Chromium Code Reviews Chromium Code Reviews
Issue 2706813002:
CHECK correct context usage in V8ScriptRunner::callFunction (Closed)
| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2006, 2007, 2008, 2009 Google Inc. All rights reserved. | 2 * Copyright (C) 2006, 2007, 2008, 2009 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 12 matching lines...) Expand all Loading... | |
| 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 29 */ | 29 */ |
| 30 | 30 |
| 31 #include "bindings/core/v8/V8EventListener.h" | 31 #include "bindings/core/v8/V8EventListener.h" |
| 32 | 32 |
| 33 #include "bindings/core/v8/BindingSecurity.h" | |
| 33 #include "bindings/core/v8/ScriptController.h" | 34 #include "bindings/core/v8/ScriptController.h" |
| 34 #include "bindings/core/v8/V8Binding.h" | 35 #include "bindings/core/v8/V8Binding.h" |
| 35 #include "core/dom/Document.h" | 36 #include "core/dom/Document.h" |
| 36 #include "core/events/Event.h" | 37 #include "core/events/Event.h" |
| 37 #include "core/frame/LocalFrame.h" | 38 #include "core/frame/LocalFrame.h" |
| 38 | 39 |
| 39 namespace blink { | 40 namespace blink { |
| 40 | 41 |
| 41 V8EventListener::V8EventListener(bool isAttribute, ScriptState* scriptState) | 42 V8EventListener::V8EventListener(bool isAttribute, ScriptState* scriptState) |
| 42 : V8AbstractEventListener(isAttribute, | 43 : V8AbstractEventListener(isAttribute, |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 93 if (handlerFunction.IsEmpty() || receiver.IsEmpty()) | 94 if (handlerFunction.IsEmpty() || receiver.IsEmpty()) |
| 94 return v8::Local<v8::Value>(); | 95 return v8::Local<v8::Value>(); |
| 95 | 96 |
| 96 if (!scriptState->getExecutionContext()->isDocument()) | 97 if (!scriptState->getExecutionContext()->isDocument()) |
| 97 return v8::Local<v8::Value>(); | 98 return v8::Local<v8::Value>(); |
| 98 | 99 |
| 99 LocalFrame* frame = toDocument(scriptState->getExecutionContext())->frame(); | 100 LocalFrame* frame = toDocument(scriptState->getExecutionContext())->frame(); |
| 100 if (!frame) | 101 if (!frame) |
| 101 return v8::Local<v8::Value>(); | 102 return v8::Local<v8::Value>(); |
| 102 | 103 |
| 103 // TODO(jochen): Consider moving this check into canExecuteScripts. | 104 if (scriptState->world().isMainWorld()) { |
| 104 // http://crbug.com/608641 | 105 // TODO(jochen): Consider moving this check into canExecuteScripts. |
| 105 if (scriptState->world().isMainWorld() && | 106 // http://crbug.com/608641 |
| 106 !scriptState->getExecutionContext()->canExecuteScripts( | 107 if (!scriptState->getExecutionContext()->canExecuteScripts( |
| 107 AboutToExecuteScript)) | 108 AboutToExecuteScript)) { |
| 108 return v8::Local<v8::Value>(); | 109 return v8::Local<v8::Value>(); |
| 110 } | |
| 111 | |
| 112 CHECK(BindingSecurity::shouldAllowAccessToFrame( | |
| 113 toDOMWindow(handlerFunction->CreationContext())->toLocalDOMWindow(), | |
| 114 frame, BindingSecurity::ErrorReportOption::DoNotReport)); | |
|
haraken
2017/02/20 10:01:55
Another idea would be to move the CHECK into V8Scr
| |
| 115 } | |
| 109 | 116 |
| 110 v8::Local<v8::Value> parameters[1] = {jsEvent}; | 117 v8::Local<v8::Value> parameters[1] = {jsEvent}; |
| 111 v8::Local<v8::Value> result; | 118 v8::Local<v8::Value> result; |
| 112 if (!V8ScriptRunner::callFunction(handlerFunction, frame->document(), | 119 if (!V8ScriptRunner::callFunction(handlerFunction, frame->document(), |
| 113 receiver, WTF_ARRAY_LENGTH(parameters), | 120 receiver, WTF_ARRAY_LENGTH(parameters), |
| 114 parameters, scriptState->isolate()) | 121 parameters, scriptState->isolate()) |
| 115 .ToLocal(&result)) | 122 .ToLocal(&result)) { |
| 116 return v8::Local<v8::Value>(); | 123 return v8::Local<v8::Value>(); |
| 124 } | |
| 117 return result; | 125 return result; |
| 118 } | 126 } |
| 119 | 127 |
| 120 } // namespace blink | 128 } // namespace blink |
| OLD | NEW |
