Implement cross-origin attributes using access check interceptors.

third_party/WebKit/Source/bindings/templates/interface.cpp.tmpl

Index: third_party/WebKit/Source/bindings/templates/interface.cpp.tmpl
diff --git a/third_party/WebKit/Source/bindings/templates/interface.cpp.tmpl b/third_party/WebKit/Source/bindings/templates/interface.cpp.tmpl
index 2686f5204e9fae0d8b2e80ceaaaa3c49bcd99f00..b07896d7536e0122209f5486003fff5efaa24992 100644
--- a/third_party/WebKit/Source/bindings/templates/interface.cpp.tmpl
+++ b/third_party/WebKit/Source/bindings/templates/interface.cpp.tmpl
@@ -488,34 +488,6 @@ void namedPropertyEnumeratorCallback(const v8::PropertyCallbackInfo<v8::Array>&
 
 
 {##############################################################################}
-{% block origin_safe_method_setter %}
-{% if has_origin_safe_method_setter %}
-static void {{cpp_class}}OriginSafeMethodSetter(v8::Local<v8::Name> name, v8::Local<v8::Value> v8Value, const v8::PropertyCallbackInfo<void>& info) {
-  if (!name->IsString())
-    return;
-  v8::Local<v8::Object> holder = {{v8_class}}::findInstanceInPrototypeChain(info.Holder(), info.GetIsolate());
-  if (holder.IsEmpty())
-    return;
-  {{cpp_class}}* impl = {{v8_class}}::toImpl(holder);
-  v8::String::Utf8Value attributeName(name);
-  ExceptionState exceptionState(ExceptionState::SetterContext, *attributeName, "{{interface_name}}", info.Holder(), info.GetIsolate());
-  if (!BindingSecurity::shouldAllowAccessTo(currentDOMWindow(info.GetIsolate()), impl, exceptionState)) {
-    return;
-  }
-
-  {# The findInstanceInPrototypeChain() call above only returns a non-empty handle if info.Holder() is an Object. #}
-  V8HiddenValue::setHiddenValue(ScriptState::current(info.GetIsolate()), v8::Local<v8::Object>::Cast(info.Holder()), name.As<v8::String>(), v8Value);

[dcheng, 2016/11/02 01:46:42]

This isn't needed anymore: cross-origin calls to things like postMessage always
go through the custom named property getter interceptor, which will only ever
return the function.

[haraken, 2016/11/02 04:30:32]

This is awesome!

After you land this CL, how much do you think our implementation will align with
the CrossOriginProperties in the spec?
(https://html.spec.whatwg.org/multipage/browsers.html#cross-origin-objects)

[dcheng, 2016/11/02 07:45:32]

I was reading this earlier and we almost match: our assign() function is exposed
cross-origin, but that is not in the spec.

(There is some cleanup I'd like to do in a followup for the named getter though)

-}
-
-void {{cpp_class}}OriginSafeMethodSetterCallback(v8::Local<v8::Name> name, v8::Local<v8::Value> v8Value, const v8::PropertyCallbackInfo<void>& info) {
-  {{cpp_class}}V8Internal::{{cpp_class}}OriginSafeMethodSetter(name, v8Value, info);
-}
-
-{% endif %}
-{% endblock %}
-
-
-{##############################################################################}
 {% block named_constructor %}
 {% from 'methods.cpp.tmpl' import generate_constructor with context %}
 {% if named_constructor %}
@@ -656,39 +628,6 @@ void {{v8_class}}::constructorCallback(const v8::FunctionCallbackInfo<v8::Value>
 
