Changeset 28565 in webkit


Ignore:
Timestamp:
Dec 8, 2007 10:03:43 AM (16 years ago)
Author:
weinig@apple.com
Message:

JavaScriptCore:

Reviewed by Darin.

  • Rename isSafeScript to allowsAccess.
  • bindings/NP_jsobject.cpp: (_isSafeScript):
  • kjs/JSGlobalObject.h: (KJS::JSGlobalObject::allowsAccessFrom): Reverse caller/argument of allowsAccessFrom to match the new call.

WebCore:

Reviewed by Darin.

  • Removes the faulty isSafeScript implementation that was only used for plugins.
  • Renames isSafeScript to allowsAccessFrom.
  • bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::customGetOwnPropertySlot): (WebCore::JSDOMWindow::customPut):
  • bindings/js/kjs_dom.cpp: (WebCore::checkNodeSecurity):
  • bindings/js/kjs_window.cpp: (KJS::createWindow): (KJS::Window::getValueProperty): (KJS::Window::namedItemGetter): (KJS::Window::getOwnPropertySlot): (KJS::Window::put): (KJS::Window::allowsAccessFrom): (KJS::Window::setListener): (KJS::Window::getListener): (KJS::WindowProtoFuncOpen::callAsFunction): (KJS::WindowProtoFuncSetTimeout::callAsFunction): (KJS::WindowProtoFuncClearTimeout::callAsFunction): (KJS::WindowProtoFuncSetInterval::callAsFunction): (KJS::WindowProtoFuncAddEventListener::callAsFunction): (KJS::WindowProtoFuncRemoveEventListener::callAsFunction): (KJS::WindowProtoFuncNotImplemented::callAsFunction): (KJS::Location::getOwnPropertySlot): (KJS::Location::put): (KJS::LocationProtoFuncReplace::callAsFunction): (KJS::LocationProtoFuncReload::callAsFunction): (KJS::LocationProtoFuncAssign::callAsFunction): (KJS::LocationProtoFuncToString::callAsFunction):
  • bindings/js/kjs_window.h: (KJS::Window::allowsAccessFrom):
  • bindings/objc/WebScriptObject.mm: (-[WebScriptObject _isSafeScript]): Reverse caller/argument of allowsAccessFrom to match the new call.
  • bindings/scripts/CodeGeneratorJS.pm:
Location:
trunk
Files:
10 edited

Legend:

Unmodified
Added
Removed
  • trunk/JavaScriptCore/ChangeLog

    r28551 r28565  
     12007-12-07  Sam Weinig  <sam@webkit.org>
     2
     3        Reviewed by Darin.
     4
     5        - Rename isSafeScript to allowsAccess.
     6
     7        * bindings/NP_jsobject.cpp:
     8        (_isSafeScript):
     9        * kjs/JSGlobalObject.h:
     10        (KJS::JSGlobalObject::allowsAccessFrom): Reverse caller/argument of allowsAccessFrom to match
     11        the new call.
     12
    1132007-12-07  Geoffrey Garen  <ggaren@apple.com>
    214
  • trunk/JavaScriptCore/bindings/NP_jsobject.cpp

    r28468 r28565  
    7979    if (!obj->originRootObject || !obj->rootObject)
    8080        return true;
    81    
     81
    8282    if (!obj->originRootObject->isValid() || !obj->rootObject->isValid())
    8383        return false;
    84        
    85     return obj->originRootObject->globalObject()->isSafeScript(obj->rootObject->globalObject());
     84
     85    return obj->rootObject->globalObject()->allowsAccessFrom(obj->originRootObject->globalObject());
    8686}
    8787
  • trunk/JavaScriptCore/kjs/JSGlobalObject.h

    r28527 r28565  
    223223        virtual bool shouldInterruptScript() const { return true; }
    224224
    225         virtual bool isSafeScript(const JSGlobalObject*) const { return true; }
     225        virtual bool allowsAccessFrom(const JSGlobalObject*) const { return true; }
    226226
    227227    private:
  • trunk/WebCore/ChangeLog

