Changeset 135765 in webkit

Timestamp:

Nov 26, 2012 2:24:31 PM (11 years ago)

Author:

commit-queue@webkit.org

Message:

Refactor V8 bindings to allow content scripts to access subframes
​https://bugs.webkit.org/show_bug.cgi?id=93646

Patch by Dan Carney <​dcarney@google.com> on 2012-11-26
Reviewed by Adam Barth.

Source/WebCore:

Isolated window shells are now initialized on the fly
as needed.

No new tests. Existing test modified.

• bindings/v8/DOMWrapperWorld.cpp:

(WebCore::DOMWrapperWorld::ensureIsolatedWorld):

• bindings/v8/DOMWrapperWorld.h:

(WebCore::DOMWrapperWorld::createdFromUnitializedWorld):
(DOMWrapperWorld):

• bindings/v8/ScriptController.cpp:

(WebCore::ScriptController::currentWorldContext):

LayoutTests:

Test modified to check isolated world access across frames.

• http/tests/security/isolatedWorld/world-reuse-expected.txt:
• http/tests/security/isolatedWorld/world-reuse.html:

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/http/tests/security/isolatedWorld/world-reuse-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/isolatedWorld/world-reuse.html (modified) (1 diff)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/bindings/v8/DOMWrapperWorld.cpp (modified) (1 diff)
• Source/WebCore/bindings/v8/DOMWrapperWorld.h (modified) (1 diff)
• Source/WebCore/bindings/v8/ScriptController.cpp (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2012-11-26  Dan Carney  <dcarney@google.com>
+
+        Refactor V8 bindings to allow content scripts to access subframes
+        https://bugs.webkit.org/show_bug.cgi?id=93646
+
+        Reviewed by Adam Barth.
+
+        Test modified to check isolated world access across frames.
+
+        * http/tests/security/isolatedWorld/world-reuse-expected.txt:
+        * http/tests/security/isolatedWorld/world-reuse.html:
+
 2012-11-26  Tony Chang  <tony@chromium.org>
 

trunk/LayoutTests/http/tests/security/isolatedWorld/world-reuse-expected.txt

@@ -3 +3 @@
 Expecting bar: bar
 Expecting undefined: undefined
+Expecting true: true
+Expecting true: true
 Expecting undefined,undefined: undefined,undefined
 Expecting undefined,undefined: undefined,undefined

trunk/LayoutTests/http/tests/security/isolatedWorld/world-reuse.html

@@ -31 +31 @@
   document.body.insertBefore(document.createElement("br"), iframe.nextSibling);
   var iframeComplete = function(result) {
+
+    // Isolated world executing in frame should be able to to access parent content.
+    testRunner.evaluateScriptInIsolatedWorld(1,
+      "parent.document.body.appendChild(parent.document.createTextNode('Expecting true: ' + (parent.frames[0].document == this.document)));" +
+      "parent.document.body.appendChild(parent.document.createElement('br'));");
+
     document.body.appendChild(document.createTextNode('Expecting undefined,undefined: ' + result));
     document.body.appendChild(document.createElement('br'));
     reloadFrame();
   }
+
+  // Isolated world executing in window should be able to to access frame content.
+  testRunner.evaluateScriptInIsolatedWorld(1,
+    "document.body.appendChild(document.createTextNode('Expecting true: ' + !!frames[0].document));" +
+    "document.body.appendChild(document.createElement('br'));");
+
   iframe.src = "resources/iframe.html";
   

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2012-11-26  Dan Carney  <dcarney@google.com>
+
+        Refactor V8 bindings to allow content scripts to access subframes
+        https://bugs.webkit.org/show_bug.cgi?id=93646
+
+        Reviewed by Adam Barth.
+
+        Isolated window shells are now initialized on the fly
+        as needed.
+
+        No new tests. Existing test modified.
+
+        * bindings/v8/DOMWrapperWorld.cpp:
+        (WebCore::DOMWrapperWorld::ensureIsolatedWorld):
+        * bindings/v8/DOMWrapperWorld.h:
+        (WebCore::DOMWrapperWorld::createdFromUnitializedWorld):
+        (DOMWrapperWorld):
+        * bindings/v8/ScriptController.cpp:
+        (WebCore::ScriptController::currentWorldContext):
+
 2012-11-26  Alex Christensen  <alex.christensen@flexsim.com>
 

trunk/Source/WebCore/bindings/v8/DOMWrapperWorld.cpp

@@ -138 +138 @@
 {
     ASSERT(worldId != mainWorldId);
+    ASSERT(worldId >= uninitializedWorldId);
 
     WorldMap& map = isolatedWorldMap();

trunk/Source/WebCore/bindings/v8/DOMWrapperWorld.h

@@ -97 +97 @@
     bool isMainWorld() const { return m_worldId == mainWorldId; }
     bool isIsolatedWorld() const { return isIsolatedWorldId(m_worldId); }
+    bool createdFromUnitializedWorld() const { return m_worldId < uninitializedWorldId; }
+
     int worldId() const { return m_worldId; }
     int extensionGroup() const { return m_extensionGroup; }

trunk/Source/WebCore/bindings/v8/ScriptController.cpp

@@ -437 +437 @@
 v8::Local<v8::Context> ScriptController::currentWorldContext()
 {
-    if (v8::Context::InContext()) {
-        v8::Handle<v8::Context> context = v8::Context::GetEntered();
-        if (DOMWrapperWorld::isolated(context)) {
-            if (m_frame == toFrameIfNotDetached(context))
-                return v8::Local<v8::Context>::New(context);
-            return v8::Local<v8::Context>();
-        }
-    }
-    return v8::Local<v8::Context>::New(windowShell(mainThreadNormalWorld())->context());
+    if (!v8::Context::InContext())
+        return v8::Local<v8::Context>::New(windowShell(mainThreadNormalWorld())->context());
+
+    v8::Handle<v8::Context> context = v8::Context::GetEntered();
+    DOMWrapperWorld* isolatedWorld = DOMWrapperWorld::isolated(context);
+    if (!isolatedWorld)
+        return v8::Local<v8::Context>::New(windowShell(mainThreadNormalWorld())->context());
+
+    Frame* frame = toFrameIfNotDetached(context);
+    if (!m_frame)
+        return v8::Local<v8::Context>();
+
+    if (m_frame == frame)
+        return v8::Local<v8::Context>::New(context);
+
+    // FIXME: Need to handle weak isolated worlds correctly.
+    if (isolatedWorld->createdFromUnitializedWorld())
+        return v8::Local<v8::Context>();
+
+    return v8::Local<v8::Context>::New(windowShell(isolatedWorld)->context());
 }