Changeset 92122 in webkit

Timestamp:

Aug 1, 2011 4:42:43 AM (13 years ago)

Author:

yurys@chromium.org

Message:

Web Inspector: typing an expression in an iframe leads to multiple "Unsafe JavaScript attempt to access frame..." errors
​https://bugs.webkit.org/show_bug.cgi?id=65457

Source/WebCore:

Console completions are now done using evaluation which returns a JSON object with all property names rather than a remote
object. Also Runtime.evaluate and Runtime.callFunctionOn commands were extended with an optional parameter that allows to
get result as JSON value.

Reviewed by Pavel Feldman.

Test: http/tests/inspector/console-cd-completions.html

• inspector/InjectedScript.cpp:

(WebCore::InjectedScript::evaluate):
(WebCore::InjectedScript::callFunctionOn):

• inspector/InjectedScript.h:
• inspector/InjectedScriptSource.js:

(.):
():

• inspector/Inspector.json:
• inspector/InspectorRuntimeAgent.cpp:

(WebCore::asBool):
(WebCore::InspectorRuntimeAgent::evaluate):
(WebCore::InspectorRuntimeAgent::callFunctionOn):

• inspector/InspectorRuntimeAgent.h:
• inspector/front-end/ConsoleView.js:

(WebInspector.ConsoleView.prototype._completions.evaluated.getCompletions):
(WebInspector.ConsoleView.prototype._completions.evaluated):
(WebInspector.ConsoleView.prototype._completions.receivedPropertySet):
(WebInspector.ConsoleView.prototype._completions):
(WebInspector.ConsoleView.prototype.evalInInspectedWindow):

• inspector/front-end/RemoteObject.js:

(WebInspector.RemoteObject):
(WebInspector.RemoteObject.prototype.callFunction):
(WebInspector.RemoteObject.prototype.callFunctionJSON):

• inspector/front-end/WatchExpressionsSidebarPane.js:

(WebInspector.WatchExpressionsSection.prototype.update):

LayoutTests:

Reviewed by Pavel Feldman.

• http/tests/inspector/console-cd-completions-expected.txt: Added.
• http/tests/inspector/console-cd-completions.html: Added.
• http/tests/inspector/resources/console-cd-completions-iframe.html: Added.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/http/tests/inspector/console-cd-completions-expected.txt (added)
• LayoutTests/http/tests/inspector/console-cd-completions.html (added)
• LayoutTests/http/tests/inspector/resources/console-cd-completions-iframe.html (added)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/inspector/InjectedScript.cpp (modified) (3 diffs)
• Source/WebCore/inspector/InjectedScript.h (modified) (1 diff)
• Source/WebCore/inspector/InjectedScriptSource.js (modified) (6 diffs)
• Source/WebCore/inspector/Inspector.json (modified) (3 diffs)
• Source/WebCore/inspector/InspectorRuntimeAgent.cpp (modified) (6 diffs)
• Source/WebCore/inspector/InspectorRuntimeAgent.h (modified) (1 diff)
• Source/WebCore/inspector/front-end/ConsoleView.js (modified) (5 diffs)
• Source/WebCore/inspector/front-end/RemoteObject.js (modified) (1 diff)
• Source/WebCore/inspector/front-end/WatchExpressionsSidebarPane.js (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2011-08-01  Yury Semikhatsky  <yurys@chromium.org>
+
+        Web Inspector: typing an expression in an iframe leads to multiple "Unsafe JavaScript attempt to access frame..." errors
+        https://bugs.webkit.org/show_bug.cgi?id=65457
+
+        Reviewed by Pavel Feldman.
+
+        * http/tests/inspector/console-cd-completions-expected.txt: Added.
+        * http/tests/inspector/console-cd-completions.html: Added.
+        * http/tests/inspector/resources/console-cd-completions-iframe.html: Added.
+
 2011-08-01  Tony Gentilcore  <tonyg@chromium.org>
 

