| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2009 Google Inc. All rights reserved. | 2 * Copyright (C) 2009 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 13 matching lines...) Expand all Loading... |
| 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 29 */ | 29 */ |
| 30 | 30 |
| 31 #ifndef WindowProxy_h | 31 #ifndef WindowProxy_h |
| 32 #define WindowProxy_h | 32 #define WindowProxy_h |
| 33 | 33 |
| 34 #include <v8.h> |
| 34 #include "bindings/core/v8/DOMWrapperWorld.h" | 35 #include "bindings/core/v8/DOMWrapperWorld.h" |
| 35 #include "bindings/core/v8/ScopedPersistent.h" | 36 #include "bindings/core/v8/ScopedPersistent.h" |
| 36 #include "core/CoreExport.h" | 37 #include "core/CoreExport.h" |
| 37 #include "platform/heap/Handle.h" | 38 #include "platform/heap/Handle.h" |
| 38 #include "v8/include/v8.h" | 39 #include "v8/include/v8.h" |
| 39 #include "wtf/RefPtr.h" | 40 #include "wtf/RefPtr.h" |
| 40 | 41 |
| 41 namespace blink { | 42 namespace blink { |
| 42 | 43 |
| 43 class Frame; | 44 class Frame; |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 94 // different process, i.e. a RemoteFrame. | 95 // different process, i.e. a RemoteFrame. |
| 95 // | 96 // |
| 96 // While having a RemoteFrame implies the frame must be cross-origin, the | 97 // While having a RemoteFrame implies the frame must be cross-origin, the |
| 97 // opposite is not true: a LocalFrame can be same-origin or cross-origin. One | 98 // opposite is not true: a LocalFrame can be same-origin or cross-origin. One |
| 98 // additional complexity (which slightly violates the HTML standard): it is | 99 // additional complexity (which slightly violates the HTML standard): it is |
| 99 // possible to have SecurityOrigin::canAccess() return true for a RemoteFrame's | 100 // possible to have SecurityOrigin::canAccess() return true for a RemoteFrame's |
| 100 // security origin; however, it is important to still deny access as if the | 101 // security origin; however, it is important to still deny access as if the |
| 101 // frame were cross-origin. This is due to complexities in the process | 102 // frame were cross-origin. This is due to complexities in the process |
| 102 // allocation model for renderer processes. See https://crbug.com/601629. | 103 // allocation model for renderer processes. See https://crbug.com/601629. |
| 103 // | 104 // |
| 104 // ====== LocalWindowProxy/RemoteWindowProxy ====== | 105 // ====== LocalWindowProxy ====== |
| 105 // Currently, the prototype chain for LocalWindowProxy and RemoteWindowProxy | 106 // Since a LocalWindowProxy can represent a same-origin or cross-origin frame, |
| 106 // look the same: | 107 // the entire prototype chain must be available: |
| 107 // | 108 // |
| 108 // outer global proxy | 109 // outer global proxy |
| 109 // -- has prototype --> inner global object | 110 // -- has prototype --> inner global object |
| 110 // -- has prototype --> Window.prototype | 111 // -- has prototype --> Window.prototype |
| 111 // -- has prototype --> WindowProperties [1] | 112 // -- has prototype --> WindowProperties [1] |
| 112 // -- has prototype --> EventTarget.prototype | 113 // -- has prototype --> EventTarget.prototype |
| 113 // -- has prototype --> Object.prototype | 114 // -- has prototype --> Object.prototype |
| 114 // -- has prototype --> null | 115 // -- has prototype --> null |
| 115 // | 116 // |
| 116 // [1] WindowProperties is the named properties object of the Window interface. | 117 // [1] WindowProperties is the named properties object of the Window interface. |
| 117 // | 118 // |
| 118 // There is work in progress to refactor RemoteWindowProxy to use remote v8 | 119 // ====== RemoteWindowProxy ====== |
| 119 // contexts, to reduce the overhead of remote frames. | 120 // Since a RemoteWindowProxy only represents a cross-origin frame, it has a much |
| 121 // simpler prototype chain. |
| 122 // |
| 123 // outer global proxy |
| 124 // -- has prototype --> inner global object |
| 125 // -- has prototype --> null |
| 126 // |
| 127 // Property access to get/set attributes and methods on the outer global proxy |
| 128 // are redirected through the cross-origin interceptors, since any access will |
| 129 // fail the security check, by definition. |
| 130 // |
| 131 // However, note that method invocations still use the inner global object as |
| 132 // the receiver object. Blink bindings use v8::Signature to perform a strict |
| 133 // receiver check, which requires that the FunctionTemplate used to instantiate |
| 134 // the receiver object matches exactly. However, when creating a new context, |
| 135 // only inner global object is instantiated using Blink's global template, so by |
| 136 // definition, it is the only receiver object in the prototype chain that will |
| 137 // match. |
| 120 // | 138 // |
| 121 // ====== References ====== | 139 // ====== References ====== |
| 122 // https://wiki.mozilla.org/Gecko:SplitWindow | 140 // https://wiki.mozilla.org/Gecko:SplitWindow |
| 123 // https://whatwg.org/C/browsers.html#the-windowproxy-exotic-object | 141 // https://whatwg.org/C/browsers.html#the-windowproxy-exotic-object |
| 124 class WindowProxy : public GarbageCollectedFinalized<WindowProxy> { | 142 class WindowProxy : public GarbageCollectedFinalized<WindowProxy> { |
| 125 public: | 143 public: |
| 126 virtual ~WindowProxy(); | 144 virtual ~WindowProxy(); |
| 127 | 145 |
| 128 DECLARE_TRACE(); | 146 DECLARE_TRACE(); |
| 129 | 147 |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 174 protected: | 192 protected: |
| 175 // TODO(dcheng): Consider making these private and using getters. | 193 // TODO(dcheng): Consider making these private and using getters. |
| 176 const RefPtr<DOMWrapperWorld> m_world; | 194 const RefPtr<DOMWrapperWorld> m_world; |
| 177 ScopedPersistent<v8::Object> m_globalProxy; | 195 ScopedPersistent<v8::Object> m_globalProxy; |
| 178 Lifecycle m_lifecycle; | 196 Lifecycle m_lifecycle; |
| 179 }; | 197 }; |
| 180 | 198 |
| 181 } // namespace blink | 199 } // namespace blink |
| 182 | 200 |
| 183 #endif // WindowProxy_h | 201 #endif // WindowProxy_h |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2720973002:
Switch RemoteWindowProxy to use v8::Context::NewRemoteContext. (Closed)
