Changeset 86837 in webkit
- Timestamp:
- May 19, 2011 4:47:02 AM (13 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 13 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r86834 r86837 1 2011-05-18 Yury Semikhatsky <yurys@chromium.org> 2 3 Reviewed by Pavel Feldman. 4 5 InjectedScriptSource.js - "Don't be eval()." 6 https://bugs.webkit.org/show_bug.cgi?id=60800 7 8 * inspector/console/console-eval-blocked-expected.txt: Added. 9 * inspector/console/console-eval-blocked.html: Added. 10 1 11 2011-05-19 Chang Shu <cshu@webkit.org> 2 12 -
trunk/Source/JavaScriptCore/JavaScriptCore.exp
r86727 r86837 156 156 __ZN3JSC13StatementNode6setLocEii 157 157 __ZN3JSC14JSGlobalObject10globalExecEv 158 __ZN3JSC14JSGlobalObject11disableEvalEv159 158 __ZN3JSC14JSGlobalObject12defineGetterEPNS_9ExecStateERKNS_10IdentifierEPNS_8JSObjectEj 160 159 __ZN3JSC14JSGlobalObject12defineSetterEPNS_9ExecStateERKNS_10IdentifierEPNS_8JSObjectEj -
trunk/Source/JavaScriptCore/JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def
r86727 r86837 153 153 ?detachThread@WTF@@YAXI@Z 154 154 ?didTimeOut@TimeoutChecker@JSC@@QAE_NPAVExecState@2@@Z 155 ?disableEval@JSGlobalObject@JSC@@QAEXXZ156 155 ?dtoa@WTF@@YAXQADNAA_NAAHAAI@Z 157 156 ?dumpSampleData@JSGlobalData@JSC@@QAEXPAVExecState@2@@Z -
trunk/Source/JavaScriptCore/runtime/Executable.cpp
r86499 r86837 103 103 JSGlobalData* globalData = &exec->globalData(); 104 104 JSGlobalObject* lexicalGlobalObject = exec->lexicalGlobalObject(); 105 if (!lexicalGlobalObject-> isEvalEnabled())105 if (!lexicalGlobalObject->evalEnabled()) 106 106 return throwError(exec, createEvalError(exec, "Eval is disabled")); 107 107 RefPtr<EvalNode> evalNode = globalData->parser->parse<EvalNode>(lexicalGlobalObject, lexicalGlobalObject->debugger(), exec, m_source, 0, isStrictMode() ? JSParseStrict : JSParseNormal, &exception); -
trunk/Source/JavaScriptCore/runtime/FunctionConstructor.cpp
r86100 r86837 75 75 JSObject* constructFunction(ExecState* exec, JSGlobalObject* globalObject, const ArgList& args, const Identifier& functionName, const UString& sourceURL, int lineNumber) 76 76 { 77 if (!globalObject-> isEvalEnabled())77 if (!globalObject->evalEnabled()) 78 78 return throwError(exec, createEvalError(exec, "Function constructor is disabled")); 79 79 return constructFunctionSkippingEvalEnabledCheck(exec, globalObject, args, functionName, sourceURL, lineNumber); -
trunk/Source/JavaScriptCore/runtime/JSGlobalObject.cpp
r86727 r86837 377 377 } 378 378 379 void JSGlobalObject::disableEval()380 {381 ASSERT(m_isEvalEnabled);382 m_isEvalEnabled = false;383 }384 385 379 void JSGlobalObject::copyGlobalsFrom(RegisterFile& registerFile) 386 380 { -
trunk/Source/JavaScriptCore/runtime/JSGlobalObject.h