    r28563 r28565  
     12007-12-07  Sam Weinig  <sam@webkit.org>
     2
     3        Reviewed by Darin.
     4
     5        - Removes the faulty isSafeScript implementation that was only
     6          used for plugins.
     7        - Renames isSafeScript to allowsAccessFrom.
     8
     9        * bindings/js/JSDOMWindowCustom.cpp:
     10        (WebCore::JSDOMWindow::customGetOwnPropertySlot):
     11        (WebCore::JSDOMWindow::customPut):
     12        * bindings/js/kjs_dom.cpp:
     13        (WebCore::checkNodeSecurity):
     14        * bindings/js/kjs_window.cpp:
     15        (KJS::createWindow):
     16        (KJS::Window::getValueProperty):
     17        (KJS::Window::namedItemGetter):
     18        (KJS::Window::getOwnPropertySlot):
     19        (KJS::Window::put):
     20        (KJS::Window::allowsAccessFrom):
     21        (KJS::Window::setListener):
     22        (KJS::Window::getListener):
     23        (KJS::WindowProtoFuncOpen::callAsFunction):
     24        (KJS::WindowProtoFuncSetTimeout::callAsFunction):
     25        (KJS::WindowProtoFuncClearTimeout::callAsFunction):
     26        (KJS::WindowProtoFuncSetInterval::callAsFunction):
     27        (KJS::WindowProtoFuncAddEventListener::callAsFunction):
     28        (KJS::WindowProtoFuncRemoveEventListener::callAsFunction):
     29        (KJS::WindowProtoFuncNotImplemented::callAsFunction):
     30        (KJS::Location::getOwnPropertySlot):
     31        (KJS::Location::put):
     32        (KJS::LocationProtoFuncReplace::callAsFunction):
     33        (KJS::LocationProtoFuncReload::callAsFunction):
     34        (KJS::LocationProtoFuncAssign::callAsFunction):
     35        (KJS::LocationProtoFuncToString::callAsFunction):
     36        * bindings/js/kjs_window.h:
     37        (KJS::Window::allowsAccessFrom):
     38        * bindings/objc/WebScriptObject.mm:
     39        (-[WebScriptObject _isSafeScript]): Reverse caller/argument of allowsAccessFrom to match
     40        the new call.
     41        * bindings/scripts/CodeGeneratorJS.pm:
     42
    1432007-12-08  Rob Buis  <buis@kde.org>
    244
  • trunk/WebCore/bindings/js/JSDOMWindowCustom.cpp

    r27608 r28565  
    5757    KJS::JSValue** val = getDirectLocation(propertyName);
    5858    if (val) {
    59         if (!isSafeScript(exec)) {
     59        if (!allowsAccessFrom(exec)) {
    6060            slot.setUndefined(this);
    6161            return true;
     
    7070    }
    7171
    72     // FIXME: We need this to work around the blanket isSafeScript check in KJS::Window.  Once we remove that, we
     72    // FIXME: We need this to work around the blanket same origin (allowsAccessFrom) check in KJS::Window.  Once we remove that, we
    7373    // can move this to JSDOMWindowPrototype.
    7474    KJS::JSValue* proto = prototype();
     
    8282                        slot.setStaticEntry(this, entry, KJS::staticFunctionGetter);
    8383                else {
    84                     if (!isSafeScript(exec))
     84                    if (!allowsAccessFrom(exec))
    8585                        slot.setUndefined(this);
    8686                    else
     
