| OLD | NEW |
|---|
| 1 // Copyright 2012 the V8 project authors. All rights reserved. | 1 // Copyright 2012 the V8 project authors. All rights reserved. |
| 2 // Redistribution and use in source and binary forms, with or without | 2 // Redistribution and use in source and binary forms, with or without |
| 3 // modification, are permitted provided that the following conditions are | 3 // modification, are permitted provided that the following conditions are |
| 4 // met: | 4 // met: |
| 5 // | 5 // |
| 6 // * Redistributions of source code must retain the above copyright | 6 // * Redistributions of source code must retain the above copyright |
| 7 // notice, this list of conditions and the following disclaimer. | 7 // notice, this list of conditions and the following disclaimer. |
| 8 // * Redistributions in binary form must reproduce the above | 8 // * Redistributions in binary form must reproduce the above |
| 9 // copyright notice, this list of conditions and the following | 9 // copyright notice, this list of conditions and the following |
| 10 // disclaimer in the documentation and/or other materials provided | 10 // disclaimer in the documentation and/or other materials provided |
| (...skipping 349 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 360 return ObjectObserve(object, callback, ['new', | 360 return ObjectObserve(object, callback, ['new', |
| 361 'updated', | 361 'updated', |
| 362 'deleted', | 362 'deleted', |
| 363 'splice']); | 363 'splice']); |
| 364 } | 364 } |
| 365 | 365 |
| 366 function ArrayUnobserve(object, callback) { | 366 function ArrayUnobserve(object, callback) { |
| 367 return ObjectUnobserve(object, callback); | 367 return ObjectUnobserve(object, callback); |
| 368 } | 368 } |
| 369 | 369 |
| 370 function ObserverEnqueueIfActive(observer, objectInfo, changeRecord) { | 370 function ObserverEnqueueIfActive(observer, objectInfo, changeRecord, |
| 371 needsAccessCheck) { |
| 371 if (!ObserverIsActive(observer, objectInfo) || | 372 if (!ObserverIsActive(observer, objectInfo) || |
| 372 !TypeMapHasType(ObserverGetAcceptTypes(observer), changeRecord.type)) { | 373 !TypeMapHasType(ObserverGetAcceptTypes(observer), changeRecord.type)) { |
| 373 return; | 374 return; |
| 374 } | 375 } |
| 375 | 376 |
| 376 var callback = ObserverGetCallback(observer); | 377 var callback = ObserverGetCallback(observer); |
| 378 if (needsAccessCheck && |
| 379 // Drop all splice records on the floor for access-checked objects |
| 380 (changeRecord.type == 'splice' || |
| 381 !%IsAccessAllowedForObserver( |
| 382 callback, changeRecord.object, changeRecord.name))) { |
| 383 return; |
| 384 } |
| 385 |
| 377 var callbackInfo = CallbackInfoNormalize(callback); | 386 var callbackInfo = CallbackInfoNormalize(callback); |
| 378 if (!observationState.pendingObservers) | 387 if (!observationState.pendingObservers) |
| 379 observationState.pendingObservers = { __proto__: null }; | 388 observationState.pendingObservers = { __proto__: null }; |
| 380 observationState.pendingObservers[callbackInfo.priority] = callback; | 389 observationState.pendingObservers[callbackInfo.priority] = callback; |
| 381 callbackInfo.push(changeRecord); | 390 callbackInfo.push(changeRecord); |
| 382 %SetObserverDeliveryPending(); | 391 %SetObserverDeliveryPending(); |
| 383 } | 392 } |
| 384 | 393 |
| 385 function ObjectInfoEnqueueChangeRecord(objectInfo, changeRecord) { | 394 function ObjectInfoEnqueueChangeRecord(objectInfo, changeRecord, |
| 395 skipAccessCheck) { |
| 386 // TODO(rossberg): adjust once there is a story for symbols vs proxies. | 396 // TODO(rossberg): adjust once there is a story for symbols vs proxies. |
| 387 if (IS_SYMBOL(changeRecord.name)) return; | 397 if (IS_SYMBOL(changeRecord.name)) return; |
| 388 | 398 |
| 399 var needsAccessCheck = !skipAccessCheck && |