r86785 r86837 120 120 SymbolTable m_symbolTable; 121 121 122 bool m_ isEvalEnabled;122 bool m_evalEnabled; 123 123 124 124 public: … … 130 130 , m_globalScopeChain() 131 131 , m_weakRandom(static_cast<unsigned>(randomNumber() * (std::numeric_limits<unsigned>::max() + 1.0))) 132 , m_ isEvalEnabled(true)132 , m_evalEnabled(true) 133 133 { 134 134 COMPILE_ASSERT(JSGlobalObject::AnonymousSlotCount == 1, JSGlobalObject_has_only_a_single_slot); … … 145 145 , m_globalScopeChain() 146 146 , m_weakRandom(static_cast<unsigned>(randomNumber() * (std::numeric_limits<unsigned>::max() + 1.0))) 147 , m_ isEvalEnabled(true)147 , m_evalEnabled(true) 148 148 { 149 149 COMPILE_ASSERT(JSGlobalObject::AnonymousSlotCount == 1, JSGlobalObject_has_only_a_single_slot); … … 236 236 virtual bool isDynamicScope(bool& requiresDynamicChecks) const; 237 237 238 void disableEval();239 bool isEvalEnabled() { return m_isEvalEnabled; }238 void setEvalEnabled(bool enabled) { m_evalEnabled = enabled; } 239 bool evalEnabled() { return m_evalEnabled; } 240 240 241 241 void copyGlobalsFrom(RegisterFile&); -
trunk/Source/WebCore/ChangeLog
r86836 r86837 1 2011-05-18 Yury Semikhatsky <yurys@chromium.org> 2 3 Reviewed by Pavel Feldman. 4 5 InjectedScriptSource.js - "Don't be eval()." 6 https://bugs.webkit.org/show_bug.cgi?id=60800 7 8 Thanks to Adam Barth for providing JSC implementation! 9 10 InjectedScriptHost.evaluate is used to perform script evaluations for 11 inspector needs. This method is not affected by CSP and should fix inspector 12 on pages with CSP restrictions. 13 14 Test: inspector/console/console-eval-blocked.html 15 16 * bindings/js/JSInjectedScriptHostCustom.cpp: 17 (WebCore::JSInjectedScriptHost::evaluate): 18 * bindings/v8/custom/V8InjectedScriptHostCustom.cpp: 19 (WebCore::V8InjectedScriptHost::evaluateCallback): 20 (WebCore::V8InjectedScriptHost::inspectedNodeCallback): 21 * inspector/InjectedScriptHost.idl: 22 * inspector/InjectedScriptSource.js: 23 (.): 24 1 25 2011-05-19 Pavel Feldman <pfeldman@google.com> 2 26 -
trunk/Source/WebCore/bindings/js/JSInjectedScriptHostCustom.cpp
r85724 r86837 54 54 #endif 55 55 #include <runtime/DateInstance.h> 56 #include <runtime/Error.h> 56 57 #include <runtime/JSArray.h> 58 #include <runtime/JSFunction.h> 57 59 #include <runtime/JSLock.h> 58 60 #include <runtime/RegExpObject.h> … … 73 75 JSLock lock(SilenceAssertionsOnly); 74 76 return ScriptValue(state->globalData(), toJS(state, deprecatedGlobalObjectForPrototype(state), node)); 77 } 78 79 JSValue JSInjectedScriptHost::evaluate(ExecState* exec) 80 { 81 JSValue expression = exec->argument(0); 82 if (!expression.isString()) 83 return throwError(exec, createError(exec, "String argument expected.")); 84 JSGlobalObject* globalObject = exec->lexicalGlobalObject(); 85 JSFunction* evalFunction = globalObject->evalFunction(); 86 CallData callData; 87 CallType callType = evalFunction->getCallData(callData); 88 if (callType == CallTypeNone) 89 return jsUndefined(); 90 MarkedArgumentBuffer args; 91 args.append(expression); 92 93 bool wasEvalEnabled = globalObject->evalEnabled(); 94 globalObject->setEvalEnabled(true); 95 JSValue result = JSC::call(exec, evalFunction, callType, callData, exec->globalThisValue(), args); 96 globalObject->setEvalEnabled(wasEvalEnabled); 97 98 return result; 75 99 } 76 100 -
trunk/Source/WebCore/bindings/js/ScriptController.cpp
r85442 r86837 241 241 void ScriptController::disableEval() 242 242 { 243 windowShell(mainThreadNormalWorld())->window()-> disableEval();243 windowShell(mainThreadNormalWorld())->window()->setEvalEnabled(false); 244 244 } 245 245 -
