Source/modules/indexeddb/IDBFactory.cpp - Issue 23135009: Improve IDB module's SecurityError messages.

Side by Side Diff: Source/modules/indexeddb/IDBFactory.cpp

Issue 23135009: Improve IDB module's SecurityError messages. (Closed) Base URL: svn://svn.chromium.org/blink/trunk

Patch Set: test Created 7 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « Source/modules/imagebitmap/ImageBitmapFactories.cpp ('k') | Source/modules/navigatorcontentutils/NavigatorContentUtils.cpp » ('j') | Source/testing/runner/TestRunner.cpp » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 /*	1 /*

2 * Copyright (C) 2010 Google Inc. All rights reserved.	2 * Copyright (C) 2010 Google Inc. All rights reserved.

3 *	3 *

4 * Redistribution and use in source and binary forms, with or without	4 * Redistribution and use in source and binary forms, with or without

5 * modification, are permitted provided that the following conditions	5 * modification, are permitted provided that the following conditions

6 * are met:	6 * are met:

7 *	7 *

8 * 1. Redistributions of source code must retain the above copyright	8 * 1. Redistributions of source code must retain the above copyright

9 * notice, this list of conditions and the following disclaimer.	9 * notice, this list of conditions and the following disclaimer.

10 * 2. Redistributions in binary form must reproduce the above copyright	10 * 2. Redistributions in binary form must reproduce the above copyright

(...skipping 11 matching lines...) Expand all Loading...
22 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;	22 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

23 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND	23 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND

24 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT	24 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT

25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF

26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

27 */	27 */

28	28

29 #include "config.h"	29 #include "config.h"

30 #include "modules/indexeddb/IDBFactory.h"	30 #include "modules/indexeddb/IDBFactory.h"

31	31

	32 #include "bindings/v8/ExceptionMessages.h"

32 #include "bindings/v8/ExceptionState.h"	33 #include "bindings/v8/ExceptionState.h"

33 #include "bindings/v8/IDBBindingUtilities.h"	34 #include "bindings/v8/IDBBindingUtilities.h"

34 #include "core/dom/Document.h"	35 #include "core/dom/Document.h"

35 #include "core/dom/ExceptionCode.h"	36 #include "core/dom/ExceptionCode.h"

36 #include "core/page/Frame.h"	37 #include "core/page/Frame.h"

37 #include "core/page/Page.h"	38 #include "core/page/Page.h"

38 #include "core/page/PageGroup.h"	39 #include "core/page/PageGroup.h"

39 #include "core/platform/HistogramSupport.h"	40 #include "core/platform/HistogramSupport.h"

40 #include "core/workers/WorkerGlobalScope.h"	41 #include "core/workers/WorkerGlobalScope.h"

41 #include "core/workers/WorkerLoaderProxy.h"	42 #include "core/workers/WorkerLoaderProxy.h"

(...skipping 32 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
74 }	75 }

75 return true;	76 return true;

76 }	77 }

77	78

78 PassRefPtr<IDBRequest> IDBFactory::getDatabaseNames(ScriptExecutionContext* cont ext, ExceptionState& es)	79 PassRefPtr<IDBRequest> IDBFactory::getDatabaseNames(ScriptExecutionContext* cont ext, ExceptionState& es)

79 {	80 {

80 IDB_TRACE("IDBFactory::getDatabaseNames");	81 IDB_TRACE("IDBFactory::getDatabaseNames");

81 if (!isContextValid(context))	82 if (!isContextValid(context))

82 return 0;	83 return 0;

83 if (!context->securityOrigin()->canAccessDatabase()) {	84 if (!context->securityOrigin()->canAccessDatabase()) {

84 es.throwDOMException(SecurityError);	85 es.throwSecurityError(ExceptionMessages::failedToExecute("getDatabaseNam es", "IDBFactory", "access to the Indexed Database API is denied in this context ."));
	jsbell 2013/08/21 20:18:58 nit: pull the repeated "access to the..." string o nit: pull the repeated "access to the..." string out into a const char[] ? (I'm not sure how well our compilers do on string coalescing, and I wouldn't suggest this except I've gotten this feedback myself.)
85 return 0;	86 return 0;

