Changeset 56829 in webkit
- Timestamp:
- Mar 31, 2010 1:37:13 AM (14 years ago)
- Location:
- trunk
- Files:
-
- 9 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/WebCore/ChangeLog
r56825 r56829 1 2010-03-31 John Gregg <johnnyg@google.com> 2 3 Reviewed by Darin Fisher. 4 5 [chromium] add logging of cross-frame property accesses for site isolation 6 https://bugs.webkit.org/show_bug.cgi?id=35773 7 8 No new tests as no new functionality. 9 10 * bindings/scripts/CodeGeneratorV8.pm: 11 * bindings/v8/V8Utilities.cpp: 12 (WebCore::logPropertyAccess): 13 * bindings/v8/V8Utilities.h: 14 * loader/FrameLoaderClient.h: 15 (WebCore::FrameLoaderClient::logCrossFramePropertyAccess): 16 1 17 2010-03-30 Gavin Barraclough <barraclough@apple.com> 2 18 -
trunk/WebCore/bindings/scripts/CodeGeneratorV8.pm
r56445 r56829 675 675 } elsif ($attribute->signature->extendedAttributes->{"CheckFrameSecurity"}) { 676 676 push(@implContentDecls, " if (!V8BindingSecurity::checkNodeSecurity(V8BindingState::Only(), imp->contentDocument())) return v8::Handle<v8::Value>();\n\n"); 677 } 678 679 if ($attrExt->{"DoNotCheckDomainSecurity"} || 680 $attrExt->{"DoNotCheckDomainSecurityOnGet"}) { 681 push(@implContentDecls, " logPropertyAccess(name, info);\n"); 677 682 } 678 683 … … 1447 1452 "#include \"V8BindingState.h\"\n" . 1448 1453 "#include \"V8DOMWrapper.h\"\n" . 1454 "#include \"V8Utilities.h\"\n" . 1449 1455 "#include \"V8IsolatedContext.h\"\n\n" . 1450 1456 "#undef LOG\n\n"); -
trunk/WebCore/bindings/v8/V8Utilities.cpp
r56580 r56829 34 34 #include <v8.h> 35 35 36 #include "ChromiumBridge.h" 36 37 #include "Document.h" 37 38 #include "Frame.h" 39 #include "FrameLoaderClient.h" 38 40 #include "ScriptExecutionContext.h" 39 41 #include "ScriptState.h" 40 42 #include "V8Binding.h" 43 #include "V8BindingState.h" 44 #include "V8DOMWindow.h" 41 45 #include "V8Proxy.h" 42 46 #include "WorkerContext.h" … … 143 147 } 144 148 149 void logPropertyAccess(v8::Local<v8::String> name, const v8::AccessorInfo& info) 150 { 151 Frame* target = V8DOMWindow::toNative(info.Holder())->frame(); 152 Frame* active = V8BindingState::Only()->getActiveWindow()->frame(); 153 if (target == active) 154 return; 155 156 bool crossSite = !V8BindingSecurity::canAccessFrame(V8BindingState::Only(), target, false); 157 String propName = toWebCoreString(name); 158 159 // For cross-site, we also want to identify the current event to record repeat accesses. 160 unsigned long long eventId = 0; 161 if (crossSite) { 162 v8::HandleScope handleScope; 163 v8::Handle<v8::Context> v8Context = V8Proxy::mainWorldContext(active); 164 if (!v8Context.IsEmpty()) { 165 v8::Context::Scope scope(v8Context); 166 v8::Handle<v8::Object> global = v8Context->Global(); 167 v8::Handle<v8::Value> jsEvent = global->Get(v8::String::NewSymbol("event")); 168 if (V8DOMWrapper::isValidDOMObject(jsEvent)) 169 eventId = reinterpret_cast<unsigned long long>(V8Event::toNative(v8::Handle<v8::Object>::Cast(jsEvent))); 170 } 171 } 172 active->loader()->client()->logCrossFramePropertyAccess(target, crossSite, propName, eventId); 173 } 174 145 175 } // namespace WebCore -
trunk/WebCore/bindings/v8/V8Utilities.h
r56329 r56829 57 57 ScriptExecutionContext* getScriptExecutionContext(); 58 58 59 void logPropertyAccess(v8::Local<v8::String> name, const v8::AccessorInfo& info); 60 59 61 class AllowAllocation { 60 62 public: -
trunk/WebCore/loader/FrameLoaderClient.h
r56650 r56829 245 245 virtual void didDestroyScriptContextForFrame() = 0; 246 246 virtual void didCreateIsolatedScriptContext() = 0; 247 248 virtual void logCrossFramePropertyAccess(Frame* target, bool crossOrigin, const String& name, unsigned long long eventId) { } 247 249 #endif 248 250 -
trunk/WebKit/chromium/ChangeLog
r56825 r56829 1 2010-03-31 John Gregg <johnnyg@google.com> 2 3 Reviewed by Darin Fisher. 4 5 [chromium] add logging of cross-frame property accesses for site isolation 6 https://bugs.webkit.org/show_bug.cgi?id=35773 7 8 * public/WebFrameClient.h: 9 (WebKit::WebFrameClient::logCrossFramePropertyAccess): 10 * src/FrameLoaderClientImpl.cpp: 11 (WebKit::FrameLoaderClientImpl::logCrossFramePropertyAccess): 12 * src/FrameLoaderClientImpl.h: 13 1 14 2010-03-30 Gavin Barraclough <barraclough@apple.com> 2 15 -
trunk/WebKit/chromium/public/WebFrameClient.h
r56728 r56829 285 285 virtual void didCreateIsolatedScriptContext(WebFrame*) { } 286 286 287 // Notifies that a cross-frame access was made to a property that allows 288 // cross-origin access. 289 virtual void logCrossFramePropertyAccess(WebFrame* active, WebFrame* target, bool crossOrigin, const WebString& property, unsigned long long eventId) { } 290 287 291 288 292 // Geometry notifications ---------------------------------------------- -
trunk/WebKit/chromium/src/FrameLoaderClientImpl.cpp
r56825 r56829 1506 1506 } 1507 1507 1508 void FrameLoaderClientImpl::logCrossFramePropertyAccess(Frame* target, bool crossOrigin, const String& name, unsigned long long eventId) 1509 { 1510 m_webFrame->client()->logCrossFramePropertyAccess(m_webFrame, WebFrameImpl::fromFrame(target), crossOrigin, name, eventId); 1511 } 1512 1508 1513 } // namespace WebKit -
trunk/WebKit/chromium/src/FrameLoaderClientImpl.h
r56070 r56829 200 200 virtual void didNotAllowPlugins(); 201 201 202 virtual void logCrossFramePropertyAccess( 203 WebCore::Frame* target, 204 bool crossOrigin, 205 const WebCore::String& name, 206 unsigned long long eventId); 207 202 208 private: 203 209 void makeDocumentView();
Note: See TracChangeset
for help on using the changeset viewer.