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2011-08-01  Yury Semikhatsky  <yurys@chromium.org>
+
+        Web Inspector: typing an expression in an iframe leads to multiple "Unsafe JavaScript attempt to access frame..." errors
+        https://bugs.webkit.org/show_bug.cgi?id=65457
+
+        Console completions are now done using evaluation which returns a JSON object with all property names rather than a remote
+        object. Also Runtime.evaluate and Runtime.callFunctionOn commands were extended with an optional parameter that allows to
+        get result as JSON value.
+
+        Reviewed by Pavel Feldman.
+
+        Test: http/tests/inspector/console-cd-completions.html
+
+        * inspector/InjectedScript.cpp:
+        (WebCore::InjectedScript::evaluate):
+        (WebCore::InjectedScript::callFunctionOn):
+        * inspector/InjectedScript.h:
+        * inspector/InjectedScriptSource.js:
+        (.):
+        ():
+        * inspector/Inspector.json:
+        * inspector/InspectorRuntimeAgent.cpp:
+        (WebCore::asBool):
+        (WebCore::InspectorRuntimeAgent::evaluate):
+        (WebCore::InspectorRuntimeAgent::callFunctionOn):
+        * inspector/InspectorRuntimeAgent.h:
+        * inspector/front-end/ConsoleView.js:
+        (WebInspector.ConsoleView.prototype._completions.evaluated.getCompletions):
+        (WebInspector.ConsoleView.prototype._completions.evaluated):
+        (WebInspector.ConsoleView.prototype._completions.receivedPropertySet):
+        (WebInspector.ConsoleView.prototype._completions):
+        (WebInspector.ConsoleView.prototype.evalInInspectedWindow):
+        * inspector/front-end/RemoteObject.js:
+        (WebInspector.RemoteObject):
+        (WebInspector.RemoteObject.prototype.callFunction):
+        (WebInspector.RemoteObject.prototype.callFunctionJSON):
+        * inspector/front-end/WatchExpressionsSidebarPane.js:
+        (WebInspector.WatchExpressionsSection.prototype.update):
+
 2011-08-01  Mihnea Ovidenie  <mihnea@adobe.com>
 

trunk/Source/WebCore/inspector/InjectedScript.cpp

@@ -55 +55 @@
 }
 
-void InjectedScript::evaluate(ErrorString* errorString, const String& expression, const String& objectGroup, bool includeCommandLineAPI, RefPtr<InspectorObject>* result, bool* wasThrown)
+void InjectedScript::evaluate(ErrorString* errorString, const String& expression, const String& objectGroup, bool includeCommandLineAPI, bool sendResultByValue, RefPtr<InspectorObject>* result, bool* wasThrown)
 {
     ScriptFunctionCall function(m_injectedScriptObject, "evaluate");
@@ -61 +61 @@
     function.appendArgument(objectGroup);
     function.appendArgument(includeCommandLineAPI);
+    function.appendArgument(sendResultByValue);
     makeEvalCall(errorString, function, result, wasThrown);
 }
 
-void InjectedScript::callFunctionOn(ErrorString* errorString, const String& objectId, const String& expression, const String& arguments, RefPtr<InspectorObject>* result, bool* wasThrown)
+void InjectedScript::callFunctionOn(ErrorString* errorString, const String& objectId, const String& expression, const String& arguments, bool sendResultByValue, RefPtr<InspectorObject>* result, bool* wasThrown)
 {
     ScriptFunctionCall function(m_injectedScriptObject, "callFunctionOn");
@@ -70 +71 @@
     function.appendArgument(expression);
     function.appendArgument(arguments);
+    function.appendArgument(sendResultByValue);
     makeEvalCall(errorString, function, result, wasThrown);
 }

trunk/Source/WebCore/inspector/InjectedScript.h

@@ -56 +56 @@
     bool hasNoValue() const { return m_injectedScriptObject.hasNoValue(); }
 
-    void evaluate(ErrorString*, const String& expression, const String& objectGroup, bool includeCommandLineAPI, RefPtr<InspectorObject>* result, bool* wasThrown);
-    void callFunctionOn(ErrorString*, const String& objectId, const String& expression, const String& arguments, RefPtr<InspectorObject>* result, bool* wasThrown);
+    void evaluate(ErrorString*,
+                  const String& expression,
+                  const String& objectGroup,
+                  bool includeCommandLineAPI,
+                  bool sendResultByValue,
+                  RefPtr<InspectorObject>* result,
+                  bool* wasThrown);
+    void callFunctionOn(ErrorString*,
+                        const String& objectId,
+                        const String& expression,
+                        const String& arguments,
+                        bool sendResultByValue,
+                        RefPtr<InspectorObject>* result,
+                        bool* wasThrown);
     void evaluateOnCallFrame(ErrorString*, const ScriptValue& callFrames, const String& callFrameId, const String& expression, const String& objectGroup, bool includeCommandLineAPI, RefPtr<InspectorObject>* result, bool* wasThrown);
     void getProperties(ErrorString*, const String& objectId, bool ignoreHasOwnProperty, RefPtr<InspectorArray>* result);

trunk/Source/WebCore/inspector/InjectedScriptSource.js

@@ -109 +109 @@
 
     // This method cannot throw.
-    _wrapObject: function(object, objectGroupName)
+    _wrapObject: function(object, objectGroupName, forceValueType)
     {
         try {
-            return new InjectedScript.RemoteObject(object, objectGroupName);
+            return new InjectedScript.RemoteObject(object, objectGroupName, forceValueType);
         } catch (e) {
             try {
@@ -184 +184 @@
             var propertyName = propertyNames[i];
 
-            var getter = object["__lookupGetter__"] && object.__lookupGetter__(propertyName);
-            var setter = object["__lookupSetter__"] && object.__lookupSetter__(propertyName);
+            var getter = (typeof object["__lookupGetter__"] === "function") && object.__lookupGetter__(propertyName);
+            var setter = (typeof object["__lookupSetter__"] === "function") && object.__lookupSetter__(propertyName);
             if (getter || setter) {
                 if (getter) {
@@ -247 +247 @@
     },
 
-    evaluate: function(expression, objectGroup, injectCommandLineAPI)
-    {
-        return this._evaluateAndWrap(InjectedScriptHost.evaluate, InjectedScriptHost, expression, objectGroup, false, injectCommandLineAPI);
-    },
-
-    callFunctionOn: function(objectId, expression, args)
+    evaluate: function(expression, objectGroup, injectCommandLineAPI, sendResultByValue)
+    {
+        return this._evaluateAndWrap(InjectedScriptHost.evaluate, InjectedScriptHost, expression, objectGroup, false, injectCommandLineAPI, sendResultByValue);
+    },
+
+    callFunctionOn: function(objectId, expression, args, sendResultByValue)
     {
         var parsedObjectId = this._parseObjectId(objectId);
@@ -288 +288 @@
 
             return { wasThrown: false,
-                     result: this._wrapObject(func.apply(object, resolvedArgs), objectGroup) };
+                     result: this._wrapObject(func.apply(object, resolvedArgs), objectGroup, sendResultByValue) };
         } catch (e) {
             return { wasThrown: true,
@@ -295 +295 @@
     },
 
-    _evaluateAndWrap: function(evalFunction, object, expression, objectGroup, isEvalOnCallFrame, injectCommandLineAPI)
+    _evaluateAndWrap: function(evalFunction, object, expression, objectGroup, isEvalOnCallFrame, injectCommandLineAPI, sendResultByValue)
     {
         try {
             return { wasThrown: false,
-                     result: this._wrapObject(this._evaluateOn(evalFunction, object, expression, isEvalOnCallFrame, injectCommandLineAPI), objectGroup) };
+                     result: this._wrapObject(this._evaluateOn(evalFunction, object, expression, isEvalOnCallFrame, injectCommandLineAPI), objectGroup, sendResultByValue) };
         } catch (e) {
             return { wasThrown: true,
@@ -451 +451 @@
 var injectedScript = new InjectedScript();
 