trunk/Source/WebCore/bindings/v8/custom/V8InjectedScriptHostCustom.cpp
r85722 r86837 66 66 } 67 67 68 v8::Handle<v8::Value> V8InjectedScriptHost::evaluateCallback(const v8::Arguments& args) 69 { 70 INC_STATS("InjectedScriptHost.evaluate()"); 71 if (args.Length() < 1) 72 return v8::ThrowException(v8::Exception::Error(v8::String::New("One argument expected."))); 73 74 v8::Handle<v8::String> expression = args[0]->ToString(); 75 if (expression.IsEmpty()) 76 return v8::ThrowException(v8::Exception::Error(v8::String::New("The argument must be a string."))); 77 78 v8::Handle<v8::Script> script = v8::Script::Compile(expression); 79 return script->Run(); 80 } 81 68 82 v8::Handle<v8::Value> V8InjectedScriptHost::inspectedNodeCallback(const v8::Arguments& args) 69 83 { … … 73 87 74 88 InjectedScriptHost* host = V8InjectedScriptHost::toNative(args.Holder()); 75 89 76 90 Node* node = host->inspectedNode(args[0]->ToInt32()->Value()); 77 91 if (!node) -
trunk/Source/WebCore/inspector/InjectedScriptHost.idl
r85722 r86837 35 35 void clearConsoleMessages(); 36 36 37 [Custom] DOMObject evaluate(in DOMString text); 38 37 39 void copyText(in DOMString text); 38 40 [Custom] void inspect(in DOMObject objectId, in DOMObject hints); -
trunk/Source/WebCore/inspector/InjectedScriptSource.js
r86836 r86837 117 117 _parseObjectId: function(objectId) 118 118 { 119 return eval("(" + objectId + ")");119 return InjectedScriptHost.evaluate("(" + objectId + ")"); 120 120 }, 121 121 … … 132 132 dispatch: function(methodName, args) 133 133 { 134 var argsArray = eval("(" + args + ")");134 var argsArray = InjectedScriptHost.evaluate("(" + args + ")"); 135 135 var result = this[methodName].apply(this, argsArray); 136 136 if (typeof result === "undefined") { … … 200 200 // not call frame while on a breakpoint. 201 201 // TODO: bring evaluation against call frame back. 202 var result = inspectedWindow.eval("(" + expression + ")");202 var result = InjectedScriptHost.evaluate("(" + expression + ")"); 203 203 // Store the result in the property. 204 204 object[propertyName] = result; 205 205 } catch(e) { 206 206 try { 207 var result = inspectedWindow.eval("\"" + expression.replace(/"/g, "\\\"") + "\"");207 var result = InjectedScriptHost.evaluate("\"" + expression.replace(/"/g, "\\\"") + "\""); 208 208 object[propertyName] = result; 209 209 } catch(e) { … … 246 246 evaluate: function(expression, objectGroup, injectCommandLineAPI) 247 247 { 248 return this._evaluateAndWrap( inspectedWindow.eval, inspectedWindow, expression, objectGroup, false, injectCommandLineAPI);248 return this._evaluateAndWrap(InjectedScriptHost.evaluate, InjectedScriptHost, expression, objectGroup, false, injectCommandLineAPI); 249 249 }, 250 250 … … 316 316 _callFrameForId: function(topCallFrame, callFrameId) 317 317 { 318 var parsedCallFrameId = eval("(" + callFrameId + ")");318 var parsedCallFrameId = InjectedScriptHost.evaluate("(" + callFrameId + ")"); 319 319 var ordinal = parsedCallFrameId.ordinal; 320 320 var callFrame = topCallFrame;
Note: See TracChangeset
for help on using the changeset viewer.