86 }	87 }

87	88

88 RefPtr<IDBRequest> request = IDBRequest::create(context, IDBAny::create(this ), 0);	89 RefPtr<IDBRequest> request = IDBRequest::create(context, IDBAny::create(this ), 0);

89 m_backend->getDatabaseNames(request, createDatabaseIdentifierFromSecurityOri gin(context->securityOrigin()), context);	90 m_backend->getDatabaseNames(request, createDatabaseIdentifierFromSecurityOri gin(context->securityOrigin()), context);

90 return request;	91 return request;

91 }	92 }

92	93

93 PassRefPtr<IDBOpenDBRequest> IDBFactory::open(ScriptExecutionContext* context, c onst String& name, unsigned long long version, ExceptionState& es)	94 PassRefPtr<IDBOpenDBRequest> IDBFactory::open(ScriptExecutionContext* context, c onst String& name, unsigned long long version, ExceptionState& es)

94 {	95 {

95 IDB_TRACE("IDBFactory::open");	96 IDB_TRACE("IDBFactory::open");

96 if (!version) {	97 if (!version) {

97 es.throwTypeError();	98 es.throwTypeError();

98 return 0;	99 return 0;

99 }	100 }

100 return openInternal(context, name, version, es);	101 return openInternal(context, name, version, es);

101 }	102 }

102	103

103 PassRefPtr<IDBOpenDBRequest> IDBFactory::openInternal(ScriptExecutionContext* co ntext, const String& name, int64_t version, ExceptionState& es)	104 PassRefPtr<IDBOpenDBRequest> IDBFactory::openInternal(ScriptExecutionContext* co ntext, const String& name, int64_t version, ExceptionState& es)

104 {	105 {

105 HistogramSupport::histogramEnumeration("WebCore.IndexedDB.FrontEndAPICalls", IDBOpenCall, IDBMethodsMax);	106 HistogramSupport::histogramEnumeration("WebCore.IndexedDB.FrontEndAPICalls", IDBOpenCall, IDBMethodsMax);

106 ASSERT(version >= 1 \|\| version == IDBDatabaseMetadata::NoIntVersion);	107 ASSERT(version >= 1 \|\| version == IDBDatabaseMetadata::NoIntVersion);

107 if (name.isNull()) {	108 if (name.isNull()) {

108 es.throwTypeError();	109 es.throwTypeError();

109 return 0;	110 return 0;

110 }	111 }

111 if (!isContextValid(context))	112 if (!isContextValid(context))

112 return 0;	113 return 0;

113 if (!context->securityOrigin()->canAccessDatabase()) {	114 if (!context->securityOrigin()->canAccessDatabase()) {

114 es.throwDOMException(SecurityError);	115 es.throwSecurityError(ExceptionMessages::failedToExecute("open", "IDBFac tory", "access to the Indexed Database API is denied in this context."));

115 return 0;	116 return 0;

116 }	117 }

117	118

118 RefPtr<IDBDatabaseCallbacksImpl> databaseCallbacks = IDBDatabaseCallbacksImp l::create();	119 RefPtr<IDBDatabaseCallbacksImpl> databaseCallbacks = IDBDatabaseCallbacksImp l::create();

119 int64_t transactionId = IDBDatabase::nextTransactionId();	120 int64_t transactionId = IDBDatabase::nextTransactionId();

120 RefPtr<IDBOpenDBRequest> request = IDBOpenDBRequest::create(context, databas eCallbacks, transactionId, version);	121 RefPtr<IDBOpenDBRequest> request = IDBOpenDBRequest::create(context, databas eCallbacks, transactionId, version);

121 m_backend->open(name, version, transactionId, request, databaseCallbacks, cr eateDatabaseIdentifierFromSecurityOrigin(context->securityOrigin()), context);	122 m_backend->open(name, version, transactionId, request, databaseCallbacks, cr eateDatabaseIdentifierFromSecurityOrigin(context->securityOrigin()), context);

122 return request;	123 return request;

123 }	124 }

124	125

125 PassRefPtr<IDBOpenDBRequest> IDBFactory::open(ScriptExecutionContext* context, c onst String& name, ExceptionState& es)	126 PassRefPtr<IDBOpenDBRequest> IDBFactory::open(ScriptExecutionContext* context, c onst String& name, ExceptionState& es)

