Source/core/inspector/InjectedScriptSource.js - Issue 445333005: DevTools: Fix tainted Function.prototype methods may disable console. - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(194)

My Issues | Starred Open | Closed | All

Side by Side Diff: Source/core/inspector/InjectedScriptSource.js

Issue 445333005: DevTools: Fix tainted Function.prototype methods may disable console. (Closed) Base URL: svn://svn.chromium.org/blink/trunk

Patch Set: Created 6 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« Source/bindings/core/v8/custom/V8InjectedScriptHostCustom.cpp ('K') | « Source/core/inspector/InjectedScriptHost.idl ('k') | Source/devtools/scripts/check_injected_script_source.py » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 /*	1 /*

2 * Copyright (C) 2007 Apple Inc. All rights reserved.	2 * Copyright (C) 2007 Apple Inc. All rights reserved.

3 * Copyright (C) 2013 Google Inc. All rights reserved.	3 * Copyright (C) 2013 Google Inc. All rights reserved.

4 *	4 *

5 * Redistribution and use in source and binary forms, with or without	5 * Redistribution and use in source and binary forms, with or without

6 * modification, are permitted provided that the following conditions	6 * modification, are permitted provided that the following conditions

7 * are met:	7 * are met:

8 *	8 *

9 * 1. Redistributions of source code must retain the above copyright	9 * 1. Redistributions of source code must retain the above copyright

10 * notice, this list of conditions and the following disclaimer.	10 * notice, this list of conditions and the following disclaimer.

(...skipping 100 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
111 */	111 */

112 function bind(func, thisObject, var_args)	112 function bind(func, thisObject, var_args)

113 {	113 {

114 var args = slice(arguments, 2);	114 var args = slice(arguments, 2);

115	115

116 /**	116 /**

117 * @param {...} var_args	117 * @param {...} var_args

118 */	118 */

119 function bound(var_args)	119 function bound(var_args)

120 {	120 {

121 return func.apply(thisObject, concat(args, slice(arguments)));	121 return InjectedScriptHost.callFunction(func, thisObject, concat(args, sl ice(arguments)));

122 }	122 }

123 bound.toString = function()	123 bound.toString = function()

124 {	124 {

125 return "bound: " + func;	125 return "bound: " + func;

126 };	126 };

127 return bound;	127 return bound;

128 }	128 }

129	129

130 /**	130 /**

131 * @param {T} obj	131 * @param {T} obj

(...skipping 12 matching lines...) Expand all Loading...
144 * @param {*} obj	144 * @param {*} obj

145 * @return {boolean}	145 * @return {boolean}

146 */	146 */

147 function isArrayLike(obj)	147 function isArrayLike(obj)

148 {	148 {

149 try {	149 try {

150 if (typeof obj !== "object")	150 if (typeof obj !== "object")

151 return false;	151 return false;

152 if (typeof obj.splice === "function")	152 if (typeof obj.splice === "function")

153 return isFinite(obj.length);	153 return isFinite(obj.length);

154 var str = Object.prototype.toString.call(obj);	154 var str = InjectedScriptHost.callFunction(Object.prototype.toString, obj );

155 if (str === "[object Array]" \|\|	155 if (str === "[object Array]" \|\|

156 str === "[object Arguments]" \|\|	156 str === "[object Arguments]" \|\|

157 str === "[object HTMLCollection]" \|\|	157 str === "[object HTMLCollection]" \|\|

158 str === "[object NodeList]" \|\|	158 str === "[object NodeList]" \|\|

159 str === "[object DOMTokenList]")	159 str === "[object DOMTokenList]")

160 return isFinite(obj.length);	160 return isFinite(obj.length);

161 } catch (e) {	161 } catch (e) {

162 }	162 }

163 return false;	163 return false;

164 }	164 }

(...skipping 205 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
370 },	370 },

371	371

372 /**	372 /**

373 * @param {string} methodName	373 * @param {string} methodName

374 * @param {string} args	374 * @param {string} args

375 * @return {*}	375 * @return {*}

376 */	376 */

377 dispatch: function(methodName, args)	377 dispatch: function(methodName, args)

378 {	378 {

379 var argsArray = InjectedScriptHost.eval("(" + args + ")");	379 var argsArray = InjectedScriptHost.eval("(" + args + ")");

380 var result = this[methodName].apply(this, argsArray);	380 var result = InjectedScriptHost.callFunction(this[methodName], this, arg sArray);

381 if (typeof result === "undefined") {	381 if (typeof result === "undefined") {

