Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(156)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: Source/bindings/v8/SerializedScriptValue.cpp

Issue 189623014: Throw DataCloneError on cloning closed Blobs/Files. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« LayoutTests/fast/dom/Window/script-tests/postmessage-clone.js ('K') | « LayoutTests/fast/dom/Window/window-postmessage-clone-expected.txt ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: Source/bindings/v8/SerializedScriptValue.cpp
diff --git a/Source/bindings/v8/SerializedScriptValue.cpp b/Source/bindings/v8/SerializedScriptValue.cpp
index 267762e420e7c9f851a20c144286759610a013b4..f3cc22960bad4a4d877cb423d3860ccb486d6c76 100644
--- a/Source/bindings/v8/SerializedScriptValue.cpp
+++ b/Source/bindings/v8/SerializedScriptValue.cpp
@@ -1052,13 +1052,16 @@ private:
m_writer.writeBooleanObject(booleanObject->ValueOf());
}
- void writeBlob(v8::Handle<v8::Value> value)
+ StateBase* writeBlob(v8::Handle<v8::Value> value, StateBase* next)
{
Blob* blob = V8Blob::toNative(value.As<v8::Object>());
if (!blob)
- return;
+ return 0;
+ if (blob->hasBeenClosed())
+ return handleError(DataCloneError, "A Blob object could not be cloned.", next);
Mike West 2014/03/07 13:28:13 Could you be more specific in the error message he
sof 2014/03/07 13:34:32 Done.
m_writer.writeBlob(blob->uuid(), blob->type(), blob->size());
m_blobDataHandles.add(blob->uuid(), blob->blobDataHandle());
+ return 0;
}
StateBase* writeDOMFileSystem(v8::Handle<v8::Value> value, StateBase* next)
@@ -1072,13 +1075,16 @@ private:
return 0;
}
- void writeFile(v8::Handle<v8::Value> value)
+ StateBase* writeFile(v8::Handle<v8::Value> value, StateBase* next)
{
File* file = V8File::toNative(value.As<v8::Object>());
if (!file)
- return;
+ return 0;
+ if (file->hasBeenClosed())
+ return handleError(DataCloneError, "A File object could not be cloned.", next);
Mike West 2014/03/07 13:28:13 Ditto.
sof 2014/03/07 13:34:32 Done.
m_writer.writeFile(*file);
m_blobDataHandles.add(file->uuid(), file->blobDataHandle());
+ return 0;
}
void writeFileList(v8::Handle<v8::Value> value)
@@ -1280,9 +1286,9 @@ Serializer::StateBase* Serializer::doSerialize(v8::Handle<v8::Value> value, Stat
else if (value->IsArray()) {
return startArrayState(value.As<v8::Array>(), next);
} else if (V8File::hasInstance(value, m_isolate))
- writeFile(value);
+ return writeFile(value, next);
else if (V8Blob::hasInstance(value, m_isolate))
- writeBlob(value);
+ return writeBlob(value, next);
else if (V8DOMFileSystem::hasInstance(value, m_isolate))
return writeDOMFileSystem(value, next);
else if (V8FileList::hasInstance(value, m_isolate))
« LayoutTests/fast/dom/Window/script-tests/postmessage-clone.js ('K') | « LayoutTests/fast/dom/Window/window-postmessage-clone-expected.txt ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698