third_party/WebKit/Source/bindings/core/v8/ScriptPromiseResolver.h - Issue 2644343002: Add AllowUserAgentScript in ScriptPromiseResolver::resolveOrReject

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: third_party/WebKit/Source/bindings/core/v8/ScriptPromiseResolver.h

Issue 2644343002: Add AllowUserAgentScript in ScriptPromiseResolver::resolveOrReject (Closed)

Patch Set: Remove isScriptForbidden check in HTMLMediaElement Created 3 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: third_party/WebKit/Source/bindings/core/v8/ScriptPromiseResolver.h

diff --git a/third_party/WebKit/Source/bindings/core/v8/ScriptPromiseResolver.h b/third_party/WebKit/Source/bindings/core/v8/ScriptPromiseResolver.h

index 2eb716d8a32d33f2f91abae5b58aeb67a75db33a..fcb38a2954ebde1f82cb30752f5ce78b3222f482 100644

--- a/third_party/WebKit/Source/bindings/core/v8/ScriptPromiseResolver.h

+++ b/third_party/WebKit/Source/bindings/core/v8/ScriptPromiseResolver.h

@@ -126,12 +126,19 @@ class CORE_EXPORT ScriptPromiseResolver

m_state = newState;

ScriptState::Scope scope(m_scriptState.get());

- // TODO(aobzhirov): Converting value to the wrapper can trigger assert

- // if the script is forbidden.

- // The script check below will be unreachable in this case.

- m_value.set(m_scriptState->isolate(),

- ToV8(value, m_scriptState->context()->Global(),

- m_scriptState->isolate()));

+ // Calling ToV8 in a ScriptForbiddenScope will trigger a RELEASE_ASSERT and

+ // cause a crash. ToV8 just invokes a constructor for wrapper creation,

+ // which is safe (no author script can be run). Adding AllowUserAgentScript

+ // directly inside createWrapper could cause a perf impact (calling

+ // isMainThread() every time a wrapper is created is expensive). Ideally,

+ // resolveOrReject shouldn't be called inside a ScriptForbiddenScope.

+ {

+ ScriptForbiddenScope::AllowUserAgentScript allowScript;

+ m_value.set(m_scriptState->isolate(),

+ ToV8(value, m_scriptState->context()->Global(),

haraken 2017/01/21 01:51:09 Are we pretty sure that we have no way to invoke a

adithyas 2017/01/23 15:43:30 If I understand correctly, the constructors called

+ m_scriptState->isolate()));

+ }

if (getExecutionContext()->isContextSuspended()) {

// Retain this object until it is actually resolved or rejected.