    108108    // We have a local override (e.g. "var location"), save time and jump directly to JSObject.
    109109    if (KJS::JSObject::getDirect(propertyName)) {
    110         if (isSafeScript(exec))
     110        if (allowsAccessFrom(exec))
    111111            KJS::JSObject::put(exec, propertyName, value, attr);
    112112        return true;
  • trunk/WebCore/bindings/js/kjs_dom.cpp

    r28468 r28565  
    5959bool checkNodeSecurity(ExecState* exec, Node* n)
    6060{
    61   if (!n) 
     61  if (!n)
    6262    return false;
    6363
    6464  // Check to see if the currently executing interpreter is allowed to access the specified node
    6565  Window* win = Window::retrieveWindow(n->document()->frame());
    66   return win && win->isSafeScript(exec);
     66  return win && win->allowsAccessFrom(exec);
    6767}
    6868
  • trunk/WebCore/bindings/js/kjs_window.cpp

    r28485 r28565  
    391391        newWindow->putDirect("dialogArguments", dialogArgs);
    392392
    393     if (!url.startsWith("javascript:", false) || newWindow->isSafeScript(exec)) {
     393    if (!url.startsWith("javascript:", false) || newWindow->allowsAccessFrom(exec)) {
    394394        String completedURL = url.isEmpty() ? url : activeFrame->document()->completeURL(url);
    395395        bool userGesture = activeFrame->scriptProxy()->processingUserGesture();
     
    508508   switch (token) {
    509509   case Crypto:
    510       if (!isSafeScript(exec))
     510      if (!allowsAccessFrom(exec))
    511511        return jsUndefined();
    512512      return jsUndefined(); // FIXME: implement this
    513513   case DOMException:
    514       if (!isSafeScript(exec))
     514      if (!allowsAccessFrom(exec))
    515515        return jsUndefined();
    516516      return getDOMExceptionConstructor(exec);
    517517    case Event_:
    518       if (!isSafeScript(exec))
     518      if (!allowsAccessFrom(exec))
    519519        return jsUndefined();
    520520      if (!d->m_evt)
     
    525525    case Navigator_:
    526526    case ClientInformation: {
    527       if (!isSafeScript(exec))
     527      if (!allowsAccessFrom(exec))
    528528        return jsUndefined();
    529529      // Store the navigator in the object so we get the same one each time.
     
    536536    }
    537537    case Image:
    538       if (!isSafeScript(exec))
     538      if (!allowsAccessFrom(exec))
    539539        return jsUndefined();
    540540      // FIXME: this property (and the few below) probably shouldn't create a new object every
     
    542542      return new ImageConstructorImp(exec, impl()->frame()->document());
    543543    case Option:
    544       if (!isSafeScript(exec))
     544      if (!allowsAccessFrom(exec))
    545545        return jsUndefined();
    546546      return new JSHTMLOptionElementConstructor(exec, impl()->frame()->document());
    547547    case XMLHttpRequest:
    548       if (!isSafeScript(exec))
     548      if (!allowsAccessFrom(exec))
    549549        return jsUndefined();
    550550      return new JSXMLHttpRequestConstructorImp(exec, impl()->frame()->document());
     
    557557#if ENABLE(XSLT)
    558558    case XSLTProcessor_:
    559       if (!isSafeScript(exec))
     559      if (!allowsAccessFrom(exec))
    560560        return jsUndefined();
    561561      return new XSLTProcessorConstructorImp(exec);
     
    566566   }
    567567
    568    if (!isSafeScript(exec))
     568   if (!allowsAccessFrom(exec))
    569569     return jsUndefined();
    570570
     
    639639  Window *thisObj = static_cast<Window *>(slot.slotBase());
    640640  Document *doc = thisObj->impl()->frame()->document();
    641   ASSERT(thisObj->isSafeScript(exec) && doc && doc->isHTMLDocument());
     641  ASSERT(thisObj->allowsAccessFrom(exec) && doc && doc->isHTMLDocument());
    642642
    643643  String name = propertyName;
     
    667667          return false;
    668668      }
    669       if (isSafeScript(exec))
     669      if (allowsAccessFrom(exec))
    670670        slot.setStaticEntry(this, entry, staticFunctionGetter);
    671671      else
     
    690690  Document* doc = impl()->frame()->document();
    691691  if (doc && doc->isHTMLDocument()) {
    692     if (!isSafeScript(exec)) {
     692    if (!allowsAccessFrom(exec)) {
    693693      slot.setUndefined(this);
    694694      return true;
     