-InjectedScript.RemoteObject = function(object, objectGroupName)
+InjectedScript.RemoteObject = function(object, objectGroupName, forceValueType)
 {
     this.type = typeof object;
-    if (injectedScript.isPrimitiveValue(object) || object === null) {
+    if (injectedScript.isPrimitiveValue(object) || object === null || forceValueType) {
 
         // We don't send undefined values over JSON.

trunk/Source/WebCore/inspector/Inspector.json

@@ -231 +231 @@
                     { "name": "subtype", "type": "string", "optional": true, "enum": ["array", "null", "node", "regexp", "date"], "description": "Object subtype hint. Specified for <code>object</code> type values only." },
                     { "name": "className", "type": "string", "optional": true, "description": "Object class (constructor) name. Specified for <code>object</code> type values only." },
-                    { "name": "value", "type": "any", "optional": true, "description": "Remote object value (in case of primitive values)." },
+                    { "name": "value", "type": "any", "optional": true, "description": "Remote object value (in case of primitive values or JSON values if it was requested)." },
                     { "name": "description", "type": "string", "optional": true, "description": "String representation of the object." },
                     { "name": "objectId", "$ref": "RemoteObjectId", "optional": true, "description": "Unique object identifier (for non-primitive values)." }
@@ -264 +264 @@
                     { "name": "includeCommandLineAPI", "type": "boolean", "optional": true, "description": "Determines whether Command Line API should be available during the evaluation." },
                     { "name": "doNotPauseOnExceptions", "type": "boolean", "optional": true, "description": "Specifies whether evaluation should stop on exceptions. Overrides setPauseOnException state." },
-                    { "name": "frameId", "type": "string", "optional": true, "description": "Specifies in which frame to perform evaluation." }
+                    { "name": "frameId", "type": "string", "optional": true, "description": "Specifies in which frame to perform evaluation." },
+                    { "name": "sendResultByValue", "type": "boolean", "optional": true, "description": "Whether the result is expected to be a JSON object which should be sent by value." }
                 ],
                 "returns": [
@@ -277 +278 @@
                     { "name": "objectId", "$ref": "RemoteObjectId", "description": "Identifier of the object to call function on." },
                     { "name": "functionDeclaration", "type": "string", "description": "Declaration of the function to call." },
-                    { "name": "arguments", "type": "array", "items": { "$ref": "CallArgument", "description": "Call argument." }, "optional": true, "description": "Call arguments. All call arguments must belong to the same JavaScript world as the target object." }
+                    { "name": "arguments", "type": "array", "items": { "$ref": "CallArgument", "description": "Call argument." }, "optional": true, "description": "Call arguments. All call arguments must belong to the same JavaScript world as the target object." },
+                    { "name": "sendResultByValue", "type": "boolean", "optional": true, "description": "Whether the result is expected to be a JSON object which should be sent by value." }
                 ],
                 "returns": [

trunk/Source/WebCore/inspector/InspectorRuntimeAgent.cpp

@@ -46 +46 @@
 namespace WebCore {
 
+static bool asBool(const bool* const b)
+{
+    return b ? *b : false;
+}
+
 InspectorRuntimeAgent::InspectorRuntimeAgent(InjectedScriptManager* injectedScriptManager)
     : m_injectedScriptManager(injectedScriptManager)
@@ -58 +63 @@
 }
 
