Changeset 104412 in webkit
- Timestamp:
- Jan 8, 2012 3:15:42 PM (12 years ago)
- Location:
- trunk/Source/WebCore
- Files:
-
- 10 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r104411 r104412 1 2012-01-08 Adam Barth <abarth@webkit.org> 2 3 Rename checkNodeSecurity and allowsAccessFromFrame to have sensible names 4 https://bugs.webkit.org/show_bug.cgi?id=75796 5 6 Reviewed by Sam Weinig. 7 8 This patch contains only renames and FIXME comments. No behavior change. 9 10 * bindings/js/JSDOMBinding.cpp: 11 (WebCore::allowAccessToNode): 12 (WebCore::allowAccessToFrame): 13 * bindings/js/JSDOMBinding.h: 14 * bindings/js/JSHTMLFrameElementCustom.cpp: 15 (WebCore::allowSettingJavascriptURL): 16 * bindings/js/JSHistoryCustom.cpp: 17 (WebCore::JSHistory::getOwnPropertySlotDelegate): 18 (WebCore::JSHistory::getOwnPropertyDescriptorDelegate): 19 (WebCore::JSHistory::putDelegate): 20 (WebCore::JSHistory::deleteProperty): 21 (WebCore::JSHistory::getOwnPropertyNames): 22 * bindings/js/JSLocationCustom.cpp: 23 (WebCore::JSLocation::getOwnPropertySlotDelegate): 24 (WebCore::JSLocation::getOwnPropertyDescriptorDelegate): 25 (WebCore::JSLocation::putDelegate): 26 (WebCore::JSLocation::deleteProperty): 27 (WebCore::JSLocation::getOwnPropertyNames): 28 (WebCore::JSLocation::toStringFunction): 29 * bindings/js/ScriptController.cpp: 30 (WebCore::ScriptController::canAccessFromCurrentOrigin): 31 * bindings/scripts/CodeGeneratorJS.pm: 32 (GenerateGetOwnPropertyDescriptorBody): 33 (GenerateImplementation): 34 * bindings/scripts/CodeGeneratorV8.pm: 35 (GenerateNormalAttrGetter): 36 (GenerateFunctionCallback): 37 1 38 2012-01-08 Adam Barth <abarth@webkit.org> 2 39 -
trunk/Source/WebCore/bindings/generic/BindingSecurity.h
r95901 r104412 56 56 // Check if it is safe to access the given node from the 57 57 // current security context. 58 static bool checkNodeSecurity(State<Binding>*, Node* target);58 static bool allowAccessToNode(State<Binding>*, Node* target); 59 59 60 60 static bool allowPopUp(State<Binding>*); … … 102 102 103 103 template <class Binding> 104 bool BindingSecurity<Binding>:: checkNodeSecurity(State<Binding>* state, Node* node)104 bool BindingSecurity<Binding>::allowAccessToNode(State<Binding>* state, Node* node) 105 105 { 106 106 if (!node) … … 132 132 if (protocolIsJavaScript(stripLeadingAndTrailingHTMLSpaces(value))) { 133 133 Node* contentDoc = frame->contentDocument(); 134 if (contentDoc && ! checkNodeSecurity(state, contentDoc))134 if (contentDoc && !allowAccessToNode(state, contentDoc)) 135 135 return false; 136 136 } -
trunk/Source/WebCore/bindings/js/JSDOMBinding.cpp
r104411 r104412 217 217 } 218 218 219 bool checkNodeSecurity(ExecState* exec, Node* node)220 { 221 return node && allow sAccessFromFrame(exec, node->document()->frame());222 } 223 224 bool allow sAccessFromFrame(ExecState* exec, Frame* frame)219 bool allowAccessToNode(ExecState* exec, Node* node) 220 { 221 return node && allowAccessToFrame(exec, node->document()->frame()); 222 } 223 224 bool allowAccessToFrame(ExecState* exec, Frame* frame) 225 225 { 226 226 if (!frame) … … 230 230 } 231 231 232 bool allow sAccessFromFrame(ExecState* exec, Frame* frame, String& message)232 bool allowAccessToFrame(ExecState* exec, Frame* frame, String& message) 233 233 { 234 234 if (!frame) -
trunk/Source/WebCore/bindings/js/JSDOMBinding.h