| 400 %IsAccessCheckNeeded(changeRecord.object); |
| 401 |
| 389 if (ChangeObserversIsOptimized(objectInfo.changeObservers)) { | 402 if (ChangeObserversIsOptimized(objectInfo.changeObservers)) { |
| 390 var observer = objectInfo.changeObservers; | 403 var observer = objectInfo.changeObservers; |
| 391 ObserverEnqueueIfActive(observer, objectInfo, changeRecord); | 404 ObserverEnqueueIfActive(observer, objectInfo, changeRecord, |
| 405 needsAccessCheck); |
| 392 return; | 406 return; |
| 393 } | 407 } |
| 394 | 408 |
| 395 for (var priority in objectInfo.changeObservers) { | 409 for (var priority in objectInfo.changeObservers) { |
| 396 var observer = objectInfo.changeObservers[priority]; | 410 var observer = objectInfo.changeObservers[priority]; |
| 397 ObserverEnqueueIfActive(observer, objectInfo, changeRecord); | 411 ObserverEnqueueIfActive(observer, objectInfo, changeRecord, |
| 412 needsAccessCheck); |
| 398 } | 413 } |
| 399 } | 414 } |
| 400 | 415 |
| 401 function BeginPerformSplice(array) { | 416 function BeginPerformSplice(array) { |
| 402 var objectInfo = objectInfoMap.get(array); | 417 var objectInfo = objectInfoMap.get(array); |
| 403 if (!IS_UNDEFINED(objectInfo)) | 418 if (!IS_UNDEFINED(objectInfo)) |
| 404 ObjectInfoAddPerformingType(objectInfo, 'splice'); | 419 ObjectInfoAddPerformingType(objectInfo, 'splice'); |
| 405 } | 420 } |
| 406 | 421 |
| 407 function EndPerformSplice(array) { | 422 function EndPerformSplice(array) { |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 456 return; | 471 return; |
| 457 | 472 |
| 458 var newRecord = { object: ObjectInfoGetObject(objectInfo) }; | 473 var newRecord = { object: ObjectInfoGetObject(objectInfo) }; |
| 459 for (var prop in changeRecord) { | 474 for (var prop in changeRecord) { |
| 460 if (prop === 'object') continue; | 475 if (prop === 'object') continue; |
| 461 %DefineOrRedefineDataProperty(newRecord, prop, changeRecord[prop], | 476 %DefineOrRedefineDataProperty(newRecord, prop, changeRecord[prop], |
| 462 READ_ONLY + DONT_DELETE); | 477 READ_ONLY + DONT_DELETE); |
| 463 } | 478 } |
| 464 ObjectFreeze(newRecord); | 479 ObjectFreeze(newRecord); |
| 465 | 480 |
| 466 ObjectInfoEnqueueChangeRecord(objectInfo, newRecord); | 481 ObjectInfoEnqueueChangeRecord(objectInfo, newRecord, |
| 482 true /* skip access check */); |
| 467 } | 483 } |
| 468 | 484 |
| 469 function ObjectNotifierPerformChange(changeType, changeFn) { | 485 function ObjectNotifierPerformChange(changeType, changeFn) { |
| 470 if (!IS_SPEC_OBJECT(this)) | 486 if (!IS_SPEC_OBJECT(this)) |
| 471 throw MakeTypeError("called_on_non_object", ["performChange"]); | 487 throw MakeTypeError("called_on_non_object", ["performChange"]); |
| 472 | 488 |
| 473 var objectInfo = ObjectInfoGetFromNotifier(this); | 489 var objectInfo = ObjectInfoGetFromNotifier(this); |
| 474 | 490 |
| 475 if (IS_UNDEFINED(objectInfo)) | 491 if (IS_UNDEFINED(objectInfo)) |
| 476 throw MakeTypeError("observe_notify_non_notifier"); | 492 throw MakeTypeError("observe_notify_non_notifier"); |
| (...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 548 "observe", ArrayObserve, | 564 "observe", ArrayObserve, |
| 549 "unobserve", ArrayUnobserve | 565 "unobserve", ArrayUnobserve |
| 550 )); | 566 )); |
| 551 InstallFunctions(notifierPrototype, DONT_ENUM, $Array( | 567 InstallFunctions(notifierPrototype, DONT_ENUM, $Array( |
| 552 "notify", ObjectNotifierNotify, | 568 "notify", ObjectNotifierNotify, |
| 553 "performChange", ObjectNotifierPerformChange | 569 "performChange", ObjectNotifierPerformChange |
| 554 )); | 570 )); |
| 555 } | 571 } |
| 556 | 572 |
| 557 SetupObjectObserve(); | 573 SetupObjectObserve(); |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 22962009:
Add access check for observed objects (Closed)
Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge