| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // This module implements the shared functionality for different guestview | 5 // This module implements the shared functionality for different guestview |
| 6 // containers, such as web_view, app_view, etc. | 6 // containers, such as web_view, app_view, etc. |
| 7 | 7 |
| 8 var DocumentNatives = requireNative('document_natives'); | 8 var DocumentNatives = requireNative('document_natives'); |
| 9 var GuestView = require('guestView').GuestView; | 9 var GuestView = require('guestView').GuestView; |
| 10 var GuestViewInternalNatives = requireNative('guest_view_internal'); | 10 var GuestViewInternalNatives = requireNative('guest_view_internal'); |
| (...skipping 13 matching lines...) Expand all Loading... |
| 24 this.setupAttributes(); | 24 this.setupAttributes(); |
| 25 | 25 |
| 26 privates(this).internalElement = this.createInternalElement$(); | 26 privates(this).internalElement = this.createInternalElement$(); |
| 27 this.setupFocusPropagation(); | 27 this.setupFocusPropagation(); |
| 28 var shadowRoot = this.element.createShadowRoot(); | 28 var shadowRoot = this.element.createShadowRoot(); |
| 29 shadowRoot.appendChild(privates(this).internalElement); | 29 shadowRoot.appendChild(privates(this).internalElement); |
| 30 | 30 |
| 31 GuestViewInternalNatives.RegisterView(this.viewInstanceId, this, viewType); | 31 GuestViewInternalNatives.RegisterView(this.viewInstanceId, this, viewType); |
| 32 } | 32 } |
| 33 | 33 |
| 34 // Prevent GuestViewContainer inadvertently inheriting code from the global |
| 35 // Object, allowing a pathway for executing unintended user code execution. |
| 36 GuestViewContainer.prototype.__proto__ = null; |
| 37 |
| 34 // Forward public API methods from |proto| to their internal implementations. | 38 // Forward public API methods from |proto| to their internal implementations. |
| 35 GuestViewContainer.forwardApiMethods = function(proto, apiMethods) { | 39 GuestViewContainer.forwardApiMethods = function(proto, apiMethods) { |
| 36 var createProtoHandler = function(m) { | 40 var createProtoHandler = function(m) { |
| 37 return function(var_args) { | 41 return function(var_args) { |
| 38 var internal = privates(this).internal; | 42 var internal = privates(this).internal; |
| 39 return $Function.apply(internal[m], internal, arguments); | 43 return $Function.apply(internal[m], internal, arguments); |
| 40 }; | 44 }; |
| 41 }; | 45 }; |
| 42 for (var i = 0; apiMethods[i]; ++i) { | 46 for (var i = 0; apiMethods[i]; ++i) { |
| 43 proto[apiMethods[i]] = createProtoHandler(apiMethods[i]); | 47 proto[apiMethods[i]] = createProtoHandler(apiMethods[i]); |
| (...skipping 250 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 294 // Delete the callbacks so developers cannot call them and produce unexpected | 298 // Delete the callbacks so developers cannot call them and produce unexpected |
| 295 // behavior. | 299 // behavior. |
| 296 delete proto.createdCallback; | 300 delete proto.createdCallback; |
| 297 delete proto.attachedCallback; | 301 delete proto.attachedCallback; |
| 298 delete proto.detachedCallback; | 302 delete proto.detachedCallback; |
| 299 delete proto.attributeChangedCallback; | 303 delete proto.attributeChangedCallback; |
| 300 } | 304 } |
| 301 | 305 |
| 302 // Exports. | 306 // Exports. |
| 303 exports.$set('GuestViewContainer', GuestViewContainer); | 307 exports.$set('GuestViewContainer', GuestViewContainer); |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2730383002:
Don't allow GuestView JS objects to inherit global prototype. (Closed)