382 inspectedWindow.console.error("Web Inspector error: InjectedScript.% s returns undefined", methodName);	382 inspectedWindow.console.error("Web Inspector error: InjectedScript.% s returns undefined", methodName);

383 result = null;	383 result = null;

384 }	384 }

385 return result;	385 return result;

386 },	386 },

387	387

388 /**	388 /**

389 * @param {string} objectId	389 * @param {string} objectId

390 * @param {boolean} ownProperties	390 * @param {boolean} ownProperties

(...skipping 120 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
511 var property = properties[i];	511 var property = properties[i];

512 if (propertyProcessed[property])	512 if (propertyProcessed[property])

513 continue;	513 continue;

514	514

515 var name = property;	515 var name = property;

516 if (isSymbol(property))	516 if (isSymbol(property))

517 name = injectedScript._describe(property);	517 name = injectedScript._describe(property);

518	518

519 try {	519 try {

520 propertyProcessed[property] = true;	520 propertyProcessed[property] = true;

521 var descriptor = nullifyObjectProto(InjectedScriptHost.suppr essWarningsAndCall(Object, Object.getOwnPropertyDescriptor, o, property));	521 var descriptor = nullifyObjectProto(InjectedScriptHost.suppr essWarningsAndCallFunction(Object.getOwnPropertyDescriptor, Object, [o, property ]));

522 if (descriptor) {	522 if (descriptor) {

523 if (accessorPropertiesOnly && !("get" in descriptor \|\| " set" in descriptor))	523 if (accessorPropertiesOnly && !("get" in descriptor \|\| " set" in descriptor))

524 continue;	524 continue;

525 } else {	525 } else {

526 // Not all bindings provide proper descriptors. Fall bac k to the writable, configurable property.	526 // Not all bindings provide proper descriptors. Fall bac k to the writable, configurable property.

527 if (accessorPropertiesOnly)	527 if (accessorPropertiesOnly)

528 continue;	528 continue;

529 try {	529 try {

530 descriptor = { name: name, value: o[property], writa ble: false, configurable: false, enumerable: false, __proto__: null };	530 descriptor = { name: name, value: o[property], writa ble: false, configurable: false, enumerable: false, __proto__: null };

531 if (o === object)	531 if (o === object)

(...skipping 77 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
609 }	609 }

610 }	610 }

611	611

612 try {	612 try {

613 var objectGroup = this._idToObjectGroupName[parsedObjectId.id];	613 var objectGroup = this._idToObjectGroupName[parsedObjectId.id];

614 var func = InjectedScriptHost.eval("(" + expression + ")");	614 var func = InjectedScriptHost.eval("(" + expression + ")");

615 if (typeof func !== "function")	615 if (typeof func !== "function")

616 return "Given expression does not evaluate to a function";	616 return "Given expression does not evaluate to a function";

617	617

618 return { wasThrown: false,	618 return { wasThrown: false,

619 result: this._wrapObject(func.apply(object, resolvedArgs), objectGroup, returnByValue),	619 result: this._wrapObject(InjectedScriptHost.callFunction(fu nc, object, resolvedArgs), objectGroup, returnByValue),

620 __proto__: null };	620 __proto__: null };

621 } catch (e) {	621 } catch (e) {

622 return this._createThrownValue(e, objectGroup, false);	622 return this._createThrownValue(e, objectGroup, false);

623 }	623 }

624 },	624 },

625	625

626 /**	626 /**

627 * Resolves a value from CallArgument description.	627 * Resolves a value from CallArgument description.

628 * @param {!RuntimeAgent.CallArgument} callArgumentJson	628 * @param {!RuntimeAgent.CallArgument} callArgumentJson

629 * @return {*} resolved value	629 * @return {*} resolved value

(...skipping 96 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
726 prefix = "with (__scopeChainForEval[" + i + "] \|\| { __proto_ _: null }) {" + (suffix ? " " : "") + prefix;	726 prefix = "with (__scopeChainForEval[" + i + "] \|\| { __proto_ _: null }) {" + (suffix ? " " : "") + prefix;

727 if (suffix)	727 if (suffix)

728 suffix += " }";	728 suffix += " }";

729 else	729 else

730 suffix = "}";	730 suffix = "}";

731 }	731 }

732 }	732 }

733	733

734 if (prefix)	734 if (prefix)

735 expression = prefix + "\n" + expression + "\n" + suffix;	735 expression = prefix + "\n" + expression + "\n" + suffix;

736 var wrappedResult = evalFunction.call(object, expression);	736 var wrappedResult = InjectedScriptHost.callFunction(evalFunction, ob ject, [expression]);

737 if (objectGroup === "console" && !wrappedResult.exceptionDetails)	737 if (objectGroup === "console" && !wrappedResult.exceptionDetails)

738 this._lastResult = wrappedResult.result;	738 this._lastResult = wrappedResult.result;

739 return wrappedResult;	739 return wrappedResult;

740 } finally {	740 } finally {

741 if (injectCommandLineAPI)	741 if (injectCommandLineAPI)

742 delete inspectedWindow.__commandLineAPI;	742 delete inspectedWindow.__commandLineAPI;

743 if (injectScopeChain)	743 if (injectScopeChain)

744 delete inspectedWindow.__scopeChainForEval;	744 delete inspectedWindow.__scopeChainForEval;

745 }	745 }

746 },	746 },

(...skipping 192 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
939 * @return {?Object}	939 * @return {?Object}

940 */	940 */

941 injectModule: function(name, source)	941 injectModule: function(name, source)

942 {	942 {

943 delete this._modules[name];	943 delete this._modules[name];

944 var moduleFunction = InjectedScriptHost.eval("(" + source + ")");	944 var moduleFunction = InjectedScriptHost.eval("(" + source + ")");

945 if (typeof moduleFunction !== "function") {	945 if (typeof moduleFunction !== "function") {

946 inspectedWindow.console.error("Web Inspector error: A function was e xpected for module %s evaluation", name);	946 inspectedWindow.console.error("Web Inspector error: A function was e xpected for module %s evaluation", name);

947 return null;	947 return null;

948 }	948 }

949 var module = moduleFunction.call(inspectedWindow, InjectedScriptHost, in spectedWindow, injectedScriptId, this);	949 var module = InjectedScriptHost.callFunction(moduleFunction, inspectedWi ndow, [InjectedScriptHost, inspectedWindow, injectedScriptId, this]);

950 this._modules[name] = module;	950 this._modules[name] = module;

951 return module;	951 return module;

952 },	952 },

953	953

954 /**	954 /**

955 * @param {*} object	955 * @param {*} object

956 * @return {boolean}	956 * @return {boolean}

957 */	957 */

958 _isDefined: function(object)	958 _isDefined: function(object)

959 {	959 {

(...skipping 74 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1034 className += "[" + obj.length + "]";	1034 className += "[" + obj.length + "]";

1035 return className;	1035 return className;

1036 }	1036 }

1037	1037

1038 // NodeList in JSC is a function, check for array prior to this.	1038 // NodeList in JSC is a function, check for array prior to this.

1039 if (typeof obj === "function")	1039 if (typeof obj === "function")

1040 return toString(obj);	1040 return toString(obj);

1041	1041

1042 if (isSymbol(obj)) {	1042 if (isSymbol(obj)) {

1043 try {	1043 try {

1044 return Symbol.prototype.toString.call(obj) \|\| "Symbol";	1044 return InjectedScriptHost.callFunction(Symbol.prototype.toString , obj) \|\| "Symbol";

1045 } catch (e) {	1045 } catch (e) {

1046 return "Symbol";	1046 return "Symbol";

1047 }	1047 }

1048 }	1048 }

1049	1049

1050 if (obj instanceof Error && !!obj.message)	1050 if (obj instanceof Error && !!obj.message)

1051 return className + ": " + obj.message;	1051 return className + ": " + obj.message;

1052	1052

1053 return className;	1053 return className;

1054 }	1054 }

(...skipping 442 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1497 push(nodes, node);	1497 push(nodes, node);

1498 return nodes;	1498 return nodes;

1499 }	1499 }

1500 },	1500 },

1501	1501

1502 /**	1502 /**

1503 * @return {*}	1503 * @return {*}

1504 */	1504 */

1505 dir: function(var_args)	1505 dir: function(var_args)

1506 {	1506 {

1507 return inspectedWindow.console.dir.apply(inspectedWindow.console, argume nts)	1507 return InjectedScriptHost.callFunction(inspectedWindow.console.dir, insp ectedWindow.console, slice(arguments));

1508 },	1508 },

1509	1509

1510 /**	1510 /**

1511 * @return {*}	1511 * @return {*}

1512 */	1512 */

1513 dirxml: function(var_args)	1513 dirxml: function(var_args)

1514 {	1514 {

1515 return inspectedWindow.console.dirxml.apply(inspectedWindow.console, arg uments)	1515 return InjectedScriptHost.callFunction(inspectedWindow.console.dirxml, i nspectedWindow.console, slice(arguments));

