OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights reserv ed. | 5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights reserv ed. |
6 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org> | 6 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org> |
7 * | 7 * |
8 * This library is free software; you can redistribute it and/or | 8 * This library is free software; you can redistribute it and/or |
9 * modify it under the terms of the GNU Library General Public | 9 * modify it under the terms of the GNU Library General Public |
10 * License as published by the Free Software Foundation; either | 10 * License as published by the Free Software Foundation; either |
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
59 , m_startLineNumber(WTF::OrdinalNumber::beforeFirst()) | 59 , m_startLineNumber(WTF::OrdinalNumber::beforeFirst()) |
60 , m_parserInserted(parserInserted) | 60 , m_parserInserted(parserInserted) |
61 , m_isExternalScript(false) | 61 , m_isExternalScript(false) |
62 , m_alreadyStarted(alreadyStarted) | 62 , m_alreadyStarted(alreadyStarted) |
63 , m_haveFiredLoad(false) | 63 , m_haveFiredLoad(false) |
64 , m_willBeParserExecuted(false) | 64 , m_willBeParserExecuted(false) |
65 , m_readyToBeParserExecuted(false) | 65 , m_readyToBeParserExecuted(false) |
66 , m_willExecuteWhenDocumentFinishedParsing(false) | 66 , m_willExecuteWhenDocumentFinishedParsing(false) |
67 , m_forceAsync(!parserInserted) | 67 , m_forceAsync(!parserInserted) |
68 , m_willExecuteInOrder(false) | 68 , m_willExecuteInOrder(false) |
69 , m_asPotentiallyCORSEnabledLoad(false) | |
69 { | 70 { |
70 ASSERT(m_element); | 71 ASSERT(m_element); |
71 if (parserInserted && element->document().scriptableDocumentParser() && !ele ment->document().isInDocumentWrite()) | 72 if (parserInserted && element->document().scriptableDocumentParser() && !ele ment->document().isInDocumentWrite()) |
72 m_startLineNumber = element->document().scriptableDocumentParser()->line Number(); | 73 m_startLineNumber = element->document().scriptableDocumentParser()->line Number(); |
73 } | 74 } |
74 | 75 |
75 ScriptLoader::~ScriptLoader() | 76 ScriptLoader::~ScriptLoader() |
76 { | 77 { |
77 stopLoadRequest(); | 78 stopLoadRequest(); |
78 } | 79 } |
(...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
234 m_willExecuteInOrder = true; | 235 m_willExecuteInOrder = true; |
235 contextDocument->scriptRunner()->queueScriptForExecution(this, m_resourc e, ScriptRunner::IN_ORDER_EXECUTION); | 236 contextDocument->scriptRunner()->queueScriptForExecution(this, m_resourc e, ScriptRunner::IN_ORDER_EXECUTION); |
236 m_resource->addClient(this); | 237 m_resource->addClient(this); |
237 } else if (client->hasSourceAttribute()) { | 238 } else if (client->hasSourceAttribute()) { |
238 contextDocument->scriptRunner()->queueScriptForExecution(this, m_resourc e, ScriptRunner::ASYNC_EXECUTION); | 239 contextDocument->scriptRunner()->queueScriptForExecution(this, m_resourc e, ScriptRunner::ASYNC_EXECUTION); |
239 m_resource->addClient(this); | 240 m_resource->addClient(this); |
240 } else { | 241 } else { |
241 // Reset line numbering for nested writes. | 242 // Reset line numbering for nested writes. |
242 TextPosition position = elementDocument.isInDocumentWrite() ? TextPositi on() : scriptStartPosition; | 243 TextPosition position = elementDocument.isInDocumentWrite() ? TextPositi on() : scriptStartPosition; |
243 KURL scriptURL = (!elementDocument.isInDocumentWrite() && m_parserInsert ed) ? elementDocument.url() : KURL(); | 244 KURL scriptURL = (!elementDocument.isInDocumentWrite() && m_parserInsert ed) ? elementDocument.url() : KURL(); |
244 executeScript(ScriptSourceCode(scriptContent(), scriptURL, position)); | 245 executePotentiallyCrossOriginScript(ScriptSourceCode(scriptContent(), sc riptURL, position)); |
