()));
43 ret->Set(v8::String::NewFromUtf8(isolate, "result"), 42 ret->Set(v8::String::NewFromUtf8(isolate, "result"),
44 v8::Integer::New(isolate, availability.result())); 43 v8::Integer::New(isolate, availability.result()));
45 args.GetReturnValue().Set(ret); 44 args.GetReturnValue().Set(ret);
46 } 45 }
47 46
48 void V8ContextNativeHandler::GetModuleSystem( 47 void V8ContextNativeHandler::GetModuleSystem(
49 const v8::FunctionCallbackInfo<v8::Value>& args) { 48 const v8::FunctionCallbackInfo<v8::Value>& args) {
50 CHECK_EQ(args.Length(), 1); 49 CHECK_EQ(args.Length(), 1);
51 CHECK(args[0]->IsObject()); 50 CHECK(args[0]->IsObject());
52 v8::Local<v8::Context> v8_context = 51 v8::Local<v8::Context> v8_context =
53 v8::Local<v8::Object>::Cast(args[0])->CreationContext(); 52 v8::Local<v8::Object>::Cast(args[0])->CreationContext();
53 // Returns undefined if it's a cross-domain access.
54 if (v8_context->GetSecurityToken() !=
55 args.GetIsolate()->GetCurrentContext()->GetSecurityToken())
jochen (gone - plz use gerrit) 2015/07/13 12:01:17 i'd rather not duplicate the security check logic,
56 return;
54 ScriptContext* context = 57 ScriptContext* context =
55 dispatcher_->script_context_set().GetByV8Context(v8_context); 58 dispatcher_->script_context_set().GetByV8Context(v8_context);
56 args.GetReturnValue().Set(context->module_system()->NewInstance()); 59 args.GetReturnValue().Set(context->module_system()->NewInstance());
57 } 60 }
58 61
59 void V8ContextNativeHandler::RunWithNativesEnabledModuleSystem( 62 void V8ContextNativeHandler::RunWithNativesEnabledModuleSystem(
60 const v8::FunctionCallbackInfo<v8::Value>& args) { 63 const v8::FunctionCallbackInfo<v8::Value>& args) {
61 CHECK_EQ(args.Length(), 1); 64 CHECK_EQ(args.Length(), 1);
62 CHECK(args[0]->IsFunction()); 65 CHECK(args[0]->IsFunction());
63 v8::Local<v8::Value> call_with_args[] = { 66 v8::Local<v8::Value> call_with_args[] = {
64 context()->module_system()->NewInstance()}; 67 context()->module_system()->NewInstance()};
65 ModuleSystem::NativesEnabledScope natives_enabled(context()->module_system()); 68 ModuleSystem::NativesEnabledScope natives_enabled(context()->module_system());
66 context()->CallFunction(v8::Local<v8::Function>::Cast(args[0]), 1, 69 context()->CallFunction(v8::Local<v8::Function>::Cast(args[0]), 1,
67 call_with_args); 70 call_with_args);
68 } 71 }
69 72
70 } // namespace extensions 73 } // namespace extensions
OLDNEW
« no previous file with comments | « extensions/renderer/v8_context_native_handler.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698