OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2008, 2009 Google Inc. All rights reserved. | 2 * Copyright (C) 2008, 2009 Google Inc. All rights reserved. |
3 * Copyright (C) 2009 Apple Inc. All rights reserved. | 3 * Copyright (C) 2009 Apple Inc. All rights reserved. |
4 * Copyright (C) 2014 Opera Software ASA. All rights reserved. | 4 * Copyright (C) 2014 Opera Software ASA. All rights reserved. |
5 * | 5 * |
6 * Redistribution and use in source and binary forms, with or without | 6 * Redistribution and use in source and binary forms, with or without |
7 * modification, are permitted provided that the following conditions are | 7 * modification, are permitted provided that the following conditions are |
8 * met: | 8 * met: |
9 * | 9 * |
10 * * Redistributions of source code must retain the above copyright | 10 * * Redistributions of source code must retain the above copyright |
(...skipping 249 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
260 void ScriptController::namedItemAdded(HTMLDocument* doc, | 260 void ScriptController::namedItemAdded(HTMLDocument* doc, |
261 const AtomicString& name) { | 261 const AtomicString& name) { |
262 windowProxy(DOMWrapperWorld::mainWorld())->namedItemAdded(doc, name); | 262 windowProxy(DOMWrapperWorld::mainWorld())->namedItemAdded(doc, name); |
263 } | 263 } |
264 | 264 |
265 void ScriptController::namedItemRemoved(HTMLDocument* doc, | 265 void ScriptController::namedItemRemoved(HTMLDocument* doc, |
266 const AtomicString& name) { | 266 const AtomicString& name) { |
267 windowProxy(DOMWrapperWorld::mainWorld())->namedItemRemoved(doc, name); | 267 windowProxy(DOMWrapperWorld::mainWorld())->namedItemRemoved(doc, name); |
268 } | 268 } |
269 | 269 |
270 static bool isInPrivateScriptIsolateWorld(v8::Isolate* isolate) { | |
271 v8::Local<v8::Context> context = isolate->GetCurrentContext(); | |
272 return !context.IsEmpty() && toDOMWindow(context) && | |
273 DOMWrapperWorld::current(isolate).isPrivateScriptIsolatedWorld(); | |
274 } | |
275 | |
276 bool ScriptController::canExecuteScripts( | 270 bool ScriptController::canExecuteScripts( |
277 ReasonForCallingCanExecuteScripts reason) { | 271 ReasonForCallingCanExecuteScripts reason) { |
278 // For performance reasons, we check isInPrivateScriptIsolateWorld() only if | |
279 // canExecuteScripts is going to return false. | |
280 | 272 |
281 if (frame()->document() && frame()->document()->isSandboxed(SandboxScripts)) { | 273 if (frame()->document() && frame()->document()->isSandboxed(SandboxScripts)) { |
282 if (isInPrivateScriptIsolateWorld(isolate())) | |
283 return true; | |
284 // FIXME: This message should be moved off the console once a solution to | 274 // FIXME: This message should be moved off the console once a solution to |
285 // https://bugs.webkit.org/show_bug.cgi?id=103274 exists. | 275 // https://bugs.webkit.org/show_bug.cgi?id=103274 exists. |
286 if (reason == AboutToExecuteScript) | 276 if (reason == AboutToExecuteScript) |
287 frame()->document()->addConsoleMessage(ConsoleMessage::create( | 277 frame()->document()->addConsoleMessage(ConsoleMessage::create( |
288 SecurityMessageSource, ErrorMessageLevel, | 278 SecurityMessageSource, ErrorMessageLevel, |
289 "Blocked script execution in '" + | 279 "Blocked script execution in '" + |
290 frame()->document()->url().elidedString() + | 280 frame()->document()->url().elidedString() + |
291 "' because the document's frame is sandboxed and the " | 281 "' because the document's frame is sandboxed and the " |
292 "'allow-scripts' permission is not set.")); | 282 "'allow-scripts' permission is not set.")); |
293 return false; | 283 return false; |
294 } | 284 } |
295 | 285 |
296 if (frame()->document() && frame()->document()->isViewSource()) { | 286 if (frame()->document() && frame()->document()->isViewSource()) { |
297 ASSERT(frame()->document()->getSecurityOrigin()->isUnique()); | 287 ASSERT(frame()->document()->getSecurityOrigin()->isUnique()); |
298 return true; | 288 return true; |
299 } | 289 } |
300 | 290 |
301 FrameLoaderClient* client = frame()->loader().client(); | 291 FrameLoaderClient* client = frame()->loader().client(); |
302 if (!client) | 292 if (!client) |
303 return false; | 293 return false; |
304 Settings* settings = frame()->settings(); | 294 Settings* settings = frame()->settings(); |
305 const bool allowed = | 295 const bool allowed = |
306 client->allowScript(settings && settings->scriptEnabled()) || | 296 client->allowScript(settings && settings->scriptEnabled()); |
307 isInPrivateScriptIsolateWorld(isolate()); | |
308 if (!allowed && reason == AboutToExecuteScript) | 297 if (!allowed && reason == AboutToExecuteScript) |
309 client->didNotAllowScript(); | 298 client->didNotAllowScript(); |
310 return allowed; | 299 return allowed; |
311 } | 300 } |
312 | 301 |
313 bool ScriptController::executeScriptIfJavaScriptURL(const KURL& url, | 302 bool ScriptController::executeScriptIfJavaScriptURL(const KURL& url, |
314 Element* element) { | 303 Element* element) { |
315 if (!protocolIsJavaScript(url)) | 304 if (!protocolIsJavaScript(url)) |
316 return false; | 305 return false; |
317 | 306 |
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
446 for (size_t i = 0; i < resultArray->Length(); ++i) { | 435 for (size_t i = 0; i < resultArray->Length(); ++i) { |
447 v8::Local<v8::Value> value; | 436 v8::Local<v8::Value> value; |
448 if (!resultArray->Get(scriptState->context(), i).ToLocal(&value)) | 437 if (!resultArray->Get(scriptState->context(), i).ToLocal(&value)) |
449 return; | 438 return; |
450 results->push_back(value); | 439 results->push_back(value); |
451 } | 440 } |
452 } | 441 } |
453 } | 442 } |
454 | 443 |
455 } // namespace blink | 444 } // namespace blink |
OLD | NEW |