1516 },	1516 },

1517	1517

1518 /**	1518 /**

1519 * @return {!Array.<string>}	1519 * @return {!Array.<string>}

1520 */	1520 */

1521 keys: function(object)	1521 keys: function(object)

1522 {	1522 {

1523 return Object.keys(object);	1523 return Object.keys(object);

1524 },	1524 },

1525	1525

1526 /**	1526 /**

1527 * @return {!Array.<*>}	1527 * @return {!Array.<*>}

1528 */	1528 */

1529 values: function(object)	1529 values: function(object)

1530 {	1530 {

1531 var result = [];	1531 var result = [];

1532 for (var key in object)	1532 for (var key in object)

1533 push(result, object[key]);	1533 push(result, object[key]);

1534 return result;	1534 return result;

1535 },	1535 },

1536	1536

1537 /**	1537 /**

1538 * @return {*}	1538 * @return {*}

1539 */	1539 */

1540 profile: function(opt_title)	1540 profile: function(opt_title)

1541 {	1541 {

1542 return inspectedWindow.console.profile.apply(inspectedWindow.console, ar guments)	1542 return InjectedScriptHost.callFunction(inspectedWindow.console.profile, inspectedWindow.console, slice(arguments));

1543 },	1543 },

1544	1544

1545 /**	1545 /**

1546 * @return {*}	1546 * @return {*}

1547 */	1547 */

1548 profileEnd: function(opt_title)	1548 profileEnd: function(opt_title)

1549 {	1549 {

1550 return inspectedWindow.console.profileEnd.apply(inspectedWindow.console, arguments)	1550 return InjectedScriptHost.callFunction(inspectedWindow.console.profileEn d, inspectedWindow.console, slice(arguments));

1551 },	1551 },

1552	1552

1553 /**	1553 /**

1554 * @param {!Object} object	1554 * @param {!Object} object

1555 * @param {!Array.<string>\|string=} opt_types	1555 * @param {!Array.<string>\|string=} opt_types

1556 */	1556 */

1557 monitorEvents: function(object, opt_types)	1557 monitorEvents: function(object, opt_types)

1558 {	1558 {

1559 if (!object \|\| !object.addEventListener \|\| !object.removeEventListener)	1559 if (!object \|\| !object.addEventListener \|\| !object.removeEventListener)

1560 return;	1560 return;

(...skipping 90 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1651 InjectedScriptHost.monitorFunction(fn);	1651 InjectedScriptHost.monitorFunction(fn);

1652 },	1652 },

1653	1653

1654 unmonitor: function(fn)	1654 unmonitor: function(fn)

1655 {	1655 {

1656 InjectedScriptHost.unmonitorFunction(fn);	1656 InjectedScriptHost.unmonitorFunction(fn);

1657 },	1657 },

1658	1658

1659 table: function(data, opt_columns)	1659 table: function(data, opt_columns)

1660 {	1660 {

1661 inspectedWindow.console.table.apply(inspectedWindow.console, arguments);	1661 InjectedScriptHost.callFunction(inspectedWindow.console.table, inspected Window.console, slice(arguments));

1662 },	1662 },

1663	1663

1664 /**	1664 /**

1665 * @param {number} num	1665 * @param {number} num

1666 */	1666 */

1667 _inspectedObject: function(num)	1667 _inspectedObject: function(num)

1668 {	1668 {

1669 return InjectedScriptHost.inspectedObject(num);	1669 return InjectedScriptHost.inspectedObject(num);

1670 },	1670 },

1671	1671

(...skipping 29 matching lines...) Expand all Loading...
1701 */	1701 */

1702 _logEvent: function(event)	1702 _logEvent: function(event)

1703 {	1703 {

1704 inspectedWindow.console.log(event.type, event);	1704 inspectedWindow.console.log(event.type, event);

1705 }	1705 }

1706 }	1706 }

1707	1707

1708 injectedScript._commandLineAPIImpl = new CommandLineAPIImpl();	1708 injectedScript._commandLineAPIImpl = new CommandLineAPIImpl();

1709 return injectedScript;	1709 return injectedScript;

1710 })	1710 })

OLD	NEW

« Source/bindings/core/v8/custom/V8InjectedScriptHostCustom.cpp ('K') | « Source/core/inspector/InjectedScriptHost.idl ('k') | Source/devtools/scripts/check_injected_script_source.py » ('j') | no next file with comments »

Powered by Google App Engine

This is Rietveld 408576698