r104411 r104412 281 281 JSC::JSObject* toJSSequence(JSC::ExecState*, JSC::JSValue, unsigned&); 282 282 283 bool checkNodeSecurity(JSC::ExecState*, Node*); 284 285 // Helpers for Window, History, and Location classes to implement cross-domain policy. 286 // Besides the cross-domain check, they need non-caching versions of staticFunctionGetter for 287 // because we do not want current property values involved at all. 288 // FIXME: These functions should be named frameAllowsAccessFrom, because the access is *to* the frame. 289 bool allowsAccessFromFrame(JSC::ExecState*, Frame*); 290 bool allowsAccessFromFrame(JSC::ExecState*, Frame*, String& message); 283 // FIXME: Implement allowAccessToContext(JSC::ExecState*, ScriptExecutionContext*); 284 bool allowAccessToNode(JSC::ExecState*, Node*); 285 bool allowAccessToFrame(JSC::ExecState*, Frame*); 286 bool allowAccessToFrame(JSC::ExecState*, Frame*, String& message); 287 // FIXME: Implement allowAccessToDOMWindow(JSC::ExecState*, DOMWindow*); 288 289 // FIXME: Remove these functions in favor of activeContext and 290 // firstContext, which return ScriptExecutionContext*. We prefer to use 291 // ScriptExecutionContext* as the context object in the bindings. 291 292 DOMWindow* activeDOMWindow(JSC::ExecState*); 292 293 DOMWindow* firstDOMWindow(JSC::ExecState*); -
trunk/Source/WebCore/bindings/js/JSHTMLFrameElementCustom.cpp
r68854 r104412 46 46 if (protocolIsJavaScript(stripLeadingAndTrailingHTMLSpaces(value))) { 47 47 Document* contentDocument = imp->contentDocument(); 48 if (contentDocument && ! checkNodeSecurity(exec, contentDocument))48 if (contentDocument && !allowAccessToNode(exec, contentDocument)) 49 49 return false; 50 50 } -
trunk/Source/WebCore/bindings/js/JSHistoryCustom.cpp
r102797 r104412 62 62 // allowed, return false so the normal lookup will take place. 63 63 String message; 64 if (allow sAccessFromFrame(exec, impl()->frame(), message))64 if (allowAccessToFrame(exec, impl()->frame(), message)) 65 65 return false; 66 66 … … 102 102 103 103 // Throw out all cross domain access 104 if (!allow sAccessFromFrame(exec, impl()->frame()))104 if (!allowAccessToFrame(exec, impl()->frame())) 105 105 return true; 106 106 … … 142 142 { 143 143 // Only allow putting by frames in the same origin. 144 if (!allow sAccessFromFrame(exec, impl()->frame()))144 if (!allowAccessToFrame(exec, impl()->frame())) 145 145 return true; 146 146 return false; … … 151 151 JSHistory* thisObject = jsCast<JSHistory*>(cell); 152 152 // Only allow deleting by frames in the same origin. 153 if (!allow sAccessFromFrame(exec, thisObject->impl()->frame()))153 if (!allowAccessToFrame(exec, thisObject->impl()->frame())) 154 154 return false; 155 155 return Base::deleteProperty(thisObject, exec, propertyName); … … 160 160 JSHistory* thisObject = jsCast<JSHistory*>(object); 161 161 // Only allow the history object to enumerated by frames in the same origin. 162 if (!allow sAccessFromFrame(exec, thisObject->impl()->frame()))162 if (!allowAccessToFrame(exec, thisObject->impl()->frame())) 163 163 return; 164 164 Base::getOwnPropertyNames(thisObject, exec, propertyNames, mode); -
trunk/Source/WebCore/bindings/js/JSLocationCustom.cpp
