OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights reserv
ed. | 5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights |
| 6 * reserved. |
6 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org> | 7 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org> |
7 * | 8 * |
8 * This library is free software; you can redistribute it and/or | 9 * This library is free software; you can redistribute it and/or |
9 * modify it under the terms of the GNU Library General Public | 10 * modify it under the terms of the GNU Library General Public |
10 * License as published by the Free Software Foundation; either | 11 * License as published by the Free Software Foundation; either |
11 * version 2 of the License, or (at your option) any later version. | 12 * version 2 of the License, or (at your option) any later version. |
12 * | 13 * |
13 * This library is distributed in the hope that it will be useful, | 14 * This library is distributed in the hope that it will be useful, |
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of | 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
(...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
123 | 124 |
124 void ScriptLoader::detach() { | 125 void ScriptLoader::detach() { |
125 if (!m_pendingScript) | 126 if (!m_pendingScript) |
126 return; | 127 return; |
127 m_pendingScript->dispose(); | 128 m_pendingScript->dispose(); |
128 m_pendingScript = nullptr; | 129 m_pendingScript = nullptr; |
129 } | 130 } |
130 | 131 |
131 // Helper function. Must take a lowercase language as input. | 132 // Helper function. Must take a lowercase language as input. |
132 static bool isLegacySupportedJavaScriptLanguage(const String& language) { | 133 static bool isLegacySupportedJavaScriptLanguage(const String& language) { |
133 // Mozilla 1.8 accepts javascript1.0 - javascript1.7, but WinIE 7 accepts only
javascript1.1 - javascript1.3. | 134 // Mozilla 1.8 accepts javascript1.0 - javascript1.7, but WinIE 7 accepts only |
| 135 // javascript1.1 - javascript1.3. |
134 // Mozilla 1.8 and WinIE 7 both accept javascript and livescript. | 136 // Mozilla 1.8 and WinIE 7 both accept javascript and livescript. |
135 // WinIE 7 accepts ecmascript and jscript, but Mozilla 1.8 doesn't. | 137 // WinIE 7 accepts ecmascript and jscript, but Mozilla 1.8 doesn't. |
136 // Neither Mozilla 1.8 nor WinIE 7 accept leading or trailing whitespace. | 138 // Neither Mozilla 1.8 nor WinIE 7 accept leading or trailing whitespace. |
137 // We want to accept all the values that either of these browsers accept, but
not other values. | 139 // We want to accept all the values that either of these browsers accept, but |
| 140 // not other values. |
138 | 141 |
139 // FIXME: This function is not HTML5 compliant. These belong in the MIME regis
try as "text/javascript<version>" entries. | 142 // FIXME: This function is not HTML5 compliant. These belong in the MIME |
| 143 // registry as "text/javascript<version>" entries. |
140 DCHECK_EQ(language, language.lower()); | 144 DCHECK_EQ(language, language.lower()); |
141 return language == "javascript" || language == "javascript1.0" || | 145 return language == "javascript" || language == "javascript1.0" || |
142 language == "javascript1.1" || language == "javascript1.2" || | 146 language == "javascript1.1" || language == "javascript1.2" || |
143 language == "javascript1.3" || language == "javascript1.4" || | 147 language == "javascript1.3" || language == "javascript1.4" || |
144 language == "javascript1.5" || language == "javascript1.6" || | 148 language == "javascript1.5" || language == "javascript1.6" || |
145 language == "javascript1.7" || language == "livescript" || | 149 language == "javascript1.7" || language == "livescript" || |
146 language == "ecmascript" || language == "jscript"; | 150 language == "ecmascript" || language == "jscript"; |
147 } | 151 } |
148 | 152 |
149 void ScriptLoader::dispatchErrorEvent() { | 153 void ScriptLoader::dispatchErrorEvent() { |
150 m_element->dispatchEvent(Event::create(EventTypeNames::error)); | 154 m_element->dispatchEvent(Event::create(EventTypeNames::error)); |
151 } | 155 } |
152 | 156 |
153 void ScriptLoader::dispatchLoadEvent() { | 157 void ScriptLoader::dispatchLoadEvent() { |
154 if (ScriptLoaderClient* client = this->client()) | 158 if (ScriptLoaderClient* client = this->client()) |
155 client->dispatchLoadEvent(); | 159 client->dispatchLoadEvent(); |
156 setHaveFiredLoadEvent(true); | 160 setHaveFiredLoadEvent(true); |
157 } | 161 } |
158 | 162 |
159 bool ScriptLoader::isValidScriptTypeAndLanguage( | 163 bool ScriptLoader::isValidScriptTypeAndLanguage( |
