| Index: third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceCheckSecurity.cpp
|
| diff --git a/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceCheckSecurity.cpp b/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceCheckSecurity.cpp
|
| index 977a71a9f4483ef53c696e7582d841dba2354047..3bed184fd8643faee7e5b0a381d1ac3f895e921c 100644
|
| --- a/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceCheckSecurity.cpp
|
| +++ b/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceCheckSecurity.cpp
|
| @@ -11,6 +11,7 @@
|
| #include "bindings/core/v8/BindingSecurity.h"
|
| #include "bindings/core/v8/ExceptionState.h"
|
| #include "bindings/core/v8/GeneratedCodeHelper.h"
|
| +#include "bindings/core/v8/V8CrossOriginSetterInfo.h"
|
| #include "bindings/core/v8/V8DOMConfiguration.h"
|
| #include "bindings/core/v8/V8ObjectConstructor.h"
|
| #include "core/dom/Document.h"
|
| @@ -170,7 +171,7 @@ void doNotCheckSecurityOnSetterLongAttributeAttributeGetterCallback(const v8::Fu
|
| TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityOnSetterLongAttributeAttributeGetter(info);
|
| }
|
|
|
| -static void doNotCheckSecurityOnSetterLongAttributeAttributeSetter(v8::Local<v8::Value> v8Value, const v8::FunctionCallbackInfo<v8::Value>& info) {
|
| +static void doNotCheckSecurityOnSetterLongAttributeAttributeSetter(v8::Local<v8::Value> v8Value, const V8CrossOriginSetterInfo& info) {
|
| v8::Local<v8::Object> holder = info.Holder();
|
| TestInterfaceCheckSecurity* impl = V8TestInterfaceCheckSecurity::toImpl(holder);
|
|
|
| @@ -187,7 +188,7 @@ static void doNotCheckSecurityOnSetterLongAttributeAttributeSetter(v8::Local<v8:
|
| void doNotCheckSecurityOnSetterLongAttributeAttributeSetterCallback(const v8::FunctionCallbackInfo<v8::Value>& info) {
|
| v8::Local<v8::Value> v8Value = info[0];
|
|
|
| - TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityOnSetterLongAttributeAttributeSetter(v8Value, info);
|
| + TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityOnSetterLongAttributeAttributeSetter(v8Value, V8CrossOriginSetterInfo(info.GetIsolate(), info.Holder()));
|
| }
|
|
|
| static void doNotCheckSecurityReplaceableReadonlyLongAttributeAttributeGetter(const v8::FunctionCallbackInfo<v8::Value>& info) {
|
| @@ -215,11 +216,6 @@ void doNotCheckSecurityReplaceableReadonlyLongAttributeAttributeSetterCallback(c
|
| TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityReplaceableReadonlyLongAttributeAttributeSetter(v8Value, info);
|
| }
|
|
|
| -bool securityCheck(v8::Local<v8::Context> accessingContext, v8::Local<v8::Object> accessedObject, v8::Local<v8::Value> data) {
|
| - TestInterfaceCheckSecurity* impl = V8TestInterfaceCheckSecurity::toImpl(accessedObject);
|
| - return BindingSecurity::shouldAllowAccessTo(toLocalDOMWindow(toDOMWindow(accessingContext)), impl, BindingSecurity::ErrorReportOption::DoNotReport);
|
| -}
|
| -
|
| static void voidMethodMethod(const v8::FunctionCallbackInfo<v8::Value>& info) {
|
| TestInterfaceCheckSecurity* impl = V8TestInterfaceCheckSecurity::toImpl(info.Holder());
|
|
|
| @@ -379,24 +375,58 @@ void doNotCheckSecurityUnforgeableVoidMethodOriginSafeMethodGetterCallback(v8::L
|
| TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityUnforgeableVoidMethodOriginSafeMethodGetter(info);
|
| }
|
|
|
| -static void TestInterfaceCheckSecurityOriginSafeMethodSetter(v8::Local<v8::Name> name, v8::Local<v8::Value> v8Value, const v8::PropertyCallbackInfo<void>& info) {
|
| +bool securityCheck(v8::Local<v8::Context> accessingContext, v8::Local<v8::Object> accessedObject, v8::Local<v8::Value> data) {
|
| + TestInterfaceCheckSecurity* impl = V8TestInterfaceCheckSecurity::toImpl(accessedObject);
|
| + return BindingSecurity::shouldAllowAccessTo(toLocalDOMWindow(toDOMWindow(accessingContext)), impl, BindingSecurity::ErrorReportOption::DoNotReport);
|
| +}
|
| +
|
| +void crossOriginNamedGetter(v8::Local<v8::Name> name, const v8::PropertyCallbackInfo<v8::Value>& info) {
|
| if (!name->IsString())
|
| return;
|
| - v8::Local<v8::Object> holder = V8TestInterfaceCheckSecurity::findInstanceInPrototypeChain(info.Holder(), info.GetIsolate());
|
| - if (holder.IsEmpty())
|
| - return;
|
| - TestInterfaceCheckSecurity* impl = V8TestInterfaceCheckSecurity::toImpl(holder);
|
| - v8::String::Utf8Value attributeName(name);
|
| - ExceptionState exceptionState(ExceptionState::SetterContext, *attributeName, "TestInterfaceCheckSecurity", info.Holder(), info.GetIsolate());
|
| - if (!BindingSecurity::shouldAllowAccessTo(currentDOMWindow(info.GetIsolate()), impl, exceptionState)) {
|
| - return;
|
| - }
|
| + const AtomicString& propertyName = toCoreAtomicString(name.As<v8::String>());
|
| +
|
| + // TODO(dcheng): Can we / should we use AtomicString here? That means using DEFINE_STATIC_LOCAL here.
