| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2008, 2009 Google Inc. All rights reserved. | 2 * Copyright (C) 2008, 2009 Google Inc. All rights reserved. |
| 3 * Copyright (C) 2009 Apple Inc. All rights reserved. | 3 * Copyright (C) 2009 Apple Inc. All rights reserved. |
| 4 * Copyright (C) 2014 Opera Software ASA. All rights reserved. | 4 * Copyright (C) 2014 Opera Software ASA. All rights reserved. |
| 5 * | 5 * |
| 6 * Redistribution and use in source and binary forms, with or without | 6 * Redistribution and use in source and binary forms, with or without |
| 7 * modification, are permitted provided that the following conditions are | 7 * modification, are permitted provided that the following conditions are |
| 8 * met: | 8 * met: |
| 9 * | 9 * |
| 10 * * Redistributions of source code must retain the above copyright | 10 * * Redistributions of source code must retain the above copyright |
| (...skipping 540 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 551 | 551 |
| 552 if (result.IsEmpty() || !result->IsString()) | 552 if (result.IsEmpty() || !result->IsString()) |
| 553 return true; | 553 return true; |
| 554 String scriptResult = toCoreString(v8::Handle<v8::String>::Cast(result)); | 554 String scriptResult = toCoreString(v8::Handle<v8::String>::Cast(result)); |
| 555 | 555 |
| 556 // We're still in a frame, so there should be a DocumentLoader. | 556 // We're still in a frame, so there should be a DocumentLoader. |
| 557 ASSERT(m_frame->document()->loader()); | 557 ASSERT(m_frame->document()->loader()); |
| 558 if (!locationChangeBefore && m_frame->navigationScheduler().locationChangePe
nding()) | 558 if (!locationChangeBefore && m_frame->navigationScheduler().locationChangePe
nding()) |
| 559 return true; | 559 return true; |
| 560 | 560 |
| 561 // DocumentWriter::replaceDocument can cause the DocumentLoader to get deref
'ed and possible destroyed, | 561 m_frame->loader().replaceDocumentWhileExecutingJavaScriptURL(scriptResult, o
wnerDocument.get()); |
| 562 // so protect it with a RefPtr. | |
| 563 if (RefPtr<DocumentLoader> loader = m_frame->document()->loader()) { | |
| 564 UseCounter::count(*m_frame->document(), UseCounter::ReplaceDocumentViaJa
vaScriptURL); | |
| 565 loader->replaceDocument(scriptResult, ownerDocument.get()); | |
| 566 } | |
| 567 return true; | 562 return true; |
| 568 } | 563 } |
| 569 | 564 |
| 570 void ScriptController::executeScriptInMainWorld(const String& script, ExecuteScr
iptPolicy policy) | 565 void ScriptController::executeScriptInMainWorld(const String& script, ExecuteScr
iptPolicy policy) |
| 571 { | 566 { |
| 572 v8::HandleScope handleScope(m_isolate); | 567 v8::HandleScope handleScope(m_isolate); |
| 573 evaluateScriptInMainWorld(ScriptSourceCode(script), NotSharableCrossOrigin,
policy); | 568 evaluateScriptInMainWorld(ScriptSourceCode(script), NotSharableCrossOrigin,
policy); |
| 574 } | 569 } |
| 575 | 570 |
| 576 void ScriptController::executeScriptInMainWorld(const ScriptSourceCode& sourceCo
de, AccessControlStatus corsStatus) | 571 void ScriptController::executeScriptInMainWorld(const ScriptSourceCode& sourceCo
de, AccessControlStatus corsStatus) |
| (...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 638 resultArray->Set(i, evaluationResult); | 633 resultArray->Set(i, evaluationResult); |
| 639 } | 634 } |
| 640 | 635 |
| 641 if (results) { | 636 if (results) { |
| 642 for (size_t i = 0; i < resultArray->Length(); ++i) | 637 for (size_t i = 0; i < resultArray->Length(); ++i) |
| 643 results->append(handleScope.Escape(resultArray->Get(i))); | 638 results->append(handleScope.Escape(resultArray->Get(i))); |
| 644 } | 639 } |
| 645 } | 640 } |
| 646 | 641 |
| 647 } // namespace blink | 642 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 495743003:
Add an extra guard to replaceDocument() (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master