| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2008, 2009 Google Inc. All rights reserved. | 2 * Copyright (C) 2008, 2009 Google Inc. All rights reserved. |
| 3 * Copyright (C) 2009 Apple Inc. All rights reserved. | 3 * Copyright (C) 2009 Apple Inc. All rights reserved. |
| 4 * Copyright (C) 2014 Opera Software ASA. All rights reserved. | 4 * Copyright (C) 2014 Opera Software ASA. All rights reserved. |
| 5 * | 5 * |
| 6 * Redistribution and use in source and binary forms, with or without | 6 * Redistribution and use in source and binary forms, with or without |
| 7 * modification, are permitted provided that the following conditions are | 7 * modification, are permitted provided that the following conditions are |
| 8 * met: | 8 * met: |
| 9 * | 9 * |
| 10 * * Redistributions of source code must retain the above copyright | 10 * * Redistributions of source code must retain the above copyright |
| (...skipping 249 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 260 void ScriptController::namedItemAdded(HTMLDocument* doc, | 260 void ScriptController::namedItemAdded(HTMLDocument* doc, |
| 261 const AtomicString& name) { | 261 const AtomicString& name) { |
| 262 windowProxy(DOMWrapperWorld::mainWorld())->namedItemAdded(doc, name); | 262 windowProxy(DOMWrapperWorld::mainWorld())->namedItemAdded(doc, name); |
| 263 } | 263 } |
| 264 | 264 |
| 265 void ScriptController::namedItemRemoved(HTMLDocument* doc, | 265 void ScriptController::namedItemRemoved(HTMLDocument* doc, |
| 266 const AtomicString& name) { | 266 const AtomicString& name) { |
| 267 windowProxy(DOMWrapperWorld::mainWorld())->namedItemRemoved(doc, name); | 267 windowProxy(DOMWrapperWorld::mainWorld())->namedItemRemoved(doc, name); |
| 268 } | 268 } |
| 269 | 269 |
| 270 static bool isInPrivateScriptIsolateWorld(v8::Isolate* isolate) { | |
| 271 v8::Local<v8::Context> context = isolate->GetCurrentContext(); | |
| 272 return !context.IsEmpty() && toDOMWindow(context) && | |
| 273 DOMWrapperWorld::current(isolate).isPrivateScriptIsolatedWorld(); | |
| 274 } | |
| 275 | |
| 276 bool ScriptController::canExecuteScripts( | 270 bool ScriptController::canExecuteScripts( |
| 277 ReasonForCallingCanExecuteScripts reason) { | 271 ReasonForCallingCanExecuteScripts reason) { |
| 278 // For performance reasons, we check isInPrivateScriptIsolateWorld() only if | |
| 279 // canExecuteScripts is going to return false. | |
| 280 | 272 |
| 281 if (frame()->document() && frame()->document()->isSandboxed(SandboxScripts)) { | 273 if (frame()->document() && frame()->document()->isSandboxed(SandboxScripts)) { |
| 282 if (isInPrivateScriptIsolateWorld(isolate())) | |
| 283 return true; | |
| 284 // FIXME: This message should be moved off the console once a solution to | 274 // FIXME: This message should be moved off the console once a solution to |
| 285 // https://bugs.webkit.org/show_bug.cgi?id=103274 exists. | 275 // https://bugs.webkit.org/show_bug.cgi?id=103274 exists. |
| 286 if (reason == AboutToExecuteScript) | 276 if (reason == AboutToExecuteScript) |
| 287 frame()->document()->addConsoleMessage(ConsoleMessage::create( | 277 frame()->document()->addConsoleMessage(ConsoleMessage::create( |
| 288 SecurityMessageSource, ErrorMessageLevel, | 278 SecurityMessageSource, ErrorMessageLevel, |
| 289 "Blocked script execution in '" + | 279 "Blocked script execution in '" + |
| 290 frame()->document()->url().elidedString() + | 280 frame()->document()->url().elidedString() + |
| 291 "' because the document's frame is sandboxed and the " | 281 "' because the document's frame is sandboxed and the " |
| 292 "'allow-scripts' permission is not set.")); | 282 "'allow-scripts' permission is not set.")); |
| 293 return false; | 283 return false; |
| 294 } | 284 } |
| 295 | 285 |
| 296 if (frame()->document() && frame()->document()->isViewSource()) { | 286 if (frame()->document() && frame()->document()->isViewSource()) { |
| 297 ASSERT(frame()->document()->getSecurityOrigin()->isUnique()); | 287 ASSERT(frame()->document()->getSecurityOrigin()->isUnique()); |
| 298 return true; | 288 return true; |
| 299 } | 289 } |
| 300 | 290 |
| 301 FrameLoaderClient* client = frame()->loader().client(); | 291 FrameLoaderClient* client = frame()->loader().client(); |
| 302 if (!client) | 292 if (!client) |
| 303 return false; | 293 return false; |
| 304 Settings* settings = frame()->settings(); | 294 Settings* settings = frame()->settings(); |
| 305 const bool allowed = | 295 const bool allowed = |
| 306 client->allowScript(settings && settings->scriptEnabled()) || | 296 client->allowScript(settings && settings->scriptEnabled()); |
| 307 isInPrivateScriptIsolateWorld(isolate()); | |
| 308 if (!allowed && reason == AboutToExecuteScript) | 297 if (!allowed && reason == AboutToExecuteScript) |
| 309 client->didNotAllowScript(); | 298 client->didNotAllowScript(); |
| 310 return allowed; | 299 return allowed; |
| 311 } | 300 } |
| 312 | 301 |
| 313 bool ScriptController::executeScriptIfJavaScriptURL(const KURL& url, | 302 bool ScriptController::executeScriptIfJavaScriptURL(const KURL& url, |
| 314 Element* element) { | 303 Element* element) { |
| 315 if (!protocolIsJavaScript(url)) | 304 if (!protocolIsJavaScript(url)) |
| 316 return false; | 305 return false; |
| 317 | 306 |
| (...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 446 for (size_t i = 0; i < resultArray->Length(); ++i) { | 435 for (size_t i = 0; i < resultArray->Length(); ++i) { |
| 447 v8::Local<v8::Value> value; | 436 v8::Local<v8::Value> value; |
| 448 if (!resultArray->Get(scriptState->context(), i).ToLocal(&value)) | 437 if (!resultArray->Get(scriptState->context(), i).ToLocal(&value)) |
| 449 return; | 438 return; |
| 450 results->push_back(value); | 439 results->push_back(value); |
| 451 } | 440 } |
| 452 } | 441 } |
| 453 } | 442 } |
| 454 | 443 |
| 455 } // namespace blink | 444 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2571063002:
Remove Blink-in-JS (Closed)
