Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(284)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 17451011: Make the externally connectable browser test clobber all of the builtins, (Closed)

Created:
7 years, 6 months ago by not at google - send to devlin
Modified:
7 years, 6 months ago
Reviewers:
Jeffrey Yasskin
CC:
chromium-reviews, extensions-reviews_chromium.org, skanuj+watch_chromium.org, melevin+watch_chromium.org, dhollowa+watch_chromium.org, dougw+watch_chromium.org, donnd+watch_chromium.org, mad+watch_chromium.org, dominich, jfweitz+watch_chromium.org, David Black, samarth+watch_chromium.org, kmadhusu+watch_chromium.org, chromium-apps-reviews_chromium.org, Jered
Visibility:
Public.

Description

Make the externally connectable browser test clobber all of the builtins, except for a very small subset of them, and use the safe builtins to make the test pass. This will give us a decent sense of confidence that web pages can't accidentally override builtins in a way that breaks us, though there are still infinite ways for an extension to deliberately break itself. BUG=55316 R=jyasskin@chromium.org Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=207995

Patch Set 1 #

Patch Set 2 : hopefully fix tests #

Total comments: 8

Patch Set 3 : jeff #

Patch Set 4 : rebase #

Unified diffs Side-by-side diffs Delta from patch set Stats (+217 lines, -126 lines) Patch
M chrome/renderer/extensions/module_system.cc View 1 2 3 3 chunks +5 lines, -1 line 0 comments Download
M chrome/renderer/extensions/safe_builtins.h View 1 2 3 1 chunk +2 lines, -0 lines 0 comments Download
M chrome/renderer/extensions/safe_builtins.cc View 1 2 3 2 chunks +16 lines, -4 lines 0 comments Download
M chrome/renderer/resources/extensions/ad_view.js View 1 chunk +1 line, -1 line 0 comments Download
M chrome/renderer/resources/extensions/app_custom_bindings.js View 1 chunk +2 lines, -2 lines 0 comments Download
M chrome/renderer/resources/extensions/app_runtime_custom_bindings.js View 1 chunk +1 line, -1 line 0 comments Download
M chrome/renderer/resources/extensions/binding.js View 1 10 chunks +19 lines, -17 lines 0 comments Download
M chrome/renderer/resources/extensions/bluetooth_custom_bindings.js View 2 chunks +2 lines, -2 lines 0 comments Download
M chrome/renderer/resources/extensions/chrome_setting.js View 2 chunks +3 lines, -2 lines 0 comments Download
M chrome/renderer/resources/extensions/content_setting.js View 2 chunks +3 lines, -2 lines 0 comments Download
M chrome/renderer/resources/extensions/content_watcher.js View 1 chunk +1 line, -1 line 0 comments Download
M chrome/renderer/resources/extensions/context_menus_custom_bindings.js View 1 chunk +1 line, -1 line 0 comments Download
M chrome/renderer/resources/extensions/declarative_content_custom_bindings.js View 1 chunk +1 line, -1 line 0 comments Download
M chrome/renderer/resources/extensions/declarative_webrequest_custom_bindings.js View 1 chunk +1 line, -1 line 0 comments Download
M chrome/renderer/resources/extensions/entry_id_manager.js View 1 chunk +1 line, -1 line 0 comments Download
M chrome/renderer/resources/extensions/event.js View 1 8 chunks +15 lines, -12 lines 0 comments Download
M chrome/renderer/resources/extensions/experimental.offscreenTabs_custom_bindings.js View 1 chunk +4 lines, -2 lines 0 comments Download
M chrome/renderer/resources/extensions/extension_custom_bindings.js View 1 chunk +1 line, -1 line 0 comments Download
M chrome/renderer/resources/extensions/file_system_custom_bindings.js View 3 chunks +5 lines, -5 lines 0 comments Download
M chrome/renderer/resources/extensions/i18n_custom_bindings.js View 1 chunk +1 line, -1 line 0 comments Download
M chrome/renderer/resources/extensions/image_util.js View 1 chunk +1 line, -1 line 0 comments Download
M chrome/renderer/resources/extensions/json_schema.js View 4 chunks +6 lines, -6 lines 0 comments Download
M chrome/renderer/resources/extensions/last_error.js View 1 chunk +1 line, -1 line 0 comments Download
M chrome/renderer/resources/extensions/media_galleries_custom_bindings.js View 1 chunk +1 line, -1 line 0 comments Download
M chrome/renderer/resources/extensions/miscellaneous_bindings.js View 1 2 3 2 chunks +6 lines, -6 lines 0 comments Download
M chrome/renderer/resources/extensions/notifications_custom_bindings.js View 2 chunks +2 lines, -2 lines 0 comments Download
M chrome/renderer/resources/extensions/omnibox_custom_bindings.js View 2 chunks +2 lines, -2 lines 0 comments Download
M chrome/renderer/resources/extensions/permissions_custom_bindings.js View 3 chunks +3 lines, -3 lines 0 comments Download
M chrome/renderer/resources/extensions/platform_app.js View 1 chunk +1 line, -1 line 0 comments Download
M chrome/renderer/resources/extensions/schema_utils.js View 2 chunks +5 lines, -5 lines 0 comments Download
M chrome/renderer/resources/extensions/searchbox_api.js View 1 2 3 1 chunk +1 line, -1 line 0 comments Download
M chrome/renderer/resources/extensions/send_request.js View 1 4 chunks +4 lines, -4 lines 0 comments Download
M chrome/renderer/resources/extensions/storage_area.js View 2 chunks +3 lines, -3 lines 0 comments Download
M chrome/renderer/resources/extensions/sync_file_system_custom_bindings.js View 2 chunks +2 lines, -2 lines 0 comments Download
M chrome/renderer/resources/extensions/test_custom_bindings.js View 3 chunks +11 lines, -5 lines 0 comments Download
M chrome/renderer/resources/extensions/unload_event.js View 1 chunk +2 lines, -2 lines 0 comments Download
M chrome/renderer/resources/extensions/utils.js View 1 2 chunks +2 lines, -2 lines 0 comments Download
M chrome/renderer/resources/extensions/web_request_custom_bindings.js View 1 chunk +1 line, -1 line 0 comments Download
M chrome/renderer/resources/extensions/web_request_internal_custom_bindings.js View 5 chunks +7 lines, -7 lines 0 comments Download
M chrome/renderer/resources/extensions/web_view.js View 1 2 2 chunks +7 lines, -7 lines 0 comments Download
M chrome/test/data/extensions/api_test/messaging/externally_connectable/sites/assertions.js View 1 2 6 chunks +64 lines, -6 lines 0 comments Download

