Transitively keep track of an isolated world's children scripts and worlds.

third_party/WebKit/Source/bindings/core/v8/DOMWrapperWorld.h

Index: third_party/WebKit/Source/bindings/core/v8/DOMWrapperWorld.h
diff --git a/third_party/WebKit/Source/bindings/core/v8/DOMWrapperWorld.h b/third_party/WebKit/Source/bindings/core/v8/DOMWrapperWorld.h
index aeadf0611815e4309a02ae1ff14b3d0e32f98888..36f0ae4506bce28d4142416f32967ba0d2d60e17 100644
--- a/third_party/WebKit/Source/bindings/core/v8/DOMWrapperWorld.h
+++ b/third_party/WebKit/Source/bindings/core/v8/DOMWrapperWorld.h
@@ -60,6 +60,29 @@ template<typename T> class DOMObjectHolder;
 // This class represent a collection of DOM wrappers for a specific world.
 class CORE_EXPORT DOMWrapperWorld : public RefCounted<DOMWrapperWorld> {
 public:
+    class OriginWorldPusher {
+        WTF_MAKE_NONCOPYABLE(OriginWorldPusher);
+
+    public:
+        explicit OriginWorldPusher(DOMWrapperWorld& currentWorld, PassRefPtr<DOMWrapperWorld> originWorld)
+            : m_oldOriginWorld(currentWorld.m_originWorld)
+            , m_currentWorld(currentWorld)
+        {
+            // "Push" the origin world.
+            currentWorld.setOriginWorld(originWorld);
+        }
+
+        ~OriginWorldPusher()
+        {
+            // "Pop" the origin world to avoid tainting the entire document.
+            m_currentWorld.setOriginWorld(m_oldOriginWorld);
+        }
+
+    private:
+        RefPtr<DOMWrapperWorld> m_oldOriginWorld;
+        DOMWrapperWorld& m_currentWorld;

[haraken, 2016/01/21 10:16:15]

I'm wondering if we could simplify the logic around here.

As far as I understand, it's not possible that more than 1 DOMWrapperWorlds are
pushed on the world stack. If that is the case, we won't need to create a link
from the current world to the origin world.

In other words, we can do something like:

- The caller site just calls 'DOMWrapperWorld::OriginWorldScope(m_originWorld)'.

- It records the origin world onto a static variable.

- The DOMActivityLogger code can check if the current world is an isolated world
or not *and* if the recorded origin world is an isolated world or not.

What do you think?

[Joe Mason, 2016/01/21 16:13:50]

That seems more complicated to me rather than simpler. A scoped class that
updates state when it's created and resets it when its destroyed is a common
idiom that's easy to understand and generalize. Recording the world into a
static variable relies on assumptions about the number of DOMWrapperWorlds that
can exist at once and about thread safety. (I assume they're correct
assumptions, but having to keep track of them and reason about them adds
complexity.)

And if there is only one DOMWrapperWorld created at a time, we're storing a
reference and a RefPtr on the stack instead of one RefPtr in a static variable.
That's not a huge difference in efficiency.

+    };
+
     static PassRefPtr<DOMWrapperWorld> create(v8::Isolate*, int worldId = -1, int extensionGroup = -1);
 
     static const int mainWorldExtensionGroup = 0;
@@ -115,9 +138,22 @@ public:
     bool isPrivateScriptIsolatedWorld() const { return m_worldId == PrivateScriptIsolatedWorldId; }
     bool isWorkerWorld() const { return m_worldId == WorkerWorldId; }
     bool isIsolatedWorld() const { return MainWorldId < m_worldId  && m_worldId < IsolatedWorldIdLimit; }
+    void setOriginWorld(PassRefPtr<DOMWrapperWorld> originWorld)
+    {
+        m_originWorld = originWorld;
+    };
+    DOMWrapperWorld* originWorld()
+    {
+        return isIsolatedWorld() ? this : m_originWorld.get();
+    };
+    bool isOfIsolatedWorldOrigin() const
+    {
+        return isIsolatedWorld() || (m_originWorld && m_originWorld->isIsolatedWorld());
+    };
 
     int worldId() const { return m_worldId; }
     int extensionGroup() const { return m_extensionGroup; }
+
     DOMDataStore& domDataStore() const { return *m_domDataStore; }
 
     static void setWorldOfInitializingWindow(DOMWrapperWorld* world)
@@ -142,6 +178,7 @@ private:
 
     const int m_worldId;
     const int m_extensionGroup;
+    RefPtr<DOMWrapperWorld> m_originWorld;
     OwnPtr<DOMDataStore> m_domDataStore;
     HashSet<OwnPtr<DOMObjectHolderBase>> m_domObjectHolders;
 };