-void InspectorRuntimeAgent::evaluate(ErrorString* errorString, const String& expression, const String* const objectGroup, const bool* const includeCommandLineAPI, const bool* const doNotPauseOnExceptions, const String* const frameId, RefPtr<InspectorObject>* result, bool* wasThrown)
+void InspectorRuntimeAgent::evaluate(ErrorString* errorString, const String& expression, const String* const objectGroup, const bool* const includeCommandLineAPI, const bool* const doNotPauseOnExceptions, const String* const frameId, const bool* const sendResultByValue, RefPtr<InspectorObject>* result, bool* wasThrown)
 {
     ScriptState* scriptState = 0;
@@ -78 +83 @@
     bool pauseStateChanged = false;
     ScriptDebugServer::PauseOnExceptionsState presentState = m_scriptDebugServer->pauseOnExceptionsState();
-    if (doNotPauseOnExceptions && *doNotPauseOnExceptions && presentState != ScriptDebugServer::DontPauseOnExceptions) {
+    if (asBool(doNotPauseOnExceptions) && presentState != ScriptDebugServer::DontPauseOnExceptions) {
         m_scriptDebugServer->setPauseOnExceptionsState(ScriptDebugServer::DontPauseOnExceptions);
         pauseStateChanged = true;
@@ -84 +89 @@
 #endif
 
-    injectedScript.evaluate(errorString, expression, objectGroup ? *objectGroup : "", includeCommandLineAPI ? *includeCommandLineAPI : false, result, wasThrown);
+    injectedScript.evaluate(errorString, expression, objectGroup ? *objectGroup : "", asBool(includeCommandLineAPI), asBool(sendResultByValue), result, wasThrown);
 
 #if ENABLE(JAVASCRIPT_DEBUGGER)
@@ -92 +97 @@
 }
 
-void InspectorRuntimeAgent::callFunctionOn(ErrorString* errorString, const String& objectId, const String& expression, const RefPtr<InspectorArray>* const optionalArguments, RefPtr<InspectorObject>* result, bool* wasThrown)
+void InspectorRuntimeAgent::callFunctionOn(ErrorString* errorString, const String& objectId, const String& expression, const RefPtr<InspectorArray>* const optionalArguments, const bool* const sendResultByValue, RefPtr<InspectorObject>* result, bool* wasThrown)
 {
     InjectedScript injectedScript = m_injectedScriptManager->injectedScriptForObjectId(objectId);
@@ -102 +107 @@
     if (optionalArguments)
         arguments = (*optionalArguments)->toJSONString();
-    injectedScript.callFunctionOn(errorString, objectId, expression, arguments, result, wasThrown);
+    injectedScript.callFunctionOn(errorString, objectId, expression, arguments, asBool(sendResultByValue), result, wasThrown);
 }
 

trunk/Source/WebCore/inspector/InspectorRuntimeAgent.h

@@ -54 +54 @@
 
     // Part of the protocol.
-    void evaluate(ErrorString*, const String& expression, const String* const objectGroup, const bool* const includeCommandLineAPI, const bool* const doNotPauseOnExceptions, const String* const frameId, RefPtr<InspectorObject>* result, bool* wasThrown);
-    void callFunctionOn(ErrorString*, const String& objectId, const String& expression, const RefPtr<InspectorArray>* const optionalArguments, RefPtr<InspectorObject>* result, bool* wasThrown);
+    void evaluate(ErrorString*,
+                  const String& expression,
+                  const String* const objectGroup,
+                  const bool* const includeCommandLineAPI,
+                  const bool* const doNotPauseOnExceptions,
+                  const String* const frameId,
+                  const bool* const sendResultByValue,
+                  RefPtr<InspectorObject>* result,
+                  bool* wasThrown);
+    void callFunctionOn(ErrorString*,
+                        const String& objectId,
+                        const String& expression,
+                        const RefPtr<InspectorArray>* const optionalArguments,
+                        const bool* const sendResultByValue,
+                        RefPtr<InspectorObject>* result,
+                        bool* wasThrown);
     void releaseObject(ErrorString*, const String& objectId);
     void getProperties(ErrorString*, const String& objectId, bool ignoreHasOwnProperty, RefPtr<InspectorArray>* result);

