Changeset 104412 in webkit

Timestamp:

Jan 8, 2012 3:15:42 PM (12 years ago)

Author:

abarth@webkit.org

Message:

Rename checkNodeSecurity and allowsAccessFromFrame to have sensible names
​https://bugs.webkit.org/show_bug.cgi?id=75796

Reviewed by Sam Weinig.

This patch contains only renames and FIXME comments. No behavior change.

• bindings/js/JSDOMBinding.cpp:

(WebCore::allowAccessToNode):
(WebCore::allowAccessToFrame):

• bindings/js/JSDOMBinding.h:
• bindings/js/JSHTMLFrameElementCustom.cpp:

(WebCore::allowSettingJavascriptURL):

• bindings/js/JSHistoryCustom.cpp:

(WebCore::JSHistory::getOwnPropertySlotDelegate):
(WebCore::JSHistory::getOwnPropertyDescriptorDelegate):
(WebCore::JSHistory::putDelegate):
(WebCore::JSHistory::deleteProperty):
(WebCore::JSHistory::getOwnPropertyNames):

• bindings/js/JSLocationCustom.cpp:

(WebCore::JSLocation::getOwnPropertySlotDelegate):
(WebCore::JSLocation::getOwnPropertyDescriptorDelegate):
(WebCore::JSLocation::putDelegate):
(WebCore::JSLocation::deleteProperty):
(WebCore::JSLocation::getOwnPropertyNames):
(WebCore::JSLocation::toStringFunction):

• bindings/js/ScriptController.cpp:

(WebCore::ScriptController::canAccessFromCurrentOrigin):

• bindings/scripts/CodeGeneratorJS.pm:

(GenerateGetOwnPropertyDescriptorBody):
(GenerateImplementation):

• bindings/scripts/CodeGeneratorV8.pm:

(GenerateNormalAttrGetter):
(GenerateFunctionCallback):

Location:

trunk/Source/WebCore

Files:

• ChangeLog (modified) (1 diff)
• bindings/generic/BindingSecurity.h (modified) (3 diffs)
• bindings/js/JSDOMBinding.cpp (modified) (2 diffs)
• bindings/js/JSDOMBinding.h (modified) (1 diff)
• bindings/js/JSHTMLFrameElementCustom.cpp (modified) (1 diff)
• bindings/js/JSHistoryCustom.cpp (modified) (5 diffs)
• bindings/js/JSLocationCustom.cpp (modified) (6 diffs)
• bindings/js/ScriptController.cpp (modified) (1 diff)
• bindings/scripts/CodeGeneratorJS.pm (modified) (5 diffs)
• bindings/scripts/CodeGeneratorV8.pm (modified) (2 diffs)

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2012-01-08  Adam Barth  <abarth@webkit.org>
+
+        Rename checkNodeSecurity and allowsAccessFromFrame to have sensible names
+        https://bugs.webkit.org/show_bug.cgi?id=75796
+
+        Reviewed by Sam Weinig.
+
+        This patch contains only renames and FIXME comments.  No behavior change.
+
+        * bindings/js/JSDOMBinding.cpp:
+        (WebCore::allowAccessToNode):
+        (WebCore::allowAccessToFrame):
+        * bindings/js/JSDOMBinding.h:
+        * bindings/js/JSHTMLFrameElementCustom.cpp:
+        (WebCore::allowSettingJavascriptURL):
+        * bindings/js/JSHistoryCustom.cpp:
+        (WebCore::JSHistory::getOwnPropertySlotDelegate):
+        (WebCore::JSHistory::getOwnPropertyDescriptorDelegate):
+        (WebCore::JSHistory::putDelegate):
+        (WebCore::JSHistory::deleteProperty):
+        (WebCore::JSHistory::getOwnPropertyNames):
+        * bindings/js/JSLocationCustom.cpp:
+        (WebCore::JSLocation::getOwnPropertySlotDelegate):
+        (WebCore::JSLocation::getOwnPropertyDescriptorDelegate):
+        (WebCore::JSLocation::putDelegate):
+        (WebCore::JSLocation::deleteProperty):
+        (WebCore::JSLocation::getOwnPropertyNames):
+        (WebCore::JSLocation::toStringFunction):
+        * bindings/js/ScriptController.cpp:
+        (WebCore::ScriptController::canAccessFromCurrentOrigin):
+        * bindings/scripts/CodeGeneratorJS.pm:
+        (GenerateGetOwnPropertyDescriptorBody):
+        (GenerateImplementation):
+        * bindings/scripts/CodeGeneratorV8.pm:
+        (GenerateNormalAttrGetter):
+        (GenerateFunctionCallback):
+
 2012-01-08  Adam Barth  <abarth@webkit.org>
 

