Implement cross-origin attributes using access check interceptors.

third_party/WebKit/Source/bindings/templates/interface.cpp.tmpl

 {% extends 'interface_base.cpp.tmpl' %}
 
 {% set has_prepare_prototype_and_interface_object =
     unscopables or has_conditional_attributes_on_prototype or
     methods | conditionally_exposed(is_partial) %}
 {% set prepare_prototype_and_interface_object_func =
     '%s::preparePrototypeAndInterfaceObject' % v8_class
     if has_prepare_prototype_and_interface_object
     else 'nullptr' %}
 
@@ skipping 470 matching lines @@
   {% else %}
   {{cpp_class}}V8Internal::namedPropertyEnumerator(info);
   {% endif %}
 }
 
 {% endif %}
 {% endblock %}
 
 
 {##############################################################################}
-{% block origin_safe_method_setter %}
-{% if has_origin_safe_method_setter %}
-static void {{cpp_class}}OriginSafeMethodSetter(v8::Local<v8::Name> name, v8::Local<v8::Value> v8Value, const v8::PropertyCallbackInfo<void>& info) {
-  if (!name->IsString())
-    return;
-  v8::Local<v8::Object> holder = {{v8_class}}::findInstanceInPrototypeChain(info.Holder(), info.GetIsolate());
-  if (holder.IsEmpty())
-    return;
-  {{cpp_class}}* impl = {{v8_class}}::toImpl(holder);
-  v8::String::Utf8Value attributeName(name);
-  ExceptionState exceptionState(ExceptionState::SetterContext, *attributeName, "{{interface_name}}", info.Holder(), info.GetIsolate());
-  if (!BindingSecurity::shouldAllowAccessTo(currentDOMWindow(info.GetIsolate()), impl, exceptionState)) {
-    return;
-  }
-
-  {# The findInstanceInPrototypeChain() call above only returns a non-empty handle if info.Holder() is an Object. #}
-  V8HiddenValue::setHiddenValue(ScriptState::current(info.GetIsolate()), v8::Local<v8::Object>::Cast(info.Holder()), name.As<v8::String>(), v8Value);

[dcheng, 2016/11/02 01:46:42]

This isn't needed anymore: cross-origin calls to things like postMessage always
go through the custom named property getter interceptor, which will only ever
return the function.

[haraken, 2016/11/02 04:30:32]

This is awesome!

After you land this CL, how much do you think our implementation will align with
the CrossOriginProperties in the spec?
(https://html.spec.whatwg.org/multipage/browsers.html#cross-origin-objects)

[dcheng, 2016/11/02 07:45:32]

I was reading this earlier and we almost match: our assign() function is exposed
cross-origin, but that is not in the spec.

(There is some cleanup I'd like to do in a followup for the named getter though)

-}
-
-void {{cpp_class}}OriginSafeMethodSetterCallback(v8::Local<v8::Name> name, v8::Local<v8::Value> v8Value, const v8::PropertyCallbackInfo<void>& info) {
-  {{cpp_class}}V8Internal::{{cpp_class}}OriginSafeMethodSetter(name, v8Value, info);
-}
-
-{% endif %}
-{% endblock %}
-
-
-{##############################################################################}
 {% block named_constructor %}
 {% from 'methods.cpp.tmpl' import generate_constructor with context %}
 {% if named_constructor %}
 {% set active_scriptwrappable_inheritance =
     'InheritFromActiveScriptWrappable'
     if active_scriptwrappable else
     'NotInheritFromActiveScriptWrappable' %}
 // Suppress warning: global constructors, because struct WrapperTypeInfo is trivial
 // and does not depend on another global objects.
 #if defined(COMPONENT_BUILD) && defined(WIN32) && COMPILER(CLANG)
@@ skipping 120 matching lines @@
   {% else %}
   {{cpp_class}}V8Internal::constructor(info);
   {% endif %}
 }
 