abarth-chromium
2013/11/14 16:34:48
Does it matter that we're losing the return value
sof
2013/11/14 17:12:03
It does matter , i.e., the prepareScript() return
sof
2013/11/15 08:05:23
prepareScript() now returns 'false' if executePote
| |
245 } | 246 } |
246 | 247 |
247 return true; | 248 return true; |
248 } | 249 } |
249 | 250 |
250 bool ScriptLoader::fetchScript(const String& sourceUrl) | 251 bool ScriptLoader::fetchScript(const String& sourceUrl) |
251 { | 252 { |
252 ASSERT(m_element); | 253 ASSERT(m_element); |
253 | 254 |
254 RefPtr<Document> elementDocument(m_element->document()); | 255 RefPtr<Document> elementDocument(m_element->document()); |
255 if (!m_element->dispatchBeforeLoadEvent(sourceUrl)) | 256 if (!m_element->dispatchBeforeLoadEvent(sourceUrl)) |
256 return false; | 257 return false; |
257 if (!m_element->inDocument() || m_element->document() != elementDocument) | 258 if (!m_element->inDocument() || m_element->document() != elementDocument) |
258 return false; | 259 return false; |
259 | 260 |
260 ASSERT(!m_resource); | 261 ASSERT(!m_resource); |
261 if (!stripLeadingAndTrailingHTMLSpaces(sourceUrl).isEmpty()) { | 262 if (!stripLeadingAndTrailingHTMLSpaces(sourceUrl).isEmpty()) { |
262 FetchRequest request(ResourceRequest(elementDocument->completeURL(source Url)), m_element->localName()); | 263 FetchRequest request(ResourceRequest(elementDocument->completeURL(source Url)), m_element->localName()); |
263 | 264 |
264 String crossOriginMode = m_element->fastGetAttribute(HTMLNames::crossori ginAttr); | 265 String crossOriginMode = m_element->fastGetAttribute(HTMLNames::crossori ginAttr); |
265 if (!crossOriginMode.isNull()) { | 266 if (!crossOriginMode.isNull()) { |
266 StoredCredentials allowCredentials = equalIgnoringCase(crossOriginMo de, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials; | 267 StoredCredentials allowCredentials = equalIgnoringCase(crossOriginMo de, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials; |
267 request.setPotentiallyCrossOriginEnabled(elementDocument->securityOr igin(), allowCredentials); | 268 request.setPotentiallyCrossOriginEnabled(elementDocument->securityOr igin(), allowCredentials); |
269 m_asPotentiallyCORSEnabledLoad = true; | |
268 } | 270 } |
269 request.setCharset(scriptCharset()); | 271 request.setCharset(scriptCharset()); |
270 | 272 |
271 bool isValidScriptNonce = elementDocument->contentSecurityPolicy()->allo wScriptNonce(m_element->fastGetAttribute(HTMLNames::nonceAttr)); | 273 bool isValidScriptNonce = elementDocument->contentSecurityPolicy()->allo wScriptNonce(m_element->fastGetAttribute(HTMLNames::nonceAttr)); |
272 if (isValidScriptNonce) | 274 if (isValidScriptNonce) |
273 request.setContentSecurityCheck(DoNotCheckContentSecurityPolicy); | 275 request.setContentSecurityCheck(DoNotCheckContentSecurityPolicy); |
274 | 276 |
275 m_resource = elementDocument->fetcher()->fetchScript(request); | 277 m_resource = elementDocument->fetcher()->fetchScript(request); |
276 m_isExternalScript = true; | 278 m_isExternalScript = true; |
277 } | 279 } |
278 | 280 |
279 if (m_resource) { | 281 if (m_resource) |
280 return true; | 282 return true; |
281 } | |
282 | 283 |
283 dispatchErrorEvent(); | 284 dispatchErrorEvent(); |
284 return false; | 285 return false; |
285 } | 286 } |
286 | 287 |
287 bool isHTMLScriptLoader(Element* element) | 288 bool isHTMLScriptLoader(Element* element) |
288 { | 289 { |
289 return element->hasTagName(HTMLNames::scriptTag); | 290 return element->hasTagName(HTMLNames::scriptTag); |
290 } | 291 } |
291 | 292 |
(...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
355 ASSERT(resource); | 356 ASSERT(resource); |
356 if (resource->errorOccurred()) { | 357 if (resource->errorOccurred()) { |
