Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(6)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: test/cctest/test-api.cc

Issue 2143893005: Reland "Don't compile functions in a context the caller doesn't have access to" (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: updates Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « src/isolate.cc ('k') | test/mjsunit/cross-realm-filtering.js » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Redistribution and use in source and binary forms, with or without 2 // Redistribution and use in source and binary forms, with or without
3 // modification, are permitted provided that the following conditions are 3 // modification, are permitted provided that the following conditions are
4 // met: 4 // met:
5 // 5 //
6 // * Redistributions of source code must retain the above copyright 6 // * Redistributions of source code must retain the above copyright
7 // notice, this list of conditions and the following disclaimer. 7 // notice, this list of conditions and the following disclaimer.
8 // * Redistributions in binary form must reproduce the above 8 // * Redistributions in binary form must reproduce the above
9 // copyright notice, this list of conditions and the following 9 // copyright notice, this list of conditions and the following
10 // disclaimer in the documentation and/or other materials provided 10 // disclaimer in the documentation and/or other materials provided
(...skipping 10113 matching lines...) Expand 10 before | Expand all | Expand 10 after
10124 CHECK_EQ(42, g_echo_value); // Make sure we didn't call the setter. 10124 CHECK_EQ(42, g_echo_value); // Make sure we didn't call the setter.
10125 } 10125 }
10126 10126
10127 static bool AccessAlwaysBlocked(Local<v8::Context> accessing_context, 10127 static bool AccessAlwaysBlocked(Local<v8::Context> accessing_context,
10128 Local<v8::Object> global, 10128 Local<v8::Object> global,
10129 Local<v8::Value> data) { 10129 Local<v8::Value> data) {
10130 i::PrintF("Access blocked.\n"); 10130 i::PrintF("Access blocked.\n");
10131 return false; 10131 return false;
10132 } 10132 }
10133 10133
10134 static bool AccessAlwaysAllowed(Local<v8::Context> accessing_context,
10135 Local<v8::Object> global,
10136 Local<v8::Value> data) {
10137 i::PrintF("Access allowed.\n");
10138 return true;
10139 }
10134 10140
10135 THREADED_TEST(AccessControlGetOwnPropertyNames) { 10141 THREADED_TEST(AccessControlGetOwnPropertyNames) {
10136 v8::Isolate* isolate = CcTest::isolate(); 10142 v8::Isolate* isolate = CcTest::isolate();
10137 v8::HandleScope handle_scope(isolate); 10143 v8::HandleScope handle_scope(isolate);
10138 v8::Local<v8::ObjectTemplate> obj_template = v8::ObjectTemplate::New(isolate); 10144 v8::Local<v8::ObjectTemplate> obj_template = v8::ObjectTemplate::New(isolate);
10139 10145
10140 obj_template->Set(v8_str("x"), v8::Integer::New(isolate, 42)); 10146 obj_template->Set(v8_str("x"), v8::Integer::New(isolate, 42));
10141 obj_template->SetAccessCheckCallback(AccessAlwaysBlocked); 10147 obj_template->SetAccessCheckCallback(AccessAlwaysBlocked);
10142 10148
10143 // Add an accessor accessible by cross-domain JS code. 10149 // Add an accessor accessible by cross-domain JS code.
(...skipping 15192 matching lines...) Expand 10 before | Expand all | Expand 10 after
25336 CHECK(object->SetPrototype(context.local(), v8::Null(isolate)).IsNothing()); 25342 CHECK(object->SetPrototype(context.local(), v8::Null(isolate)).IsNothing());
25337 25343
25338 // The original prototype is still there 25344 // The original prototype is still there
25339 Local<Value> new_proto = 25345 Local<Value> new_proto =
25340 object->Get(context.local(), v8_str("__proto__")).ToLocalChecked(); 25346 object->Get(context.local(), v8_str("__proto__")).ToLocalChecked();
25341 CHECK(new_proto->IsObject()); 25347 CHECK(new_proto->IsObject());
25342 CHECK(new_proto.As<v8::Object>() 25348 CHECK(new_proto.As<v8::Object>()
25343 ->Equals(context.local(), original_proto) 25349 ->Equals(context.local(), original_proto)
25344 .FromJust()); 25350 .FromJust());
25345 } 25351 }
25352
25353 Local<v8::Context> call_eval_context;
25354 Local<v8::Function> call_eval_bound_function;
25355
25356 static void CallEval(const v8::FunctionCallbackInfo<v8::Value>& args) {
25357 v8::Context::Scope scope(call_eval_context);
25358 args.GetReturnValue().Set(
25359 call_eval_bound_function
25360 ->Call(call_eval_context, call_eval_context->Global(), 0, NULL)
25361 .ToLocalChecked());
25362 }
25363
25364 TEST(CrossActivationEval) {
25365 LocalContext env;
25366 v8::Isolate* isolate = env->GetIsolate();
25367 v8::HandleScope scope(isolate);
25368 {
25369 call_eval_context = v8::Context::New(isolate);
25370 v8::Context::Scope scope(call_eval_context);
25371 call_eval_bound_function =
25372 Local<Function>::Cast(CompileRun("eval.bind(this, '1')"));
25373 }
25374 env->Global()
25375 ->Set(env.local(), v8_str("CallEval"),
25376 v8::FunctionTemplate::New(isolate, CallEval)
25377 ->GetFunction(env.local())
25378 .ToLocalChecked())
25379 .FromJust();
25380 Local<Value> result = CompileRun("CallEval();");
25381 CHECK(result->IsInt32());
25382 CHECK_EQ(1, result->Int32Value(env.local()).FromJust());
25383 }
25384
25385 TEST(EvalInAccessCheckedContext) {
25386 v8::Isolate* isolate = CcTest::isolate();
25387 v8::HandleScope scope(isolate);
25388
25389 v8::Local<v8::ObjectTemplate> obj_template = v8::ObjectTemplate::New(isolate);
25390
25391 obj_template->SetAccessCheckCallback(AccessAlwaysAllowed);
25392
25393 v8::Local<Context> context0 = Context::New(isolate, NULL, obj_template);
25394 v8::Local<Context> context1 = Context::New(isolate, NULL, obj_template);
25395
25396 Local<Value> foo = v8_str("foo");
25397 Local<Value> bar = v8_str("bar");
25398
25399 // Set to different domains.
25400 context0->SetSecurityToken(foo);
25401 context1->SetSecurityToken(bar);
25402
25403 // Set up function in context0 that uses eval from context0.
25404 context0->Enter();
25405 v8::Local<v8::Value> fun = CompileRun(
25406 "var x = 42;"
25407 "(function() {"
25408 " var e = eval;"
25409 " return function(s) { return e(s); }"
25410 "})()");
25411 context0->Exit();
25412
25413 // Put the function into context1 and call it. Since the access check
25414 // callback always returns true, the call succeeds even though the tokens
25415 // are different.
25416 context1->Enter();
25417 context1->Global()->Set(context1, v8_str("fun"), fun).FromJust();
25418 v8::Local<v8::Value> x_value = CompileRun("fun('x')");
25419 CHECK_EQ(42, x_value->Int32Value(context1).FromJust());
25420 context1->Exit();
25421 }
OLDNEW
« no previous file with comments | « src/isolate.cc ('k') | test/mjsunit/cross-realm-filtering.js » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698