trunk/Source/WebCore/inspector/front-end/ConsoleView.js

@@ -409 +409 @@
             WebInspector.panels.scripts.getSelectedCallFrameVariables(reportCompletions.bind(this));
         else
-            this.evalInInspectedWindow(expressionString, "completion", true, true, evaluated.bind(this));
+            this.evalInInspectedWindow(expressionString, "completion", true, true, undefined, evaluated.bind(this));
 
         function evaluated(result, wasThrown)
@@ -415 +415 @@
             if (wasThrown)
                 return;
-            result.getAllProperties(evaluatedProperties.bind(this));
-        }
-
-        function evaluatedProperties(properties)
+            var getCompletions = function()
+            {
+                var resultSet = {};
+                for (var o = this; o; o = o.__proto__) {
+                    try {
+                        var names = Object.getOwnPropertyNames(o);
+                        for (var i = 0; i < names.length; ++i)
+                            resultSet[names[i]] = true;
+                    } catch (e) {
+                    }
+                }
+                return resultSet;
+            }
+            result.callFunctionJSON(getCompletions, receivedPropertyNames.bind(this));
+        }
+
+        function receivedPropertyNames(propertyNames)
         {
             RuntimeAgent.releaseObjectGroup("completion");
-            var propertyNames = {};
-            for (var i = 0; properties && i < properties.length; ++i)
-                propertyNames[properties[i].name] = true;
-            reportCompletions.call(this, propertyNames);
-        }
-
-        function reportCompletions(propertyNames)
-        {
+            if (!propertyNames)
+                return;
             var includeCommandLineAPI = (!dotNotation && !bracketNotation);
             if (includeCommandLineAPI) {
@@ -596 +603 @@
     },
 
-    evalInInspectedWindow: function(expression, objectGroup, includeCommandLineAPI, doNotPauseOnExceptions, callback)
+    evalInInspectedWindow: function(expression, objectGroup, includeCommandLineAPI, doNotPauseOnExceptions, evalAsJSONValue, callback)
     {
         if (WebInspector.panels.scripts && WebInspector.panels.scripts.paused) {
@@ -613 +620 @@
                 callback(WebInspector.RemoteObject.fromPayload(result), wasThrown);
         }
-        RuntimeAgent.evaluate(expression, objectGroup, includeCommandLineAPI, doNotPauseOnExceptions, this._currentEvaluationContextId(), evalCallback);
+        RuntimeAgent.evaluate(expression, objectGroup, includeCommandLineAPI, doNotPauseOnExceptions, this._currentEvaluationContextId(), evalAsJSONValue, evalCallback);
     },
 
@@ -644 +651 @@
             self.addMessage(new WebInspector.ConsoleCommandResult(result, wasThrown, commandMessage));
         }
-        this.evalInInspectedWindow(str, "console", true, undefined, printResult);
+        this.evalInInspectedWindow(str, "console", true, undefined, undefined, printResult);
 
         WebInspector.userMetrics.ConsoleEvaluated.record();

trunk/Source/WebCore/inspector/front-end/RemoteObject.js

@@ -195 +195 @@
         }
 
-        RuntimeAgent.callFunctionOn(this._objectId, functionDeclaration.toString(), undefined, mycallback);
+        RuntimeAgent.callFunctionOn(this._objectId, functionDeclaration.toString(), undefined, undefined, mycallback);
+    },
+
+    callFunctionJSON: function(functionDeclaration, callback)
+    {
+        function mycallback(error, result, wasThrown)
+        {
+            callback((error || wasThrown) ? null : result.value);
+        }
+
+        RuntimeAgent.callFunctionOn(this._objectId, functionDeclaration.toString(), undefined, true, mycallback);
     },
 

trunk/Source/WebCore/inspector/front-end/WatchExpressionsSidebarPane.js

@@ -160 +160 @@
                 continue;
 
-            WebInspector.console.evalInInspectedWindow(expression, this._watchObjectGroupId, false, true, appendResult.bind(this, expression, i));
+            WebInspector.console.evalInInspectedWindow(expression, this._watchObjectGroupId, false, true, undefined, appendResult.bind(this, expression, i));
         }