r102797 r104412 60 60 // allowed, return false so the normal lookup will take place. 61 61 String message; 62 if (allow sAccessFromFrame(exec, frame, message))62 if (allowAccessToFrame(exec, frame, message)) 63 63 return false; 64 64 … … 96 96 97 97 // throw out all cross domain access 98 if (!allow sAccessFromFrame(exec, frame))98 if (!allowAccessToFrame(exec, frame)) 99 99 return true; 100 100 … … 135 135 return true; 136 136 137 bool sameDomainAccess = allow sAccessFromFrame(exec, frame);137 bool sameDomainAccess = allowAccessToFrame(exec, frame); 138 138 139 139 const HashEntry* entry = JSLocation::s_info.propHashTable(exec)->entry(exec, propertyName); … … 157 157 JSLocation* thisObject = jsCast<JSLocation*>(cell); 158 158 // Only allow deleting by frames in the same origin. 159 if (!allow sAccessFromFrame(exec, thisObject->impl()->frame()))159 if (!allowAccessToFrame(exec, thisObject->impl()->frame())) 160 160 return false; 161 161 return Base::deleteProperty(thisObject, exec, propertyName); … … 166 166 JSLocation* thisObject = jsCast<JSLocation*>(object); 167 167 // Only allow the location object to enumerated by frames in the same origin. 168 if (!allow sAccessFromFrame(exec, thisObject->impl()->frame()))168 if (!allowAccessToFrame(exec, thisObject->impl()->frame())) 169 169 return; 170 170 Base::getOwnPropertyNames(thisObject, exec, propertyNames, mode); … … 271 271 { 272 272 Frame* frame = impl()->frame(); 273 if (!frame || !allow sAccessFromFrame(exec, frame))273 if (!frame || !allowAccessToFrame(exec, frame)) 274 274 return jsUndefined(); 275 275 -
trunk/Source/WebCore/bindings/js/ScriptController.cpp
r99167 r104412 249 249 ExecState* exec = JSMainThreadExecState::currentState(); 250 250 if (exec) 251 return allow sAccessFromFrame(exec, frame);251 return allowAccessToFrame(exec, frame); 252 252 // If the current state is 0 we're in a call path where the DOM security 253 253 // check doesn't apply (eg. parser). -
trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm
r104411 r104412 523 523 push(@implContent, " if (!thisObject->allowsAccessFrom(exec))\n"); 524 524 } else { 525 push(@implContent, " if (!allow sAccessFromFrame(exec, thisObject->impl()->frame()))\n");525 push(@implContent, " if (!allowAccessToFrame(exec, thisObject->impl()->frame()))\n"); 526 526 } 527 527 push(@implContent, " return false;\n"); … … 1753 1753 push(@implContent, " return castedThis->$implGetterFunctionName(exec);\n"); 1754 1754 } 1755 } elsif ($attribute->signature->extendedAttributes->{" CheckNodeSecurity"}) {1755 } elsif ($attribute->signature->extendedAttributes->{"allowAccessToNode"}) { 1756 1756 $implIncludes{"JSDOMBinding.h"} = 1; 1757 1757 push(@implContent, " $implClassName* impl = static_cast<$implClassName*>(castedThis->impl());\n"); 1758 push(@implContent, " return checkNodeSecurity(exec, impl->$implGetterFunctionName()) ? " . NativeToJSValue($attribute->signature, 0, $implClassName, "impl->$implGetterFunctionName()", "castedThis") . " : jsUndefined();\n");1758 push(@implContent, " return allowAccessToNode(exec, impl->$implGetterFunctionName()) ? " . NativeToJSValue($attribute->signature, 0, $implClassName, "impl->$implGetterFunctionName()", "castedThis") . " : jsUndefined();\n"); 1759 1759 } elsif ($attribute->signature->extendedAttributes->{"CheckFrameSecurity"}) { 1760 1760 $implIncludes{"Document.h"} = 1; 1761 1761 $implIncludes{"JSDOMBinding.h"} = 1; 1762 1762 push(@implContent, " $implClassName* impl = static_cast<$implClassName*>(castedThis->impl());\n"); 1763 