    702702  }
    703703
    704   if (!isSafeScript(exec)) {
     704  if (!allowsAccessFrom(exec)) {
    705705    slot.setUndefined(this);
    706706    return true;
     
    715715  if (entry) {
    716716     if (entry->attr & Function) {
    717        if (isSafeScript(exec))
     717       if (allowsAccessFrom(exec))
    718718         JSObject::put(exec, propertyName, value, attr);
    719719       return;
     
    729729          return;
    730730        DeprecatedString dstUrl = p->loader()->completeURL(DeprecatedString(value->toString(exec))).url();
    731         if (!dstUrl.startsWith("javascript:", false) || isSafeScript(exec)) {
     731        if (!dstUrl.startsWith("javascript:", false) || allowsAccessFrom(exec)) {
    732732          bool userGesture = p->scriptProxy()->processingUserGesture();
    733733          // We want a new history item if this JS was called via a user gesture
     
    738738    }
    739739    case Onabort:
    740       if (isSafeScript(exec))
     740      if (allowsAccessFrom(exec))
    741741        setListener(exec, abortEvent,value);
    742742      return;
    743743    case Onblur:
    744       if (isSafeScript(exec))
     744      if (allowsAccessFrom(exec))
    745745        setListener(exec, blurEvent,value);
    746746      return;
    747747    case Onchange:
    748       if (isSafeScript(exec))
     748      if (allowsAccessFrom(exec))
    749749        setListener(exec, changeEvent,value);
    750750      return;
    751751    case Onclick:
    752       if (isSafeScript(exec))
     752      if (allowsAccessFrom(exec))
    753753        setListener(exec,clickEvent,value);
    754754      return;
    755755    case Ondblclick:
    756       if (isSafeScript(exec))
     756      if (allowsAccessFrom(exec))
    757757        setListener(exec, dblclickEvent,value);
    758758      return;
    759759    case Onerror:
    760       if (isSafeScript(exec))
     760      if (allowsAccessFrom(exec))
    761761        setListener(exec, errorEvent, value);
    762762      return;
    763763    case Onfocus:
    764       if (isSafeScript(exec))
     764      if (allowsAccessFrom(exec))
    765765        setListener(exec,focusEvent,value);
    766766      return;
    767767    case Onkeydown:
    768       if (isSafeScript(exec))
     768      if (allowsAccessFrom(exec))
    769769        setListener(exec,keydownEvent,value);
    770770      return;
    771771    case Onkeypress:
    772       if (isSafeScript(exec))
     772      if (allowsAccessFrom(exec))
    773773        setListener(exec,keypressEvent,value);
    774774      return;
    775775    case Onkeyup:
    776       if (isSafeScript(exec))
     776      if (allowsAccessFrom(exec))
    777777        setListener(exec,keyupEvent,value);
    778778      return;
    779779    case Onload:
    780       if (isSafeScript(exec))
     780      if (allowsAccessFrom(exec))
    781781        setListener(exec,loadEvent,value);
    782782      return;
    783783    case Onmousedown:
    784       if (isSafeScript(exec))
     784      if (allowsAccessFrom(exec))
    785785        setListener(exec,mousedownEvent,value);
    786786      return;
    787787    case Onmousemove:
    788       if (isSafeScript(exec))
     788      if (allowsAccessFrom(exec))
    789789        setListener(exec,mousemoveEvent,value);
    790790      return;
    791791    case Onmouseout:
    792       if (isSafeScript(exec))
     792      if (allowsAccessFrom(exec))
    793793        setListener(exec,mouseoutEvent,value);
    794794      return;
    795795    case Onmouseover:
    796       if (isSafeScript(exec))
     796      if (allowsAccessFrom(exec))
    797797        setListener(exec,mouseoverEvent,value);
    798798      return;
    799799    case Onmouseup:
    800       if (isSafeScript(exec))
     800      if (allowsAccessFrom(exec))
    801801        setListener(exec,mouseupEvent,value);
    802802      return;
    803803    case OnWindowMouseWheel:
    804       if (isSafeScript(exec))
     804      if (allowsAccessFrom(exec))
    805805        setListener(exec, mousewheelEvent,value);
    806806      return;
    807807    case Onreset:
    808       if (isSafeScript(exec))
     808      if (allowsAccessFrom(exec))
    809809        setListener(exec,resetEvent,value);
    810810      return;
    811811    case Onresize:
    812       if (isSafeScript(exec))
     812      if (allowsAccessFrom(exec))
    813813        setListener(exec,resizeEvent,value);
    814814      return;
    815815    case Onscroll:
    816       if (isSafeScript(exec))
     816      if (allowsAccessFrom(exec))
    817817        setListener(exec,scrollEvent,value);
    818818      return;
    819819    case Onsearch:
    820         if (isSafeScript(exec))
     820        if (allowsAccessFrom(exec))
    821821            setListener(exec,searchEvent,value);
    822822        return;
    823823    case Onselect:
    824       if (isSafeScript(exec))
     824      if (allowsAccessFrom(exec))
    825825        setListener(exec,selectEvent,value);
    826826      return;
    827827    case Onsubmit:
    828       if (isSafeScript(exec))
     828      if (allowsAccessFrom(exec))
    829829        setListener(exec,submitEvent,value);
    830830      return;
    831831    case Onbeforeunload:
    832       if (isSafeScript(exec))
     832      if (allowsAccessFrom(exec))
    833833        setListener(exec, beforeunloadEvent, value);
    834834      return;
    835835    case Onunload:
    836       if (isSafeScript(exec))
     836      if (allowsAccessFrom(exec))
    837837        setListener(exec, unloadEvent, value);
    838838      return;
     
