Transitively keep track of an isolated world's children scripts and worlds.

third_party/WebKit/Source/bindings/core/v8/DOMWrapperWorld.h

 /*
  * Copyright (C) 2009 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  *     * Redistributions in binary form must reproduce the above
@@ skipping 42 matching lines @@
     WorkerWorldId,
     TestingWorldId,
 };
 
 class DOMObjectHolderBase;
 template<typename T> class DOMObjectHolder;
 
 // This class represent a collection of DOM wrappers for a specific world.
 class CORE_EXPORT DOMWrapperWorld : public RefCounted<DOMWrapperWorld> {
 public:
+    class OriginWorldPusher {
+        WTF_MAKE_NONCOPYABLE(OriginWorldPusher);
+
+    public:
+        explicit OriginWorldPusher(DOMWrapperWorld& currentWorld, PassRefPtr<DOMWrapperWorld> originWorld)
+            : m_oldOriginWorld(currentWorld.m_originWorld)
+            , m_currentWorld(currentWorld)
+        {
+            // "Push" the origin world.
+            currentWorld.setOriginWorld(originWorld);
+        }
+
+        ~OriginWorldPusher()
+        {
+            // "Pop" the origin world to avoid tainting the entire document.
+            m_currentWorld.setOriginWorld(m_oldOriginWorld);
+        }
+
+    private:
+        RefPtr<DOMWrapperWorld> m_oldOriginWorld;
+        DOMWrapperWorld& m_currentWorld;

[haraken, 2016/01/21 10:16:15]

I'm wondering if we could simplify the logic around here.

As far as I understand, it's not possible that more than 1 DOMWrapperWorlds are
pushed on the world stack. If that is the case, we won't need to create a link
from the current world to the origin world.

In other words, we can do something like:

- The caller site just calls 'DOMWrapperWorld::OriginWorldScope(m_originWorld)'.

- It records the origin world onto a static variable.

- The DOMActivityLogger code can check if the current world is an isolated world
or not *and* if the recorded origin world is an isolated world or not.

What do you think?

[Joe Mason, 2016/01/21 16:13:50]

That seems more complicated to me rather than simpler. A scoped class that
updates state when it's created and resets it when its destroyed is a common
idiom that's easy to understand and generalize. Recording the world into a
static variable relies on assumptions about the number of DOMWrapperWorlds that
can exist at once and about thread safety. (I assume they're correct
assumptions, but having to keep track of them and reason about them adds
complexity.)

And if there is only one DOMWrapperWorld created at a time, we're storing a
reference and a RefPtr on the stack instead of one RefPtr in a static variable.
That's not a huge difference in efficiency.

+    };
+
     static PassRefPtr<DOMWrapperWorld> create(v8::Isolate*, int worldId = -1, int extensionGroup = -1);
 
     static const int mainWorldExtensionGroup = 0;
     static const int privateScriptIsolatedWorldExtensionGroup = 1;
     static PassRefPtr<DOMWrapperWorld> ensureIsolatedWorld(v8::Isolate*, int worldId, int extensionGroup);
     ~DOMWrapperWorld();
     void dispose();
 
     static bool isolatedWorldsExist() { return isolatedWorldCount; }
     static void allWorldsInMainThread(Vector<RefPtr<DOMWrapperWorld>>& worlds);
@@ skipping 35 matching lines @@
     // FIXME: Right now, resource injection simply bypasses the main world's
     // DOM. More work is necessary to allow the isolated world's policy to be
     // applied correctly.
     static void setIsolatedWorldContentSecurityPolicy(int worldId, const String& policy);
     bool isolatedWorldHasContentSecurityPolicy();
 
     bool isMainWorld() const { return m_worldId == MainWorldId; }
     bool isPrivateScriptIsolatedWorld() const { return m_worldId == PrivateScriptIsolatedWorldId; }
     bool isWorkerWorld() const { return m_worldId == WorkerWorldId; }
     bool isIsolatedWorld() const { return MainWorldId < m_worldId  && m_worldId < IsolatedWorldIdLimit; }
+    void setOriginWorld(PassRefPtr<DOMWrapperWorld> originWorld)
+    {
+        m_originWorld = originWorld;
+    };
+    DOMWrapperWorld* originWorld()
+    {
+        return isIsolatedWorld() ? this : m_originWorld.get();
+    };
+    bool isOfIsolatedWorldOrigin() const
+    {
+        return isIsolatedWorld() || (m_originWorld && m_originWorld->isIsolatedWorld());
+    };
 
     int worldId() const { return m_worldId; }
     int extensionGroup() const { return m_extensionGroup; }
+
     DOMDataStore& domDataStore() const { return *m_domDataStore; }
 
     static void setWorldOfInitializingWindow(DOMWrapperWorld* world)
     {
         ASSERT(isMainThread());
         worldOfInitializingWindow = world;
     }
 
 public:
     template<typename T>
     void registerDOMObjectHolder(v8::Isolate*, T*, v8::Local<v8::Value>);
 
 private:
     DOMWrapperWorld(v8::Isolate*, int worldId, int extensionGroup);
 
     static void weakCallbackForDOMObjectHolder(const v8::WeakCallbackInfo<DOMObjectHolderBase>&);
     void registerDOMObjectHolderInternal(PassOwnPtr<DOMObjectHolderBase>);
     void unregisterDOMObjectHolder(DOMObjectHolderBase*);
 
     static unsigned isolatedWorldCount;
     static DOMWrapperWorld* worldOfInitializingWindow;
 
     const int m_worldId;
     const int m_extensionGroup;
+    RefPtr<DOMWrapperWorld> m_originWorld;
     OwnPtr<DOMDataStore> m_domDataStore;
     HashSet<OwnPtr<DOMObjectHolderBase>> m_domObjectHolders;
 };
 
 } // namespace blink
 
 #endif // DOMWrapperWorld_h