 {% endif %}
 {% endblock %}
 
 
 {##############################################################################}
-{% macro install_do_not_check_security_method(method, world_suffix, instance_template, prototype_template) %}
-{% from 'utilities.cpp.tmpl' import property_location %}
-{# Methods that are [DoNotCheckSecurity] are always readable, but if they are
-   changed and then accessed from a different origin, we do not return the
-   underlying value, but instead return a new copy of the original function.
-   This is achieved by storing the changed value as a hidden property. #}
-{% set getter_callback =
-       '%sV8Internal::%sOriginSafeMethodGetterCallback%s' %
-       (cpp_class, method.name, world_suffix) %}
-{% set setter_callback =
-       '{0}V8Internal::{0}OriginSafeMethodSetterCallback'.format(cpp_class)
-       if not method.is_unforgeable else '0' %}
-{% if method.is_per_world_bindings %}
-{% set getter_callback_for_main_world = '%sForMainWorld' % getter_callback %}
-{% set setter_callback_for_main_world = '%sForMainWorld' % setter_callback
-       if not method.is_unforgeable else '0' %}
-{% else %}
-{% set getter_callback_for_main_world = '0' %}
-{% set setter_callback_for_main_world = '0' %}
-{% endif %}
-{% set property_attribute =
-       'static_cast<v8::PropertyAttribute>(%s)' %
-       ' | '.join(method.property_attributes or ['v8::None']) %}
-{% set only_exposed_to_private_script = 'V8DOMConfiguration::OnlyExposedToPrivateScript' if method.only_exposed_to_private_script else 'V8DOMConfiguration::ExposedToAllScripts' %}
-{% set holder_check = 'V8DOMConfiguration::CheckHolder' %}
-const V8DOMConfiguration::AttributeConfiguration {{method.name}}OriginSafeAttributeConfiguration = {
-    "{{method.name}}", {{getter_callback}}, {{setter_callback}}, {{getter_callback_for_main_world}}, {{setter_callback_for_main_world}}, &{{v8_class}}::wrapperTypeInfo, v8::ALL_CAN_READ, {{property_attribute}}, {{only_exposed_to_private_script}}, {{property_location(method)}}, {{holder_check}},
-};
-V8DOMConfiguration::installAttribute(isolate, world, {{instance_template}}, {{prototype_template}}, {{method.name}}OriginSafeAttributeConfiguration);
-{%- endmacro %}
-
-
-{##############################################################################}
 {% macro install_indexed_property_handler(target) %}
 {% set indexed_property_getter_callback =
        '%sV8Internal::indexedPropertyGetterCallback' % cpp_class %}
 {% set indexed_property_setter_callback =
        '%sV8Internal::indexedPropertySetterCallback' % cpp_class
        if indexed_property_setter or named_property_setter else '0' %}
 {% set indexed_property_query_callback = '0' %}{# Unused #}
 {% set indexed_property_deleter_callback =
        '%sV8Internal::indexedPropertyDeleterCallback' % cpp_class
        if indexed_property_deleter or named_property_deleter else '0' %}
 {% set indexed_property_enumerator_callback =
        'indexedPropertyEnumerator<%s>' % cpp_class
        if indexed_property_getter.is_enumerable else '0' %}
 {% set property_handler_flags =
-       'v8::PropertyHandlerFlags::kAllCanRead'
-       if indexed_property_getter.do_not_check_security
-       else 'v8::PropertyHandlerFlags::kNone' %}
+       'v8::PropertyHandlerFlags::kNone' %}
 v8::IndexedPropertyHandlerConfiguration indexedPropertyHandlerConfig({{indexed_property_getter_callback}}, {{indexed_property_setter_callback}}, {{indexed_property_query_callback}}, {{indexed_property_deleter_callback}}, {{indexed_property_enumerator_callback}}, v8::Local<v8::Value>(), {{property_handler_flags}});
 {{target}}->SetHandler(indexedPropertyHandlerConfig);
 {%- endmacro %}
 
 
 {##############################################################################}
 {% macro install_named_property_handler(target) %}
 {% set named_property_getter_callback =
        '%sV8Internal::namedPropertyGetterCallback' % cpp_class %}
 {% set named_property_setter_callback =
        '%sV8Internal::namedPropertySetterCallback' % cpp_class
        if named_property_setter else '0' %}
 {% set named_property_query_callback =
        '%sV8Internal::namedPropertyQueryCallback' % cpp_class
        if named_property_getter.is_enumerable else '0' %}
 {% set named_property_deleter_callback =
        '%sV8Internal::namedPropertyDeleterCallback' % cpp_class
        if named_property_deleter else '0' %}
 {% set named_property_enumerator_callback =
        '%sV8Internal::namedPropertyEnumeratorCallback' % cpp_class
        if named_property_getter.is_enumerable else '0' %}
 {% set property_handler_flags_list =
        ['int(v8::PropertyHandlerFlags::kOnlyInterceptStrings)'] %}
-{% if named_property_getter.do_not_check_security %}
-{% set property_handler_flags_list =
-       property_handler_flags_list + ['int(v8::PropertyHandlerFlags::kAllCanRead)'] %}
-{% endif %}
 {% if not is_override_builtins %}
 {% set property_handler_flags_list =
        property_handler_flags_list + ['int(v8::PropertyHandlerFlags::kNonMasking)'] %}
 {% endif %}
 {% set property_handler_flags =
        'static_cast<v8::PropertyHandlerFlags>(%s)' %
            ' | '.join(property_handler_flags_list) %}
 v8::NamedPropertyHandlerConfiguration namedPropertyHandlerConfig({{named_property_getter_callback}}, {{named_property_setter_callback}}, {{named_property_query_callback}}, {{named_property_deleter_callback}}, {{named_property_enumerator_callback}}, v8::Local<v8::Value>(), {{property_handler_flags}});
 {{target}}->SetHandler(namedPropertyHandlerConfig);
 {%- endmacro %}
@@ skipping 213 matching lines @@
 }
 
 {% for method in methods if method.overloads and method.overloads.has_partial_overloads %}
 void {{v8_class}}::register{{method.name | blink_capitalize}}MethodForPartialInterface(void (*method)(const v8::FunctionCallbackInfo<v8::Value>&)) {
   {{cpp_class}}V8Internal::{{method.name}}MethodForPartialInterface = method;
 }
 
 {% endfor %}
 {% endif %}
 {% endblock %}