    841841    }
    842842  }
    843   if (isSafeScript(exec))
     843  if (allowsAccessFrom(exec))
    844844    JSObject::put(exec, propertyName, value, attr);
    845845}
    846846
    847 static bool shouldLoadAsEmptyDocument(const KURL &url)
    848 {
    849   return url.protocol().lower() == "about" || url.isEmpty();
    850 }
    851 
    852 bool Window::isSafeScript(const JSGlobalObject *origin, const JSGlobalObject *target)
    853 {
    854     if (origin == target)
     847bool Window::allowsAccessFrom(const JSGlobalObject* other) const
     848{
     849    const Frame* originFrame = static_cast<const Window*>(other)->impl()->frame();
     850    if (!originFrame)
     851        return false;
     852
     853    const Frame* targetFrame = impl()->frame();
     854    if (!targetFrame)
     855        return false;
     856
     857    if (originFrame == targetFrame)
    855858        return true;
    856859       
    857     Frame* originFrame = static_cast<const Window*>(origin)->impl()->frame();
    858     Frame* targetFrame = static_cast<const Window*>(target)->impl()->frame();
     860    WebCore::Document* targetDocument = targetFrame->document();
    859861
    860862    // JS may be attempting to access the "window" object, which should be valid,
    861863    // even if the document hasn't been constructed yet.  If the document doesn't
    862864    // exist yet allow JS to access the window object.
    863     if (!targetFrame->document())
     865    if (!targetDocument)
    864866        return true;
    865867
    866     WebCore::Document *originDocument = originFrame->document();
    867     WebCore::Document *targetDocument = targetFrame->document();
    868 
    869     if (!targetDocument) {
    870         return false;
    871     }
    872 
    873     WebCore::String targetDomain = targetDocument->domain();
    874 
    875     // Always allow local pages to execute any JS.
    876     if (targetDomain.isNull())
     868    WebCore::Document* originDocument = originFrame->document();
     869
     870    const SecurityOrigin& originSecurityOrigin = originDocument->securityOrigin();
     871    const SecurityOrigin& targetSecurityOrigin = targetDocument->securityOrigin();
     872
     873    if (originSecurityOrigin.canAccess(targetSecurityOrigin))
    877874        return true;
    878875
    879     WebCore::String originDomain = originDocument->domain();
    880 
    881     // if this document is being initially loaded as empty by its parent
    882     // or opener, allow access from any document in the same domain as
    883     // the parent or opener.
    884     if (shouldLoadAsEmptyDocument(targetFrame->loader()->url())) {
    885         Frame* ancestorFrame = targetFrame->loader()->opener() ? targetFrame->loader()->opener() : targetFrame->tree()->parent();
    886         while (ancestorFrame && shouldLoadAsEmptyDocument(ancestorFrame->loader()->url()))
    887             ancestorFrame = ancestorFrame->tree()->parent();
    888         if (ancestorFrame)
    889             originDomain = ancestorFrame->document()->domain();
    890     }
    891 
    892     if (targetDomain == originDomain)
    893         return true;
    894 
    895     if (!originFrame->settings()->privateBrowsingEnabled()) {
     876    if (!targetFrame->settings()->privateBrowsingEnabled()) {
     877        // FIXME: this error message should contain more specifics of why the same origin check has failed.
     878        String message = String::format("Unsafe JavaScript attempt to access frame with URL %s from frame with URL %s. Domains, protocols and ports must match.\n",
     879                                        targetDocument->URL().utf8().data(), originDocument->URL().utf8().data());
     880
    896881        if (Interpreter::shouldPrintExceptions())
    897             printf("Unsafe JavaScript attempt to access frame with URL %s from frame with URL %s. Domains must match.\n",
    898                    targetDocument->URL().latin1(), originDocument->URL().latin1());
    899         String message = String::format("Unsafe JavaScript attempt to access frame with URL %s from frame with URL %s. Domains must match.\n",
    900                                         targetDocument->URL().latin1(), originDocument->URL().latin1());
     882            printf("%s", message.utf8().data());
     883
    901884        if (Page* page = targetFrame->page())
    902885            page->chrome()->addMessageToConsole(JSMessageSource, ErrorMessageLevel, message, 1, String()); // FIXME: provide a real line number and source URL.
     