126 {	127 {

127 IDB_TRACE("IDBFactory::open");	128 IDB_TRACE("IDBFactory::open");

128 return openInternal(context, name, IDBDatabaseMetadata::NoIntVersion, es);	129 return openInternal(context, name, IDBDatabaseMetadata::NoIntVersion, es);

129 }	130 }

130	131

131 PassRefPtr<IDBOpenDBRequest> IDBFactory::deleteDatabase(ScriptExecutionContext* context, const String& name, ExceptionState& es)	132 PassRefPtr<IDBOpenDBRequest> IDBFactory::deleteDatabase(ScriptExecutionContext* context, const String& name, ExceptionState& es)

132 {	133 {

133 IDB_TRACE("IDBFactory::deleteDatabase");	134 IDB_TRACE("IDBFactory::deleteDatabase");

134 HistogramSupport::histogramEnumeration("WebCore.IndexedDB.FrontEndAPICalls", IDBDeleteDatabaseCall, IDBMethodsMax);	135 HistogramSupport::histogramEnumeration("WebCore.IndexedDB.FrontEndAPICalls", IDBDeleteDatabaseCall, IDBMethodsMax);

135 if (name.isNull()) {	136 if (name.isNull()) {

136 es.throwTypeError();	137 es.throwTypeError();

137 return 0;	138 return 0;

138 }	139 }

139 if (!isContextValid(context))	140 if (!isContextValid(context))

140 return 0;	141 return 0;

141 if (!context->securityOrigin()->canAccessDatabase()) {	142 if (!context->securityOrigin()->canAccessDatabase()) {

142 es.throwDOMException(SecurityError);	143 es.throwSecurityError(ExceptionMessages::failedToExecute("deleteDatabase ", "IDBFactory", "access to the Indexed Database API is denied in this context." ));

143 return 0;	144 return 0;

144 }	145 }

145	146

146 RefPtr<IDBOpenDBRequest> request = IDBOpenDBRequest::create(context, 0, 0, I DBDatabaseMetadata::DefaultIntVersion);	147 RefPtr<IDBOpenDBRequest> request = IDBOpenDBRequest::create(context, 0, 0, I DBDatabaseMetadata::DefaultIntVersion);

147 m_backend->deleteDatabase(name, request, createDatabaseIdentifierFromSecurit yOrigin(context->securityOrigin()), context);	148 m_backend->deleteDatabase(name, request, createDatabaseIdentifierFromSecurit yOrigin(context->securityOrigin()), context);

148 return request;	149 return request;

149 }	150 }

150	151

151 short IDBFactory::cmp(ScriptExecutionContext* context, const ScriptValue& firstV alue, const ScriptValue& secondValue, ExceptionState& es)	152 short IDBFactory::cmp(ScriptExecutionContext* context, const ScriptValue& firstV alue, const ScriptValue& secondValue, ExceptionState& es)

152 {	153 {

153 DOMRequestState requestState(context);	154 DOMRequestState requestState(context);

154 RefPtr<IDBKey> first = scriptValueToIDBKey(&requestState, firstValue);	155 RefPtr<IDBKey> first = scriptValueToIDBKey(&requestState, firstValue);

155 RefPtr<IDBKey> second = scriptValueToIDBKey(&requestState, secondValue);	156 RefPtr<IDBKey> second = scriptValueToIDBKey(&requestState, secondValue);

156	157

157 ASSERT(first);	158 ASSERT(first);

158 ASSERT(second);	159 ASSERT(second);

159	160

160 if (!first->isValid() \|\| !second->isValid()) {	161 if (!first->isValid() \|\| !second->isValid()) {

161 es.throwDOMException(DataError, IDBDatabase::notValidKeyErrorMessage);	162 es.throwDOMException(DataError, IDBDatabase::notValidKeyErrorMessage);

162 return 0;	163 return 0;

163 }	164 }

164	165

165 return static_cast<short>(first->compare(second.get()));	166 return static_cast<short>(first->compare(second.get()));

166 }	167 }

167	168

168 } // namespace WebCore	169 } // namespace WebCore

OLD	NEW