push(@implContent, " return checkNodeSecurity(exec, impl->contentDocument()) ? " . NativeToJSValue($attribute->signature, 0, $implClassName, "impl->$implGetterFunctionName()", "castedThis") . " : jsUndefined();\n");1763 push(@implContent, " return allowAccessToNode(exec, impl->contentDocument()) ? " . NativeToJSValue($attribute->signature, 0, $implClassName, "impl->$implGetterFunctionName()", "castedThis") . " : jsUndefined();\n"); 1764 1764 } elsif ($type eq "EventListener") { 1765 1765 $implIncludes{"EventListener.h"} = 1; … … 1929 1929 push(@implContent, " if (!static_cast<$className*>(thisObject)->allowsAccessFrom(exec))\n"); 1930 1930 } else { 1931 push(@implContent, " if (!allow sAccessFromFrame(exec, static_cast<$className*>(thisObject)->impl()->frame()))\n");1931 push(@implContent, " if (!allowAccessToFrame(exec, static_cast<$className*>(thisObject)->impl()->frame()))\n"); 1932 1932 } 1933 1933 push(@implContent, " return;\n"); … … 2057 2057 push(@implContent, " if (!static_cast<$className*>(thisObject)->allowsAccessFrom(exec))\n"); 2058 2058 } else { 2059 push(@implContent, " if (!allow sAccessFromFrame(exec, static_cast<$className*>(thisObject)->impl()->frame()))\n");2059 push(@implContent, " if (!allowAccessToFrame(exec, static_cast<$className*>(thisObject)->impl()->frame()))\n"); 2060 2060 } 2061 2061 push(@implContent, " return;\n"); … … 2171 2171 2172 2172 if ($function->signature->extendedAttributes->{"SVGCheckSecurityDocument"} and !$function->isStatic) { 2173 push(@implContent, " if (! checkNodeSecurity(exec, impl->getSVGDocument(" . (@{$function->raisesExceptions} ? "ec" : "") .")))\n");2173 push(@implContent, " if (!allowAccessToNode(exec, impl->getSVGDocument(" . (@{$function->raisesExceptions} ? "ec" : "") .")))\n"); 2174 2174 push(@implContent, " return JSValue::encode(jsUndefined());\n"); 2175 2175 $implIncludes{"JSDOMBinding.h"} = 1; -
trunk/Source/WebCore/bindings/scripts/CodeGeneratorV8.pm
r104411 r104412 884 884 885 885 # Generate security checks if necessary 886 if ($attribute->signature->extendedAttributes->{" CheckNodeSecurity"}) {887 push(@implContentDecls, " if (!V8BindingSecurity:: checkNodeSecurity(V8BindingState::Only(), imp->$attrName()))\n return v8::Handle<v8::Value>();\n\n");886 if ($attribute->signature->extendedAttributes->{"allowAccessToNode"}) { 887 push(@implContentDecls, " if (!V8BindingSecurity::allowAccessToNode(V8BindingState::Only(), imp->$attrName()))\n return v8::Handle<v8::Value>();\n\n"); 888 888 } elsif ($attribute->signature->extendedAttributes->{"CheckFrameSecurity"}) { 889 push(@implContentDecls, " if (!V8BindingSecurity:: checkNodeSecurity(V8BindingState::Only(), imp->contentDocument()))\n return v8::Handle<v8::Value>();\n\n");889 push(@implContentDecls, " if (!V8BindingSecurity::allowAccessToNode(V8BindingState::Only(), imp->contentDocument()))\n return v8::Handle<v8::Value>();\n\n"); 890 890 } 891 891 … … 1435 1435 if ($function->signature->extendedAttributes->{"SVGCheckSecurityDocument"}) { 1436 1436 push(@implContentDecls, <<END); 1437 if (!V8BindingSecurity:: checkNodeSecurity(V8BindingState::Only(), imp->getSVGDocument(ec)))1437 if (!V8BindingSecurity::allowAccessToNode(V8BindingState::Only(), imp->getSVGDocument(ec))) 1438 1438 return v8::Handle<v8::Value>(); 1439 1439 END
Note: See TracChangeset
for help on using the changeset viewer.