|
| + static const struct AttributeInfo {
|
| + const char* const name;
|
| + using GetterCallback = void(*)(const v8::PropertyCallbackInfo<v8::Value>&);
|
| + const GetterCallback getter;
|
| + } kAttributeInfoList[] = {
|
| + {"doNotCheckSecurityLongAttribute", &TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityLongAttributeAttributeGetter},
|
| + {"doNotCheckSecurityReadonlyLongAttribute", &TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityReadonlyLongAttributeAttributeGetter},
|
| + {"doNotCheckSecurityReplaceableReadonlyLongAttribute", &TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityReplaceableReadonlyLongAttributeAttributeGetter},
|
| + {"doNotCheckSecurityVoidMethod", &TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityVoidMethodOriginSafeMethodGetter},
|
| + {"doNotCheckSecurityPerWorldBindingsVoidMethod", &TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeMethodGetter},
|
| + {"doNotCheckSecurityUnforgeableVoidMethod", &TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityUnforgeableVoidMethodOriginSafeMethodGetter},
|
| + };
|
|
|
| - V8HiddenValue::setHiddenValue(ScriptState::current(info.GetIsolate()), v8::Local<v8::Object>::Cast(info.Holder()), name.As<v8::String>(), v8Value);
|
| + for (const auto& attribute: kAttributeInfoList) {
|
| + if (propertyName == attribute.name) {
|
| + attribute.getter(info);
|
| + return;
|
| + }
|
| + }
|
| }
|
|
|
| -void TestInterfaceCheckSecurityOriginSafeMethodSetterCallback(v8::Local<v8::Name> name, v8::Local<v8::Value> v8Value, const v8::PropertyCallbackInfo<void>& info) {
|
| - TestInterfaceCheckSecurityV8Internal::TestInterfaceCheckSecurityOriginSafeMethodSetter(name, v8Value, info);
|
| +void crossOriginNamedSetter(v8::Local<v8::Name> name, v8::Local<v8::Value> value, const v8::PropertyCallbackInfo<v8::Value>& info) {
|
| + if (!name->IsString())
|
| + return;
|
| + const AtomicString& propertyName = toCoreAtomicString(name.As<v8::String>());
|
| +
|
| + // TODO(dcheng): Can we / should we use AtomicString here? That means using DEFINE_STATIC_LOCAL here.
|
| + static const struct AttributeInfo {
|
| + const char* const name;
|
| + using SetterCallback = void(*)(v8::Local<v8::Value>, const V8CrossOriginSetterInfo&);
|
| + const SetterCallback setter;
|
| + } kAttributeInfoList[] = {
|
| + {"doNotCheckSecurityOnSetterLongAttribute", &TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityOnSetterLongAttributeAttributeSetter},
|
| + };
|
| +
|
| + for (const auto& attribute: kAttributeInfoList) {
|
| + if (propertyName == attribute.name) {
|
| + attribute.setter(value, V8CrossOriginSetterInfo(info.GetIsolate(), info.Holder()));
|
| + return;
|
| + }
|
| + }
|
| }
|
|
|
| } // namespace TestInterfaceCheckSecurityV8Internal
|
| @@ -412,6 +442,9 @@ const V8DOMConfiguration::AccessorConfiguration V8TestInterfaceCheckSecurityAcce
|
|
|
| const V8DOMConfiguration::MethodConfiguration V8TestInterfaceCheckSecurityMethods[] = {
|
| {"voidMethod", TestInterfaceCheckSecurityV8Internal::voidMethodMethodCallback, 0, 0, v8::None, V8DOMConfiguration::ExposedToAllScripts, V8DOMConfiguration::OnInstance},
|
| + {"doNotCheckSecurityVoidMethod", TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityVoidMethodMethodCallback, 0, 0, v8::None, V8DOMConfiguration::ExposedToAllScripts, V8DOMConfiguration::OnInstance},
|
| + {"doNotCheckSecurityPerWorldBindingsVoidMethod", TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityPerWorldBindingsVoidMethodMethodCallback, TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityPerWorldBindingsVoidMethodMethodCallbackForMainWorld, 0, v8::None, V8DOMConfiguration::ExposedToAllScripts, V8DOMConfiguration::OnInstance},
|
| + {"doNotCheckSecurityUnforgeableVoidMethod", TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityUnforgeableVoidMethodMethodCallback, 0, 0, static_cast<v8::PropertyAttribute>(v8::ReadOnly | v8::DontDelete), V8DOMConfiguration::ExposedToAllScripts, V8DOMConfiguration::OnInstance},
