SerializedScriptValue may move Identifiers between worlds
authoroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 8 Mar 2014 22:29:00 +0000 (22:29 +0000)
committeroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 8 Mar 2014 22:29:00 +0000 (22:29 +0000)
commit145e5323cfbbff05846c873e7132a48f272e8f72
tree54c5cb28f2489bb9e7838273d5189b84301aff7f
parent7253c1a22766fff41e22d1f98e960c397be0d27d
SerializedScriptValue may move Identifiers between worlds
https://bugs.webkit.org/show_bug.cgi?id=129979

Reviewed by Andreas Kling.

Source/WebCore:

Test: fast/workers/worker-copy-shared-blob-url.html

Don't use Strings to store blob URLs as String's may be Identifiers
and they can only exist in one world/thread at a time.

* Modules/indexeddb/IDBObjectStore.cpp:
(WebCore::IDBObjectStore::put):
* bindings/js/SerializedScriptValue.cpp:
(WebCore::CloneDeserializer::deserializeString):
(WebCore::SerializedScriptValue::addBlobURL):
(WebCore::SerializedScriptValue::SerializedScriptValue):
* bindings/js/SerializedScriptValue.h:

LayoutTests:

Add test cases

* fast/workers/resources/worker-copy-shared-blob-url-worker.js: Added.
(count.0.onmessage):
* fast/workers/worker-copy-shared-blob-url-expected.txt: Added.
* fast/workers/worker-copy-shared-blob-url.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@165339 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/fast/workers/resources/worker-copy-shared-blob-url-worker.js [new file with mode: 0644]
LayoutTests/fast/workers/worker-copy-shared-blob-url-expected.txt [new file with mode: 0644]
LayoutTests/fast/workers/worker-copy-shared-blob-url.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/Modules/indexeddb/IDBObjectStore.cpp
Source/WebCore/bindings/js/SerializedScriptValue.cpp
Source/WebCore/bindings/js/SerializedScriptValue.h