    904887
    905888    return false;
     889   
    906890}
    907891
     
    933917}
    934918
    935 bool Window::isSafeScript(ExecState *exec) const
    936 {
    937   Frame* frame = impl()->frame();
    938   if (!frame)
    939     return false;
    940   Frame* activeFrame = Window::retrieveActive(exec)->impl()->frame();
    941   if (!activeFrame)
    942     return false;
    943   if (activeFrame == frame)
    944     return true;
    945 
    946   WebCore::Document* thisDocument = frame->document();
    947 
    948   // JS may be attempting to access the "window" object, which should be valid,
    949   // even if the document hasn't been constructed yet.  If the document doesn't
    950   // exist yet allow JS to access the window object.
    951   if (!thisDocument)
    952       return true;
    953 
    954   WebCore::Document* actDocument = activeFrame->document();
    955 
    956   const SecurityOrigin& actSecurityOrigin = actDocument->securityOrigin();
    957   const SecurityOrigin& thisSecurityOrigin = thisDocument->securityOrigin();
    958 
    959   if (actSecurityOrigin.canAccess(thisSecurityOrigin))
    960     return true;
    961 
    962     if (!frame->settings()->privateBrowsingEnabled()) {
    963         // FIXME: this error message should contain more specifics of why the same origin check has failed.
    964         String message = String::format("Unsafe JavaScript attempt to access frame with URL %s from frame with URL %s. Domains, protocols and ports must match.\n",
    965                                         thisDocument->URL().utf8().data(), actDocument->URL().utf8().data());
    966        
    967         if (Interpreter::shouldPrintExceptions())
    968             printf("%s", message.utf8().data());
    969        
    970         if (Page* page = frame->page())
    971             page->chrome()->addMessageToConsole(JSMessageSource, ErrorMessageLevel, message, 1, String());
    972     }
    973 
    974   return false;
    975 }
    976 
    977919void Window::setListener(ExecState *exec, const AtomicString &eventType, JSValue *func)
    978920{
    979   if (!isSafeScript(exec))
     921  if (!allowsAccessFrom(exec))
    980922    return;
    981923  Frame* frame = impl()->frame();
     