357 dispatchErrorEvent(); | 358 dispatchErrorEvent(); |
358 } else if (!resource->wasCanceled()) { | 359 } else if (!resource->wasCanceled()) { |
359 executeScript(ScriptSourceCode(resource)); | 360 executeScript(ScriptSourceCode(resource)); |
360 dispatchLoadEvent(); | 361 dispatchLoadEvent(); |
361 } | 362 } |
362 resource->removeClient(this); | 363 resource->removeClient(this); |
363 } | 364 } |
364 | 365 |
366 bool ScriptLoader::executePotentiallyCrossOriginScript(const ScriptSourceCode& s ourceCode) | |
abarth-chromium
2013/11/14 16:34:48
It looks like the one caller ignores the return va
| |
367 { | |
368 if (sourceCode.resource() | |
369 && asPotentiallyCORSEnabledLoad() | |
370 && !m_element->document().fetcher()->canAccess(sourceCode.resource(), as PotentiallyCORSEnabledLoad())) { | |
abarth-chromium
2013/11/14 16:34:48
It seems strange that we need to check asPotential
sof
2013/11/14 17:12:03
We don't use that resource state any longer in can
| |
371 dispatchErrorEvent(); | |
372 return false; | |
373 } | |
374 executeScript(sourceCode); | |
375 return true; | |
376 } | |
377 | |
365 void ScriptLoader::notifyFinished(Resource* resource) | 378 void ScriptLoader::notifyFinished(Resource* resource) |
366 { | 379 { |
367 ASSERT(!m_willBeParserExecuted); | 380 ASSERT(!m_willBeParserExecuted); |
368 | 381 |
369 RefPtr<Document> elementDocument(m_element->document()); | 382 RefPtr<Document> elementDocument(m_element->document()); |
370 RefPtr<Document> contextDocument = elementDocument->contextDocument().get(); | 383 RefPtr<Document> contextDocument = elementDocument->contextDocument().get(); |
371 if (!contextDocument) | 384 if (!contextDocument) |
372 return; | 385 return; |
373 | 386 |
374 // Resource possibly invokes this notifyFinished() more than | 387 // Resource possibly invokes this notifyFinished() more than |
375 // once because ScriptLoader doesn't unsubscribe itself from | 388 // once because ScriptLoader doesn't unsubscribe itself from |
376 // Resource here and does it in execute() instead. | 389 // Resource here and does it in execute() instead. |
377 // We use m_resource to check if this function is already called. | 390 // We use m_resource to check if this function is already called. |
378 ASSERT_UNUSED(resource, resource == m_resource); | 391 ASSERT_UNUSED(resource, resource == m_resource); |
379 if (!m_resource) | 392 if (!m_resource) |
380 return; | 393 return; |
381 if (!elementDocument->fetcher()->canAccess(m_resource.get())) { | 394 if (!elementDocument->fetcher()->canAccess(m_resource.get(), asPotentiallyCO RSEnabledLoad())) { |
382 dispatchErrorEvent(); | 395 dispatchErrorEvent(); |
383 return; | 396 return; |
384 } | 397 } |
385 | 398 |
386 if (m_willExecuteInOrder) | 399 if (m_willExecuteInOrder) |
387 contextDocument->scriptRunner()->notifyScriptReady(this, ScriptRunner::I N_ORDER_EXECUTION); | 400 contextDocument->scriptRunner()->notifyScriptReady(this, ScriptRunner::I N_ORDER_EXECUTION); |
388 else | 401 else |
389 contextDocument->scriptRunner()->notifyScriptReady(this, ScriptRunner::A SYNC_EXECUTION); | 402 contextDocument->scriptRunner()->notifyScriptReady(this, ScriptRunner::A SYNC_EXECUTION); |
390 | 403 |
391 m_resource = 0; | 404 m_resource = 0; |
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
434 if (isHTMLScriptLoader(element)) | 447 if (isHTMLScriptLoader(element)) |
435 return toHTMLScriptElement(element)->loader(); | 448 return toHTMLScriptElement(element)->loader(); |
436 | 449 |
437 if (isSVGScriptLoader(element)) | 450 if (isSVGScriptLoader(element)) |
438 return toSVGScriptElement(element)->loader(); | 451 return toSVGScriptElement(element)->loader(); |
439 | 452 |
440 return 0; | 453 return 0; |
441 } | 454 } |
442 | 455 |
443 } | 456 } |
OLD | NEW |