trunk/Source/WebCore/bindings/generic/BindingSecurity.h

@@ -56 +56 @@
     // Check if it is safe to access the given node from the
     // current security context.
-    static bool checkNodeSecurity(State<Binding>*, Node* target);
+    static bool allowAccessToNode(State<Binding>*, Node* target);
 
     static bool allowPopUp(State<Binding>*);
@@ -102 +102 @@
 
 template <class Binding>
-bool BindingSecurity<Binding>::checkNodeSecurity(State<Binding>* state, Node* node)
+bool BindingSecurity<Binding>::allowAccessToNode(State<Binding>* state, Node* node)
 {
     if (!node)
@@ -132 +132 @@
     if (protocolIsJavaScript(stripLeadingAndTrailingHTMLSpaces(value))) {
         Node* contentDoc = frame->contentDocument();
-        if (contentDoc && !checkNodeSecurity(state, contentDoc))
+        if (contentDoc && !allowAccessToNode(state, contentDoc))
             return false;
     }

trunk/Source/WebCore/bindings/js/JSDOMBinding.cpp

@@ -217 +217 @@
 }
 
-bool checkNodeSecurity(ExecState* exec, Node* node)
-{
-    return node && allowsAccessFromFrame(exec, node->document()->frame());
-}
-
-bool allowsAccessFromFrame(ExecState* exec, Frame* frame)
+bool allowAccessToNode(ExecState* exec, Node* node)
+{
+    return node && allowAccessToFrame(exec, node->document()->frame());
+}
+
+bool allowAccessToFrame(ExecState* exec, Frame* frame)
 {
     if (!frame)
@@ -230 +230 @@
 }
 
-bool allowsAccessFromFrame(ExecState* exec, Frame* frame, String& message)
+bool allowAccessToFrame(ExecState* exec, Frame* frame, String& message)
 {
     if (!frame)

trunk/Source/WebCore/bindings/js/JSDOMBinding.h

@@ -281 +281 @@
     JSC::JSObject* toJSSequence(JSC::ExecState*, JSC::JSValue, unsigned&);
 
-    bool checkNodeSecurity(JSC::ExecState*, Node*);
-
-    // Helpers for Window, History, and Location classes to implement cross-domain policy.
-    // Besides the cross-domain check, they need non-caching versions of staticFunctionGetter for
-    // because we do not want current property values involved at all.
-    // FIXME: These functions should be named frameAllowsAccessFrom, because the access is *to* the frame.
-    bool allowsAccessFromFrame(JSC::ExecState*, Frame*);
-    bool allowsAccessFromFrame(JSC::ExecState*, Frame*, String& message);
+    // FIXME: Implement allowAccessToContext(JSC::ExecState*, ScriptExecutionContext*);
+    bool allowAccessToNode(JSC::ExecState*, Node*);
+    bool allowAccessToFrame(JSC::ExecState*, Frame*);
+    bool allowAccessToFrame(JSC::ExecState*, Frame*, String& message);
+    // FIXME: Implement allowAccessToDOMWindow(JSC::ExecState*, DOMWindow*);
+
+    // FIXME: Remove these functions in favor of activeContext and
+    // firstContext, which return ScriptExecutionContext*. We prefer to use
+    // ScriptExecutionContext* as the context object in the bindings.
     DOMWindow* activeDOMWindow(JSC::ExecState*);
     DOMWindow* firstDOMWindow(JSC::ExecState*);

trunk/Source/WebCore/bindings/js/JSHTMLFrameElementCustom.cpp

@@ -46 +46 @@
     if (protocolIsJavaScript(stripLeadingAndTrailingHTMLSpaces(value))) {
         Document* contentDocument = imp->contentDocument();
-        if (contentDocument && !checkNodeSecurity(exec, contentDocument))
+        if (contentDocument && !allowAccessToNode(exec, contentDocument))
             return false;
     }

trunk/Source/WebCore/bindings/js/JSHistoryCustom.cpp

@@ -62 +62 @@
     // allowed, return false so the normal lookup will take place.
     String message;
-    if (allowsAccessFromFrame(exec, impl()->frame(), message))
+    if (allowAccessToFrame(exec, impl()->frame(), message))
         return false;
 
@@ -102 +102 @@
 
     // Throw out all cross domain access
-    if (!allowsAccessFromFrame(exec, impl()->frame()))
+    if (!allowAccessToFrame(exec, impl()->frame()))
         return true;
 