    991933JSValue *Window::getListener(ExecState *exec, const AtomicString &eventType) const
    992934{
    993   if (!isSafeScript(exec))
     935  if (!allowsAccessFrom(exec))
    994936    return jsUndefined();
    995937  Frame* frame = impl()->frame();
     
    13631305
    13641306        const Window* window = Window::retrieveWindow(frame);
    1365         if (!completedURL.isEmpty() && (!completedURL.startsWith("javascript:", false) || (window && window->isSafeScript(exec)))) {
     1307        if (!completedURL.isEmpty() && (!completedURL.startsWith("javascript:", false) || (window && window->allowsAccessFrom(exec)))) {
    13661308            bool userGesture = activeFrame->scriptProxy()->processingUserGesture();
    13671309            frame->loader()->scheduleLocationChange(completedURL, activeFrame->loader()->outgoingReferrer(), false, userGesture);
     
    15261468    UString s = v->toString(exec);
    15271469
    1528     if (!window->isSafeScript(exec))
     1470    if (!window->allowsAccessFrom(exec))
    15291471        return jsUndefined();
    15301472    if (v->isString()) {
     
    15601502    JSValue *v = args[0];
    15611503
    1562     if (!window->isSafeScript(exec))
     1504    if (!window->allowsAccessFrom(exec))
    15631505        return jsUndefined();
    15641506    (const_cast<Window*>(window))->clearTimeout(v->toInt32(exec));
     
    15781520    UString s = v->toString(exec);
    15791521
    1580     if (!window->isSafeScript(exec))
     1522    if (!window->allowsAccessFrom(exec))
    15811523        return jsUndefined();
    15821524    if (args.size() >= 2 && v->isString()) {
     
    16091551        return jsUndefined();
    16101552
    1611     if (!window->isSafeScript(exec))
     1553    if (!window->allowsAccessFrom(exec))
    16121554        return jsUndefined();
    16131555    if (JSEventListener* listener = window->findOrCreateJSEventListener(args[1]))
     
    16261568        return jsUndefined();
    16271569
    1628     if (!window->isSafeScript(exec))
     1570    if (!window->allowsAccessFrom(exec))
    16291571        return jsUndefined();
    16301572    if (JSEventListener* listener = window->findJSEventListener(args[1]))
     
    16561598
    16571599    // If anyone implements these, they need the safe script security check.
    1658     if (!window->isSafeScript(exec))
     1600    if (!window->allowsAccessFrom(exec))
    16591601        return jsUndefined();
    16601602    // Not implemented.
     
    19591901                                                   && entry->value.functionValue != &LocationProtoFuncReload::create
    19601902                                                   && entry->value.functionValue != &LocationProtoFuncAssign::create))  {
    1961     if (!window || !window->isSafeScript(exec)) {
     1903    if (!window || !window->allowsAccessFrom(exec)) {
    19621904      slot.setUndefined(this);
    19631905      return true;
     
    19761918  KURL url = m_frame->loader()->url();
    19771919  const Window* window = Window::retrieveWindow(m_frame);
    1978   bool sameDomainAccess = window && window->isSafeScript(exec);
     1920  bool sameDomainAccess = window && window->allowsAccessFrom(exec);
    19791921
    19801922  const HashEntry *entry = Lookup::findEntry(&LocationTable, p);
     
    20592001      DeprecatedString str = args[0]->toString(exec);
    20602002      const Window* window = Window::retrieveWindow(frame);
    2061       if (!str.startsWith("javascript:", false) || (window && window->isSafeScript(exec))) {
     2003      if (!str.startsWith("javascript:", false) || (window && window->allowsAccessFrom(exec))) {
    20622004        bool userGesture = p->scriptProxy()->processingUserGesture();
    20632005        frame->loader()->scheduleLocationChange(p->loader()->completeURL(str).url(), p->loader()->outgoingReferrer(), true, userGesture);
     