|
| };
|
|
|
| static void installV8TestInterfaceCheckSecurityTemplate(v8::Isolate* isolate, const DOMWrapperWorld& world, v8::Local<v8::FunctionTemplate> interfaceTemplate) {
|
| @@ -428,20 +461,7 @@ static void installV8TestInterfaceCheckSecurityTemplate(v8::Isolate* isolate, co
|
| V8DOMConfiguration::installMethods(isolate, world, instanceTemplate, prototypeTemplate, interfaceTemplate, signature, V8TestInterfaceCheckSecurityMethods, WTF_ARRAY_LENGTH(V8TestInterfaceCheckSecurityMethods));
|
|
|
| // Cross-origin access check
|
| - instanceTemplate->SetAccessCheckCallback(TestInterfaceCheckSecurityV8Internal::securityCheck, v8::External::New(isolate, const_cast<WrapperTypeInfo*>(&V8TestInterfaceCheckSecurity::wrapperTypeInfo)));
|
| -
|
| - const V8DOMConfiguration::AttributeConfiguration doNotCheckSecurityVoidMethodOriginSafeAttributeConfiguration = {
|
| - "doNotCheckSecurityVoidMethod", TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityVoidMethodOriginSafeMethodGetterCallback, TestInterfaceCheckSecurityV8Internal::TestInterfaceCheckSecurityOriginSafeMethodSetterCallback, 0, 0, &V8TestInterfaceCheckSecurity::wrapperTypeInfo, v8::ALL_CAN_READ, static_cast<v8::PropertyAttribute>(v8::None), V8DOMConfiguration::ExposedToAllScripts, V8DOMConfiguration::OnInstance, V8DOMConfiguration::CheckHolder,
|
| - };
|
| - V8DOMConfiguration::installAttribute(isolate, world, instanceTemplate, prototypeTemplate, doNotCheckSecurityVoidMethodOriginSafeAttributeConfiguration);
|
| - const V8DOMConfiguration::AttributeConfiguration doNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeAttributeConfiguration = {
|
| - "doNotCheckSecurityPerWorldBindingsVoidMethod", TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeMethodGetterCallback, TestInterfaceCheckSecurityV8Internal::TestInterfaceCheckSecurityOriginSafeMethodSetterCallback, TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeMethodGetterCallbackForMainWorld, TestInterfaceCheckSecurityV8Internal::TestInterfaceCheckSecurityOriginSafeMethodSetterCallbackForMainWorld, &V8TestInterfaceCheckSecurity::wrapperTypeInfo, v8::ALL_CAN_READ, static_cast<v8::PropertyAttribute>(v8::None), V8DOMConfiguration::ExposedToAllScripts, V8DOMConfiguration::OnInstance, V8DOMConfiguration::CheckHolder,
|
| - };
|
| - V8DOMConfiguration::installAttribute(isolate, world, instanceTemplate, prototypeTemplate, doNotCheckSecurityPerWorldBindingsVoidMethodOriginSafeAttributeConfiguration);
|
| - const V8DOMConfiguration::AttributeConfiguration doNotCheckSecurityUnforgeableVoidMethodOriginSafeAttributeConfiguration = {
|
| - "doNotCheckSecurityUnforgeableVoidMethod", TestInterfaceCheckSecurityV8Internal::doNotCheckSecurityUnforgeableVoidMethodOriginSafeMethodGetterCallback, 0, 0, 0, &V8TestInterfaceCheckSecurity::wrapperTypeInfo, v8::ALL_CAN_READ, static_cast<v8::PropertyAttribute>(v8::ReadOnly | v8::DontDelete), V8DOMConfiguration::ExposedToAllScripts, V8DOMConfiguration::OnInstance, V8DOMConfiguration::CheckHolder,
|
| - };
|
| - V8DOMConfiguration::installAttribute(isolate, world, instanceTemplate, prototypeTemplate, doNotCheckSecurityUnforgeableVoidMethodOriginSafeAttributeConfiguration);
|
| + instanceTemplate->SetAccessCheckCallbackAndHandler(TestInterfaceCheckSecurityV8Internal::securityCheck, v8::NamedPropertyHandlerConfiguration(TestInterfaceCheckSecurityV8Internal::crossOriginNamedGetter, TestInterfaceCheckSecurityV8Internal::crossOriginNamedSetter), v8::IndexedPropertyHandlerConfiguration(nullptr), v8::External::New(isolate, const_cast<WrapperTypeInfo*>(&V8TestInterfaceCheckSecurity::wrapperTypeInfo)));
|
| }
|
|
|
| v8::Local<v8::FunctionTemplate> V8TestInterfaceCheckSecurity::domTemplate(v8::Isolate* isolate, const DOMWrapperWorld& world) {
|
|
|
Chromium Code Reviews
Issue 2439013002:
Implement cross-origin attributes using access check interceptors. (Closed)