 
 {##############################################################################}
-{% macro install_do_not_check_security_method(method, world_suffix, instance_template, prototype_template) %}
-{% from 'utilities.cpp.tmpl' import property_location %}
-{# Methods that are [DoNotCheckSecurity] are always readable, but if they are
-   changed and then accessed from a different origin, we do not return the
-   underlying value, but instead return a new copy of the original function.
-   This is achieved by storing the changed value as a hidden property. #}
-{% set getter_callback =
-       '%sV8Internal::%sOriginSafeMethodGetterCallback%s' %
-       (cpp_class, method.name, world_suffix) %}
-{% set setter_callback =
-       '{0}V8Internal::{0}OriginSafeMethodSetterCallback'.format(cpp_class)
-       if not method.is_unforgeable else '0' %}
-{% if method.is_per_world_bindings %}
-{% set getter_callback_for_main_world = '%sForMainWorld' % getter_callback %}
-{% set setter_callback_for_main_world = '%sForMainWorld' % setter_callback
-       if not method.is_unforgeable else '0' %}
-{% else %}
-{% set getter_callback_for_main_world = '0' %}
-{% set setter_callback_for_main_world = '0' %}
-{% endif %}
-{% set property_attribute =
-       'static_cast<v8::PropertyAttribute>(%s)' %
-       ' | '.join(method.property_attributes or ['v8::None']) %}
-{% set only_exposed_to_private_script = 'V8DOMConfiguration::OnlyExposedToPrivateScript' if method.only_exposed_to_private_script else 'V8DOMConfiguration::ExposedToAllScripts' %}
-{% set holder_check = 'V8DOMConfiguration::CheckHolder' %}
-const V8DOMConfiguration::AttributeConfiguration {{method.name}}OriginSafeAttributeConfiguration = {
-    "{{method.name}}", {{getter_callback}}, {{setter_callback}}, {{getter_callback_for_main_world}}, {{setter_callback_for_main_world}}, &{{v8_class}}::wrapperTypeInfo, v8::ALL_CAN_READ, {{property_attribute}}, {{only_exposed_to_private_script}}, {{property_location(method)}}, {{holder_check}},
-};
-V8DOMConfiguration::installAttribute(isolate, world, {{instance_template}}, {{prototype_template}}, {{method.name}}OriginSafeAttributeConfiguration);
-{%- endmacro %}
-
-
-{##############################################################################}
 {% macro install_indexed_property_handler(target) %}
 {% set indexed_property_getter_callback =
        '%sV8Internal::indexedPropertyGetterCallback' % cpp_class %}
@@ -703,9 +642,7 @@ V8DOMConfiguration::installAttribute(isolate, world, {{instance_template}}, {{pr
        'indexedPropertyEnumerator<%s>' % cpp_class
        if indexed_property_getter.is_enumerable else '0' %}
 {% set property_handler_flags =
-       'v8::PropertyHandlerFlags::kAllCanRead'
-       if indexed_property_getter.do_not_check_security
-       else 'v8::PropertyHandlerFlags::kNone' %}
+       'v8::PropertyHandlerFlags::kNone' %}
 v8::IndexedPropertyHandlerConfiguration indexedPropertyHandlerConfig({{indexed_property_getter_callback}}, {{indexed_property_setter_callback}}, {{indexed_property_query_callback}}, {{indexed_property_deleter_callback}}, {{indexed_property_enumerator_callback}}, v8::Local<v8::Value>(), {{property_handler_flags}});
 {{target}}->SetHandler(indexedPropertyHandlerConfig);
 {%- endmacro %}
@@ -729,10 +666,6 @@ v8::IndexedPropertyHandlerConfiguration indexedPropertyHandlerConfig({{indexed_p
        if named_property_getter.is_enumerable else '0' %}
 {% set property_handler_flags_list =
        ['int(v8::PropertyHandlerFlags::kOnlyInterceptStrings)'] %}
-{% if named_property_getter.do_not_check_security %}
-{% set property_handler_flags_list =
-       property_handler_flags_list + ['int(v8::PropertyHandlerFlags::kAllCanRead)'] %}
-{% endif %}
 {% if not is_override_builtins %}
 {% set property_handler_flags_list =
        property_handler_flags_list + ['int(v8::PropertyHandlerFlags::kNonMasking)'] %}