@@ -142 +142 @@
 {
     // Only allow putting by frames in the same origin.
-    if (!allowsAccessFromFrame(exec, impl()->frame()))
+    if (!allowAccessToFrame(exec, impl()->frame()))
         return true;
     return false;
@@ -151 +151 @@
     JSHistory* thisObject = jsCast<JSHistory*>(cell);
     // Only allow deleting by frames in the same origin.
-    if (!allowsAccessFromFrame(exec, thisObject->impl()->frame()))
+    if (!allowAccessToFrame(exec, thisObject->impl()->frame()))
         return false;
     return Base::deleteProperty(thisObject, exec, propertyName);
@@ -160 +160 @@
     JSHistory* thisObject = jsCast<JSHistory*>(object);
     // Only allow the history object to enumerated by frames in the same origin.
-    if (!allowsAccessFromFrame(exec, thisObject->impl()->frame()))
+    if (!allowAccessToFrame(exec, thisObject->impl()->frame()))
         return;
     Base::getOwnPropertyNames(thisObject, exec, propertyNames, mode);

trunk/Source/WebCore/bindings/js/JSLocationCustom.cpp

@@ -60 +60 @@
     // allowed, return false so the normal lookup will take place.
     String message;
-    if (allowsAccessFromFrame(exec, frame, message))
+    if (allowAccessToFrame(exec, frame, message))
         return false;
 
@@ -96 +96 @@
     
     // throw out all cross domain access
-    if (!allowsAccessFromFrame(exec, frame))
+    if (!allowAccessToFrame(exec, frame))
         return true;
     
@@ -135 +135 @@
         return true;
 
-    bool sameDomainAccess = allowsAccessFromFrame(exec, frame);
+    bool sameDomainAccess = allowAccessToFrame(exec, frame);
 
     const HashEntry* entry = JSLocation::s_info.propHashTable(exec)->entry(exec, propertyName);
@@ -157 +157 @@
     JSLocation* thisObject = jsCast<JSLocation*>(cell);
     // Only allow deleting by frames in the same origin.
-    if (!allowsAccessFromFrame(exec, thisObject->impl()->frame()))
+    if (!allowAccessToFrame(exec, thisObject->impl()->frame()))
         return false;
     return Base::deleteProperty(thisObject, exec, propertyName);
@@ -166 +166 @@
     JSLocation* thisObject = jsCast<JSLocation*>(object);
     // Only allow the location object to enumerated by frames in the same origin.
-    if (!allowsAccessFromFrame(exec, thisObject->impl()->frame()))
+    if (!allowAccessToFrame(exec, thisObject->impl()->frame()))
         return;
     Base::getOwnPropertyNames(thisObject, exec, propertyNames, mode);
@@ -271 +271 @@
 {
     Frame* frame = impl()->frame();
-    if (!frame || !allowsAccessFromFrame(exec, frame))
+    if (!frame || !allowAccessToFrame(exec, frame))
         return jsUndefined();
 

trunk/Source/WebCore/bindings/js/ScriptController.cpp

@@ -249 +249 @@
     ExecState* exec = JSMainThreadExecState::currentState();
     if (exec)
-        return allowsAccessFromFrame(exec, frame);
+        return allowAccessToFrame(exec, frame);
     // If the current state is 0 we're in a call path where the DOM security 
     // check doesn't apply (eg. parser).

trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm

@@ -523 +523 @@
             push(@implContent, "    if (!thisObject->allowsAccessFrom(exec))\n");
         } else {
-            push(@implContent, "    if (!allowsAccessFromFrame(exec, thisObject->impl()->frame()))\n");
+            push(@implContent, "    if (!allowAccessToFrame(exec, thisObject->impl()->frame()))\n");
         }
         push(@implContent, "        return false;\n");
@@ -1753 +1753 @@
                         push(@implContent, "    return castedThis->$implGetterFunctionName(exec);\n");
                     }
-                } elsif ($attribute->signature->extendedAttributes->{"CheckNodeSecurity"}) {
+                } elsif ($attribute->signature->extendedAttributes->{"allowAccessToNode"}) {
                     $implIncludes{"JSDOMBinding.h"} = 1;
                     push(@implContent, "    $implClassName* impl = static_cast<$implClassName*>(castedThis->impl());\n");
-                    push(@implContent, "    return checkNodeSecurity(exec, impl->$implGetterFunctionName()) ? " . NativeToJSValue($attribute->signature, 0, $implClassName, "impl->$implGetterFunctionName()", "castedThis") . " : jsUndefined();\n");
+                    push(@implContent, "    return allowAccessToNode(exec, impl->$implGetterFunctionName()) ? " . NativeToJSValue($attribute->signature, 0, $implClassName, "impl->$implGetterFunctionName()", "castedThis") . " : jsUndefined();\n");
                 } elsif ($attribute->signature->extendedAttributes->{"CheckFrameSecurity"}) {
                     $implIncludes{"Document.h"} = 1;
                     $implIncludes{"JSDOMBinding.h"} = 1;
                     push(@implContent, "    $implClassName* impl = static_cast<$implClassName*>(castedThis->impl());\n");
-                    push(@implContent, "    return checkNodeSecurity(exec, impl->contentDocument()) ? " . NativeToJSValue($attribute->signature, 0, $implClassName, "impl->$implGetterFunctionName()", "castedThis") . " : jsUndefined();\n");
+                    push(@implContent, "    return allowAccessToNode(exec, impl->contentDocument()) ? " . NativeToJSValue($attribute->signature, 0, $implClassName, "impl->$implGetterFunctionName()", "castedThis") . " : jsUndefined();\n");
                 } elsif ($type eq "EventListener") {
                     $implIncludes{"EventListener.h"} = 1;
@@ -1929 +1929 @@
                                 push(@implContent, "    if (!static_cast<$className*>(thisObject)->allowsAccessFrom(exec))\n");
                             } else {
-                                push(@implContent, "    if (!allowsAccessFromFrame(exec, static_cast<$className*>(thisObject)->impl()->frame()))\n");
+                                push(@implContent, "    if (!allowAccessToFrame(exec, static_cast<$className*>(thisObject)->impl()->frame()))\n");
                             }
                             push(@implContent, "        return;\n");
@@ -2057 +2057 @@
                         push(@implContent, "    if (!static_cast<$className*>(thisObject)->allowsAccessFrom(exec))\n");
                     } else {
-                        push(@implContent, "    if (!allowsAccessFromFrame(exec, static_cast<$className*>(thisObject)->impl()->frame()))\n");
+                        push(@implContent, "    if (!allowAccessToFrame(exec, static_cast<$className*>(thisObject)->impl()->frame()))\n");
                     }
                     push(@implContent, "        return;\n");
@@ -2171 +2171 @@
 
                 if ($function->signature->extendedAttributes->{"SVGCheckSecurityDocument"} and !$function->isStatic) {
-                    push(@implContent, "    if (!checkNodeSecurity(exec, impl->getSVGDocument(" . (@{$function->raisesExceptions} ? "ec" : "") .")))\n");
+                    push(@implContent, "    if (!allowAccessToNode(exec, impl->getSVGDocument(" . (@{$function->raisesExceptions} ? "ec" : "") .")))\n");
                     push(@implContent, "        return JSValue::encode(jsUndefined());\n");
                     $implIncludes{"JSDOMBinding.h"} = 1;

trunk/Source/WebCore/bindings/scripts/CodeGeneratorV8.pm

@@ -884 +884 @@
 
     # Generate security checks if necessary
-    if ($attribute->signature->extendedAttributes->{"CheckNodeSecurity"}) {
-        push(@implContentDecls, "    if (!V8BindingSecurity::checkNodeSecurity(V8BindingState::Only(), imp->$attrName()))\n    return v8::Handle<v8::Value>();\n\n");
+    if ($attribute->signature->extendedAttributes->{"allowAccessToNode"}) {
+        push(@implContentDecls, "    if (!V8BindingSecurity::allowAccessToNode(V8BindingState::Only(), imp->$attrName()))\n    return v8::Handle<v8::Value>();\n\n");
     } elsif ($attribute->signature->extendedAttributes->{"CheckFrameSecurity"}) {
-        push(@implContentDecls, "    if (!V8BindingSecurity::checkNodeSecurity(V8BindingState::Only(), imp->contentDocument()))\n    return v8::Handle<v8::Value>();\n\n");
+        push(@implContentDecls, "    if (!V8BindingSecurity::allowAccessToNode(V8BindingState::Only(), imp->contentDocument()))\n    return v8::Handle<v8::Value>();\n\n");
     }
 
@@ -1435 +1435 @@
     if ($function->signature->extendedAttributes->{"SVGCheckSecurityDocument"}) {
         push(@implContentDecls, <<END);
-    if (!V8BindingSecurity::checkNodeSecurity(V8BindingState::Only(), imp->getSVGDocument(ec)))
+    if (!V8BindingSecurity::allowAccessToNode(V8BindingState::Only(), imp->getSVGDocument(ec)))
         return v8::Handle<v8::Value>();
 END