Implement WindowTimers.set{Timeout,Interval} without [Custom]

Source/core/frame/DOMWindowTimers.cpp

Index: Source/core/frame/DOMWindowTimers.cpp
diff --git a/Source/core/frame/DOMWindowTimers.cpp b/Source/core/frame/DOMWindowTimers.cpp
index 7f9aae6a3c4af84bcb2ef6da34038d909de23db0..42cb0fdd57f5e030736531e6b93bb181caf42bc1 100644
--- a/Source/core/frame/DOMWindowTimers.cpp
+++ b/Source/core/frame/DOMWindowTimers.cpp
@@ -33,21 +33,80 @@
 #include "config.h"
 #include "core/frame/DOMWindowTimers.h"
 
+#include "core/dom/Document.h"
+#include "core/dom/ExecutionContext.h"
 #include "core/events/EventTarget.h"
 #include "core/frame/DOMTimer.h"
+#include "core/frame/csp/ContentSecurityPolicy.h"
+#include "core/workers/WorkerGlobalScope.h"
 
 namespace blink {
 
 namespace DOMWindowTimers {
 
-int setTimeout(EventTarget& eventTarget, PassOwnPtr<ScheduledAction> action, int timeout)
+static bool isAllowed(ExecutionContext* executionContext, bool isEval)
 {
-    return DOMTimer::install(eventTarget.executionContext(), action, timeout, true);
+    if (executionContext->isDocument()) {
+        Document* document = static_cast<Document*>(executionContext);
+        if (isEval && !document->contentSecurityPolicy()->allowEval())
+            return false;
+        return true;
+    }
+    if (executionContext->isWorkerGlobalScope()) {
+        WorkerGlobalScope* workerGlobalScope = static_cast<WorkerGlobalScope*>(executionContext);
+        if (!workerGlobalScope->script())
+            return false;
+        ContentSecurityPolicy* policy = workerGlobalScope->contentSecurityPolicy();
+        if (isEval && policy && !policy->allowEval())
+            return false;
+        return true;
+    }
+    ASSERT_NOT_REACHED();
+    return false;
 }
 
-int setInterval(EventTarget& eventTarget, PassOwnPtr<ScheduledAction> action, int timeout)
+int setTimeout(ScriptState* scriptState, EventTarget& eventTarget, const ScriptValue& handler, int timeout, const Vector<ScriptValue>& arguments)
 {
-    return DOMTimer::install(eventTarget.executionContext(), action, timeout, false);
+    ExecutionContext* executionContext = eventTarget.executionContext();
+    if (!isAllowed(executionContext, false))
+        return 0;
+    OwnPtr<ScheduledAction> action = ScheduledAction::create(scriptState, handler, arguments);
+    return DOMTimer::install(executionContext, action.release(), timeout, true);
+}
+
+int setTimeout(ScriptState* scriptState, EventTarget& eventTarget, String handler, int timeout, const Vector<ScriptValue>&)
+{
+    ExecutionContext* executionContext = eventTarget.executionContext();
+    if (!isAllowed(executionContext, true))
+        return 0;
+    // Don't allow setting timeouts to run empty functions!
+    // (Bug 1009597)

[Yuta Kitamura, 2014/11/14 08:24:06]

I know that's not something you wrote, but I had initially no
idea about where the number came from ;)

This actually came from Google's internal bug tracker, and
the bug was essentially about some sites taking 40-50% CPU for
empty handlers.

[BTW, this should not be the case with our current implementation,
because we now align the tasks in 4ms granurality, IIRC. However,
there's no strong reason to drop this early return, so I think we
can just keep this optimization.]

So, to summarize, you can simply drop the bug number, and possibly
add some comments mentioning that some empty hander was a CPU hog
in the past.

[Jens Widell, 2014/11/14 10:19:27]

Thanks for the information! I did wonder what kind of bug number it was, but
since I just copied the code, I didn't wonder enough to take any action. :-)

Comment(s) modified slightly.

+    if (handler.isEmpty())
+        return 0;
+    OwnPtr<ScheduledAction> action = ScheduledAction::create(scriptState, handler);
+    return DOMTimer::install(executionContext, action.release(), timeout, true);
+}
+
+int setInterval(ScriptState* scriptState, EventTarget& eventTarget, const ScriptValue& handler, int timeout, const Vector<ScriptValue>& arguments)
+{
+    ExecutionContext* executionContext = eventTarget.executionContext();
+    if (!isAllowed(executionContext, false))
+        return 0;
+    OwnPtr<ScheduledAction> action = ScheduledAction::create(scriptState, handler, arguments);
+    return DOMTimer::install(executionContext, action.release(), timeout, false);
+}
+
+int setInterval(ScriptState* scriptState, EventTarget& eventTarget, String handler, int timeout, const Vector<ScriptValue>&)
+{
+    ExecutionContext* executionContext = eventTarget.executionContext();
+    if (!isAllowed(executionContext, true))
+        return 0;
+    // Don't allow setting timeouts to run empty functions!
+    // (Bug 1009597)

[Yuta Kitamura, 2014/11/14 08:24:06]

Ditto.

+    if (handler.isEmpty())
+        return 0;
+    OwnPtr<ScheduledAction> action = ScheduledAction::create(scriptState, handler);
+    return DOMTimer::install(executionContext, action.release(), timeout, false);
 }
 
 void clearTimeout(EventTarget& eventTarget, int timeoutID)