Messages

Total messages: 9 (0 generated)
not at google - send to devlin
Jeffrey - heads up on this, heading out for the day and there are a ...
7 years, 6 months ago (2013-06-20 00:57:22 UTC) #1
not at google - send to devlin
Ok done. PTAL.
7 years, 6 months ago (2013-06-20 20:48:02 UTC) #2
Jeffrey Yasskin
I didn't look at all of the .js changes in detail, and I'd be happier ...
7 years, 6 months ago (2013-06-20 23:33:04 UTC) #3
not at google - send to devlin
https://codereview.chromium.org/17451011/diff/10001/chrome/renderer/extensions/safe_builtins.cc File chrome/renderer/extensions/safe_builtins.cc (right): https://codereview.chromium.org/17451011/diff/10001/chrome/renderer/extensions/safe_builtins.cc#newcode104 chrome/renderer/extensions/safe_builtins.cc:104: // info[1]->Object() // recv (will throw error not check) ...
7 years, 6 months ago (2013-06-21 00:01:43 UTC) #4
not at google - send to devlin
rebased, ptal
7 years, 6 months ago (2013-06-21 22:26:30 UTC) #5
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/kalman@chromium.org/17451011/40001
7 years, 6 months ago (2013-06-22 00:34:49 UTC) #6
not at google - send to devlin
Committed patchset #4 manually as r207995 (presubmit successful).
7 years, 6 months ago (2013-06-22 02:36:27 UTC) #7
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/kalman@chromium.org/17451011/40001
7 years, 6 months ago (2013-06-22 02:43:46 UTC) #8
commit-bot: I haz the power
7 years, 6 months ago (2013-06-22 02:43:56 UTC) #9
Message was sent while issue was closed. 
Failed to apply patch for chrome/renderer/extensions/module_system.cc:
While running patch -p1 --forward --force --no-backup-if-mismatch;
  patching file chrome/renderer/extensions/module_system.cc
  Hunk #1 FAILED at 189.
  Hunk #2 FAILED at 200.
  Hunk #3 FAILED at 483.
  3 out of 3 hunks FAILED -- saving rejects to file
chrome/renderer/extensions/module_system.cc.rej

Patch:       chrome/renderer/extensions/module_system.cc
Index: chrome/renderer/extensions/module_system.cc
diff --git a/chrome/renderer/extensions/module_system.cc
b/chrome/renderer/extensions/module_system.cc
index
29575b2ec1ff20de6ad9245e001477ce528c4937..822c15e54853cdbf2a0034dfb6921a2779dfa969
100644
--- a/chrome/renderer/extensions/module_system.cc
+++ b/chrome/renderer/extensions/module_system.cc
@@ -189,6 +189,8 @@ v8::Handle<v8::Value> ModuleSystem::RequireForJsInner(
 
   exports = v8::Object::New();
   v8::Handle<v8::Object> natives(NewInstance());
+  CHECK(!natives.IsEmpty());  // this can happen if v8 has issues
+
   // These must match the argument order in WrapSource.
   v8::Handle<v8::Value> args[] = {
     // CommonJS.
@@ -200,6 +202,8 @@ v8::Handle<v8::Value> ModuleSystem::RequireForJsInner(
     context_->safe_builtins()->GetFunction(),
     context_->safe_builtins()->GetJSON(),
     context_->safe_builtins()->GetObjekt(),
+    context_->safe_builtins()->GetRegExp(),
+    context_->safe_builtins()->GetString(),
   };
   {
     v8::TryCatch try_catch;
@@ -483,7 +487,7 @@ v8::Handle<v8::String>
ModuleSystem::WrapSource(v8::Handle<v8::String> source) {
   // Keep in order with the arguments in RequireForJsInner.
   v8::Handle<v8::String> left = v8::String::New(
       "(function(require, requireNative, exports,"
-                "$Array, $Function, $JSON, $Object) {"
+                "$Array, $Function, $JSON, $Object, $RegExp, $String) {"
        "'use strict';");
   v8::Handle<v8::String> right = v8::String::New("\n})");
   return handle_scope.Close(

Powered by Google App Engine
This is Rietveld 408576698