    20782020
    20792021    Window* window = Window::retrieveWindow(frame);
    2080     if (!window->isSafeScript(exec))
    2081         return jsUndefined();
    2082 
    2083     if (!frame->loader()->url().url().startsWith("javascript:", false) || (window && window->isSafeScript(exec))) {
     2022    if (!window->allowsAccessFrom(exec))
     2023        return jsUndefined();
     2024
     2025    if (!frame->loader()->url().url().startsWith("javascript:", false) || (window && window->allowsAccessFrom(exec))) {
    20842026      bool userGesture = Window::retrieveActive(exec)->impl()->frame()->scriptProxy()->processingUserGesture();
    20852027      frame->loader()->scheduleRefresh(userGesture);
     
    21032045        const Window *window = Window::retrieveWindow(frame);
    21042046        DeprecatedString dstUrl = p->loader()->completeURL(DeprecatedString(args[0]->toString(exec))).url();
    2105         if (!dstUrl.startsWith("javascript:", false) || (window && window->isSafeScript(exec))) {
     2047        if (!dstUrl.startsWith("javascript:", false) || (window && window->allowsAccessFrom(exec))) {
    21062048            bool userGesture = p->scriptProxy()->processingUserGesture();
    21072049            // We want a new history item if this JS was called via a user gesture
     
    21232065
    21242066    Window* window = Window::retrieveWindow(frame);
    2125     if (!window->isSafeScript(exec))
    2126         return jsUndefined();
    2127 
    2128     if (!frame || !Window::retrieveWindow(frame)->isSafeScript(exec))
     2067    if (!window->allowsAccessFrom(exec))
     2068        return jsUndefined();
     2069
     2070    if (!frame || !Window::retrieveWindow(frame)->allowsAccessFrom(exec))
    21292071        return jsString();
    21302072
     
    21692111    return Window::retrieve(frame);
    21702112}
    2171    
     2113
    21722114} // namespace WebCore
  • trunk/WebCore/bindings/js/kjs_window.h

    r28468 r28565  
    104104
    105105    void timerFired(DOMWindowTimer*);
    106    
    107     static bool isSafeScript(const JSGlobalObject *origin, const JSGlobalObject *target);
    108     virtual bool isSafeScript(const JSGlobalObject* other) const { return Window::isSafeScript(this, other); }
    109     bool isSafeScript(ExecState*) const;
    110106
    111107    Location* location() const;
     
    141137    virtual const ClassInfo* classInfo() const { return &info; }
    142138    static const ClassInfo info;
    143    
     139
    144140    virtual ExecState* globalExec();
     141
    145142    virtual bool shouldInterruptScript() const;
     143
     144    virtual bool allowsAccessFrom(const JSGlobalObject*) const;
     145    bool allowsAccessFrom(ExecState* exec) const { return allowsAccessFrom(exec->dynamicGlobalObject()); }
    146146
    147147    enum {
  • trunk/WebCore/bindings/objc/WebScriptObject.mm

    r28468 r28565  
    208208        return false;
    209209
    210     return _private->originRootObject->globalObject()->isSafeScript(root->globalObject());
     210    return root->globalObject()->allowsAccessFrom(_private->originRootObject->globalObject());
    211211}
    212212
  • trunk/WebCore/bindings/scripts/CodeGeneratorJS.pm

    r28468 r28565  
    922922
    923923            if ($dataNode->extendedAttributes->{"CheckDomainSecurity"} && !$attribute->signature->extendedAttributes->{"DoNotCheckDomainSecurity"}) {
    924                 push(@implContent, "        if (!isSafeScript(exec))\n");
     924                push(@implContent, "        if (!allowsAccessFrom(exec))\n");
    925925                push(@implContent, "            return jsUndefined();\n");
    926926            }
     
    10261026
    10271027                    if ($dataNode->extendedAttributes->{"CheckDomainSecurity"} && !$attribute->signature->extendedAttributes->{"DoNotCheckDomainSecurity"}) {
    1028                         push(@implContent, "        if (!isSafeScript(exec))\n");
     1028                        push(@implContent, "        if (!allowsAccessFrom(exec))\n");
    10291029                        push(@implContent, "            return;\n");
    10301030                    }
Note: See TracChangeset for help on using the changeset viewer.