160 const String& type, | 164 const String& type, |
161 const String& language, | 165 const String& language, |
162 LegacyTypeSupport supportLegacyTypes) { | 166 LegacyTypeSupport supportLegacyTypes) { |
163 // FIXME: isLegacySupportedJavaScriptLanguage() is not valid HTML5. It is used
here to maintain backwards compatibility with existing layout tests. The specif
ic violations are: | 167 // FIXME: isLegacySupportedJavaScriptLanguage() is not valid HTML5. It is used |
164 // - Allowing type=javascript. type= should only support MIME types, such as t
ext/javascript. | 168 // here to maintain backwards compatibility with existing layout tests. The |
165 // - Allowing a different set of languages for language= and type=. language=
supports Javascript 1.1 and 1.4-1.6, but type= does not. | 169 // specific violations are: |
| 170 // - Allowing type=javascript. type= should only support MIME types, such as |
| 171 // text/javascript. |
| 172 // - Allowing a different set of languages for language= and type=. language= |
| 173 // supports Javascript 1.1 and 1.4-1.6, but type= does not. |
166 if (type.isEmpty()) { | 174 if (type.isEmpty()) { |
167 String lowerLanguage = language.lower(); | 175 String lowerLanguage = language.lower(); |
168 return language.isEmpty() // assume text/javascript. | 176 return language.isEmpty() // assume text/javascript. |
169 || MIMETypeRegistry::isSupportedJavaScriptMIMEType("text/" + | 177 || MIMETypeRegistry::isSupportedJavaScriptMIMEType("text/" + |
170 lowerLanguage) || | 178 lowerLanguage) || |
171 isLegacySupportedJavaScriptLanguage(lowerLanguage); | 179 isLegacySupportedJavaScriptLanguage(lowerLanguage); |
172 } else if (RuntimeEnabledFeatures::moduleScriptsEnabled() && | 180 } else if (RuntimeEnabledFeatures::moduleScriptsEnabled() && |
173 type == "module") { | 181 type == "module") { |
174 return true; | 182 return true; |
175 } else if (MIMETypeRegistry::isSupportedJavaScriptMIMEType( | 183 } else if (MIMETypeRegistry::isSupportedJavaScriptMIMEType( |
(...skipping 25 matching lines...) Expand all Loading... |
201 if (m_parserInserted) { | 209 if (m_parserInserted) { |
202 wasParserInserted = true; | 210 wasParserInserted = true; |
203 m_parserInserted = false; | 211 m_parserInserted = false; |
204 } else { | 212 } else { |
205 wasParserInserted = false; | 213 wasParserInserted = false; |
206 } | 214 } |
207 | 215 |
208 if (wasParserInserted && !client->asyncAttributeValue()) | 216 if (wasParserInserted && !client->asyncAttributeValue()) |
209 m_forceAsync = true; | 217 m_forceAsync = true; |
210 | 218 |
211 // FIXME: HTML5 spec says we should check that all children are either comment
s or empty text nodes. | 219 // FIXME: HTML5 spec says we should check that all children are either |
| 220 // comments or empty text nodes. |
212 if (!client->hasSourceAttribute() && !m_element->hasChildren()) | 221 if (!client->hasSourceAttribute() && !m_element->hasChildren()) |
213 return false; | 222 return false; |
214 | 223 |
215 if (!m_element->isConnected()) | 224 if (!m_element->isConnected()) |
216 return false; | 225 return false; |
217 | 226 |
218 if (!isScriptTypeSupported(supportLegacyTypes)) | 227 if (!isScriptTypeSupported(supportLegacyTypes)) |
219 return false; | 228 return false; |
220 | 229 |
221 if (wasParserInserted) { | 230 if (wasParserInserted) { |
222 m_parserInserted = true; | 231 m_parserInserted = true; |
223 m_forceAsync = false; | 232 m_forceAsync = false; |
224 } | 233 } |
225 | 234 |
226 m_alreadyStarted = true; | 235 m_alreadyStarted = true; |
227 | 236 |
228 // FIXME: If script is parser inserted, verify it's still in the original docu
ment. | 237 // FIXME: If script is parser inserted, verify it's still in the original |
| 238 // document. |
229 Document& elementDocument = m_element->document(); | 239 Document& elementDocument = m_element->document(); |
230 Document* contextDocument = elementDocument.contextDocument(); | 240 Document* contextDocument = elementDocument.contextDocument(); |
231 | 241 |
232 if (!contextDocument || !contextDocument->allowExecutingScripts(m_element)) | 242 if (!contextDocument || !contextDocument->allowExecutingScripts(m_element)) |
233 return false; | 243 return false; |
234 | 244 |
235 if (!isScriptForEventSupported()) | 245 if (!isScriptForEventSupported()) |
236 return false; | 246 return false; |
237 | 247 |
238 if (!client->charsetAttributeValue().isEmpty()) | 248 if (!client->charsetAttributeValue().isEmpty()) |
(...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
328 ResourceRequest(elementDocument->completeURL(sourceUrl)), | 338 ResourceRequest(elementDocument->completeURL(sourceUrl)), |
