ios/web/web_state/js/resources/message.js - Issue 1973683002: [ios] Protect JS messaging system from window.webkit object overriding. - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(61)

My Issues | Starred Open | Closed | All

Side by Side Diff: ios/web/web_state/js/resources/message.js

Issue 1973683002: [ios] Protect JS messaging system from window.webkit object overriding. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Self review Created 4 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « no previous file | ios/web/web_state/web_state_impl_unittest.mm » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 // Scripts for the message handler.	5 // Scripts for the message handler.

6	6

7 goog.provide('__crWeb.message');	7 goog.provide('__crWeb.message');

8	8

9 goog.require('__crWeb.common');	9 goog.require('__crWeb.common');

10	10

11 /**	11 /**

12 * Namespace for this module.	12 * Namespace for this module.

13 */	13 */

14 __gCrWeb.message = {};	14 __gCrWeb.message = {};

15	15

16 /* Beginning of anonymous object. */	16 /* Beginning of anonymous object. */

17 (function() {	17 (function() {

	18

	19 // Retain message handlers object in case if a web page decide to override
	Jackie Quinn 2016/05/11 22:05:01 Grammar nit: "in case a web page overrides" Grammar nit: "in case a web page overrides" Eugene But (OOO till 7-30) 2016/05/12 13:59:15 Acknowledged. Show quoted text On 2016/05/11 22:05:01, Jackie Quinn wrote: > Grammar nit: "in case a web page overrides" Acknowledged.
	20 // \|window.webkit\|.

	21 if (window.webkit)

	22 __gCrWeb.webkitMessageHandlers = window.webkit.messageHandlers;

	23

18 /**	24 /**

19 * Object to manage queue of messages waiting to be sent to the main	25 * Object to manage queue of messages waiting to be sent to the main

20 * application for immediate processing.	26 * application for immediate processing.

21 * @type {Object}	27 * @type {Object}

22 * @private	28 * @private

23 */	29 */

24 var immediateMessageQueue_ = {	30 var immediateMessageQueue_ = {

25 scheme: 'crwebinvokeimmediate',	31 scheme: 'crwebinvokeimmediate',

26 reset: function() {	32 reset: function() {

27 immediateMessageQueue_.queue = [];	33 immediateMessageQueue_.queue = [];

(...skipping 81 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
109 // in serializing messageQueue_ to an invalid format.	115 // in serializing messageQueue_ to an invalid format.

110 var originalObjectToJSON = Object.prototype.toJSON;	116 var originalObjectToJSON = Object.prototype.toJSON;

111 if (originalObjectToJSON)	117 if (originalObjectToJSON)

112 delete Object.prototype.toJSON;	118 delete Object.prototype.toJSON;

113	119

114 queueObject.queue.forEach(function(command) {	120 queueObject.queue.forEach(function(command) {

115 var stringifiedMessage = __gCrWeb.common.JSONStringify({	121 var stringifiedMessage = __gCrWeb.common.JSONStringify({

116 "crwCommand": command,	122 "crwCommand": command,

117 "crwWindowId": __gCrWeb.windowId	123 "crwWindowId": __gCrWeb.windowId

118 });	124 });

119 window.webkit.messageHandlers[queueObject.scheme].postMessage(	125 // If \|window.webkit\| has been overridden, use messageHandlers object

120 stringifiedMessage);	126 // retained before the page load.

	127 var messageHandlers = window.webkit.messageHandlers \|\|
	Jackie Quinn 2016/05/11 22:05:01 What happens if it gets overridden and there is a What happens if it gets overridden and there is a window.webkit.messageHandlers object? Should we be using the override here, or should we always use the ivar? Eugene But (OOO till 7-30) 2016/05/12 13:59:15 deleting \|window.webkit\| addresses all kinds of is Show quoted text On 2016/05/11 22:05:01, Jackie Quinn wrote: > What happens if it gets overridden and there is a window.webkit.messageHandlers > object? Should we be using the override here, or should we always use the ivar? deleting \|window.webkit\| addresses all kinds of issues :)
	128 __gCrWeb.webkitMessageHandlers;

	129 messageHandlers[queueObject.scheme].postMessage(stringifiedMessage);

121 });	130 });

122 queueObject.reset();	131 queueObject.reset();

123	132

124 if (originalObjectToJSON) {	133 if (originalObjectToJSON) {

125 // Restore Object.prototype.toJSON to prevent from breaking any	134 // Restore Object.prototype.toJSON to prevent from breaking any

126 // functionality on the page that depends on its custom implementation.	135 // functionality on the page that depends on its custom implementation.

127 Object.prototype.toJSON = originalObjectToJSON;	136 Object.prototype.toJSON = originalObjectToJSON;

128 }	137 }

129 };	138 };

130 }());	139 }());

OLD	NEW

« no previous file with comments | « no previous file | ios/web/web_state/web_state_impl_unittest.mm » ('j') | no next file with comments »

Powered by Google App Engine

This is Rietveld 408576698