329 m_element->localName()); | 339 m_element->localName()); |
330 | 340 |
331 CrossOriginAttributeValue crossOrigin = crossOriginAttributeValue( | 341 CrossOriginAttributeValue crossOrigin = crossOriginAttributeValue( |
332 m_element->fastGetAttribute(HTMLNames::crossoriginAttr)); | 342 m_element->fastGetAttribute(HTMLNames::crossoriginAttr)); |
333 if (crossOrigin != CrossOriginAttributeNotSet) | 343 if (crossOrigin != CrossOriginAttributeNotSet) |
334 request.setCrossOriginAccessControl(elementDocument->getSecurityOrigin(), | 344 request.setCrossOriginAccessControl(elementDocument->getSecurityOrigin(), |
335 crossOrigin); | 345 crossOrigin); |
336 request.setCharset(scriptCharset()); | 346 request.setCharset(scriptCharset()); |
337 | 347 |
338 // Skip fetch-related CSP checks if dynamically injected script is whitelist
ed and this script is not parser-inserted. | 348 // Skip fetch-related CSP checks if dynamically injected script is |
| 349 // whitelisted and this script is not parser-inserted. |
339 bool scriptPassesCSPDynamic = | 350 bool scriptPassesCSPDynamic = |
340 (!isParserInserted() && | 351 (!isParserInserted() && |
341 elementDocument->contentSecurityPolicy()->allowDynamic()); | 352 elementDocument->contentSecurityPolicy()->allowDynamic()); |
342 | 353 |
343 if (ContentSecurityPolicy::isNonceableElement(m_element.get())) | 354 if (ContentSecurityPolicy::isNonceableElement(m_element.get())) |
344 request.setContentSecurityPolicyNonce( | 355 request.setContentSecurityPolicyNonce( |
345 m_element->fastGetAttribute(HTMLNames::nonceAttr)); | 356 m_element->fastGetAttribute(HTMLNames::nonceAttr)); |
346 | 357 |
347 if (scriptPassesCSPDynamic) { | 358 if (scriptPassesCSPDynamic) { |
348 UseCounter::count(elementDocument->frame(), | 359 UseCounter::count(elementDocument->frame(), |
(...skipping 173 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
522 accessControlStatus = OpaqueResource; | 533 accessControlStatus = OpaqueResource; |
523 else | 534 else |
524 accessControlStatus = SharableCrossOrigin; | 535 accessControlStatus = SharableCrossOrigin; |
525 } else if (sourceCode.resource()->passesAccessControlCheck( | 536 } else if (sourceCode.resource()->passesAccessControlCheck( |
526 m_element->document().getSecurityOrigin())) { | 537 m_element->document().getSecurityOrigin())) { |
527 accessControlStatus = SharableCrossOrigin; | 538 accessControlStatus = SharableCrossOrigin; |
528 } | 539 } |
529 } | 540 } |
530 | 541 |
531 const bool isImportedScript = contextDocument != elementDocument; | 542 const bool isImportedScript = contextDocument != elementDocument; |
532 // http://www.whatwg.org/specs/web-apps/current-work/#execute-the-script-block
step 2.3 | 543 // http://www.whatwg.org/specs/web-apps/current-work/#execute-the-script-block |
533 // with additional support for HTML imports. | 544 // step 2.3 with additional support for HTML imports. |
534 IgnoreDestructiveWriteCountIncrementer ignoreDestructiveWriteCountIncrementer( | 545 IgnoreDestructiveWriteCountIncrementer ignoreDestructiveWriteCountIncrementer( |
535 m_isExternalScript || isImportedScript ? contextDocument : 0); | 546 m_isExternalScript || isImportedScript ? contextDocument : 0); |
536 | 547 |
537 if (isHTMLScriptLoader(m_element) || isSVGScriptLoader(m_element)) | 548 if (isHTMLScriptLoader(m_element) || isSVGScriptLoader(m_element)) |
538 contextDocument->pushCurrentScript(m_element); | 549 contextDocument->pushCurrentScript(m_element); |
539 | 550 |
540 // Create a script from the script element node, using the script | 551 // Create a script from the script element node, using the script |
541 // block's source and the script block's type. | 552 // block's source and the script block's type. |
542 // Note: This is where the script is compiled and actually executed. | 553 // Note: This is where the script is compiled and actually executed. |
543 frame->script().executeScriptInMainWorld(sourceCode, accessControlStatus); | 554 frame->script().executeScriptInMainWorld(sourceCode, accessControlStatus); |
(...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
642 if (isHTMLScriptLoader(element)) | 653 if (isHTMLScriptLoader(element)) |
643 return toHTMLScriptElement(element)->loader(); | 654 return toHTMLScriptElement(element)->loader(); |
644 | 655 |
645 if (isSVGScriptLoader(element)) | 656 if (isSVGScriptLoader(element)) |
646 return toSVGScriptElement(element)->loader(); | 657 return toSVGScriptElement(element)->loader(); |
647 | 658 |
648 return 0; | 659 return 0; |
649 } | 660 } |
650 | 661 |
651 } // namespace blink | 662 } // namespace blink |
OLD | NEW |