Refactor V8 bindings to allow content scripts to access subframes
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 26 Nov 2012 22:24:31 +0000 (22:24 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 26 Nov 2012 22:24:31 +0000 (22:24 +0000)
https://bugs.webkit.org/show_bug.cgi?id=93646

Patch by Dan Carney <dcarney@google.com> on 2012-11-26
Reviewed by Adam Barth.

Source/WebCore:

Isolated window shells are now initialized on the fly
as needed.

No new tests. Existing test modified.

* bindings/v8/DOMWrapperWorld.cpp:
(WebCore::DOMWrapperWorld::ensureIsolatedWorld):
* bindings/v8/DOMWrapperWorld.h:
(WebCore::DOMWrapperWorld::createdFromUnitializedWorld):
(DOMWrapperWorld):
* bindings/v8/ScriptController.cpp:
(WebCore::ScriptController::currentWorldContext):

LayoutTests:

Test modified to check isolated world access across frames.

* http/tests/security/isolatedWorld/world-reuse-expected.txt:
* http/tests/security/isolatedWorld/world-reuse.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@135765 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/http/tests/security/isolatedWorld/world-reuse-expected.txt
LayoutTests/http/tests/security/isolatedWorld/world-reuse.html
Source/WebCore/ChangeLog
Source/WebCore/bindings/v8/DOMWrapperWorld.cpp
Source/WebCore/bindings/v8/DOMWrapperWorld.h
Source/WebCore/bindings/v8/ScriptController.cpp

index 0ce8f82..a4fab0c 100644 (file)
@@ -1,3 +1,15 @@
+2012-11-26  Dan Carney  <dcarney@google.com>
+
+        Refactor V8 bindings to allow content scripts to access subframes
+        https://bugs.webkit.org/show_bug.cgi?id=93646
+
+        Reviewed by Adam Barth.
+
+        Test modified to check isolated world access across frames.
+
+        * http/tests/security/isolatedWorld/world-reuse-expected.txt:
+        * http/tests/security/isolatedWorld/world-reuse.html:
+
 2012-11-26  Tony Chang  <tony@chromium.org>
 
         Move more functions from internals.settings to internals
index 22717cc..ae16eff 100644 (file)
@@ -2,6 +2,8 @@
 Expecting undefined: undefined
 Expecting bar: bar
 Expecting undefined: undefined
+Expecting true: true
+Expecting true: true
 Expecting undefined,undefined: undefined,undefined
 Expecting undefined,undefined: undefined,undefined
 
index 61aec91..7a39cc0 100644 (file)
@@ -30,10 +30,22 @@ if (window.testRunner) {
   document.body.insertBefore(iframe, document.body.firstChild);
   document.body.insertBefore(document.createElement("br"), iframe.nextSibling);
   var iframeComplete = function(result) {
+
+    // Isolated world executing in frame should be able to to access parent content.
+    testRunner.evaluateScriptInIsolatedWorld(1,
+      "parent.document.body.appendChild(parent.document.createTextNode('Expecting true: ' + (parent.frames[0].document == this.document)));" +
+      "parent.document.body.appendChild(parent.document.createElement('br'));");
+
     document.body.appendChild(document.createTextNode('Expecting undefined,undefined: ' + result));
     document.body.appendChild(document.createElement('br'));
     reloadFrame();
   }
+
+  // Isolated world executing in window should be able to to access frame content.
+  testRunner.evaluateScriptInIsolatedWorld(1,
+    "document.body.appendChild(document.createTextNode('Expecting true: ' + !!frames[0].document));" +
+    "document.body.appendChild(document.createElement('br'));");
+
   iframe.src = "resources/iframe.html";
   
   // Also, navigating a single frame should not result in sharing variables.
index 5eadbbd..f52ce1a 100644 (file)
@@ -1,3 +1,23 @@
+2012-11-26  Dan Carney  <dcarney@google.com>
+
+        Refactor V8 bindings to allow content scripts to access subframes
+        https://bugs.webkit.org/show_bug.cgi?id=93646
+
+        Reviewed by Adam Barth.
+
+        Isolated window shells are now initialized on the fly
+        as needed.
+
+        No new tests. Existing test modified.
+
+        * bindings/v8/DOMWrapperWorld.cpp:
+        (WebCore::DOMWrapperWorld::ensureIsolatedWorld):
+        * bindings/v8/DOMWrapperWorld.h:
+        (WebCore::DOMWrapperWorld::createdFromUnitializedWorld):
+        (DOMWrapperWorld):
+        * bindings/v8/ScriptController.cpp:
+        (WebCore::ScriptController::currentWorldContext):
+
 2012-11-26  Alex Christensen  <alex.christensen@flexsim.com>
 
         clipboardwin compile error for win64
index 0e9433b..91470a7 100644 (file)
@@ -137,6 +137,7 @@ static int temporaryWorldId = DOMWrapperWorld::uninitializedWorldId-1;
 PassRefPtr<DOMWrapperWorld> DOMWrapperWorld::ensureIsolatedWorld(int worldId, int extensionGroup)
 {
     ASSERT(worldId != mainWorldId);
+    ASSERT(worldId >= uninitializedWorldId);
 
     WorldMap& map = isolatedWorldMap();
     if (worldId == uninitializedWorldId)
index 0ed826c..d625fe7 100644 (file)
@@ -96,6 +96,8 @@ public:
 
     bool isMainWorld() const { return m_worldId == mainWorldId; }
     bool isIsolatedWorld() const { return isIsolatedWorldId(m_worldId); }
+    bool createdFromUnitializedWorld() const { return m_worldId < uninitializedWorldId; }
+
     int worldId() const { return m_worldId; }
     int extensionGroup() const { return m_extensionGroup; }
     DOMDataStore* isolatedWorldDOMDataStore() const
index 5adf3a0..fecde21 100644 (file)
@@ -436,15 +436,26 @@ void ScriptController::finishedWithEvent(Event* event)
 
 v8::Local<v8::Context> ScriptController::currentWorldContext()
 {
-    if (v8::Context::InContext()) {
-        v8::Handle<v8::Context> context = v8::Context::GetEntered();
-        if (DOMWrapperWorld::isolated(context)) {
-            if (m_frame == toFrameIfNotDetached(context))
-                return v8::Local<v8::Context>::New(context);
-            return v8::Local<v8::Context>();
-        }
-    }
-    return v8::Local<v8::Context>::New(windowShell(mainThreadNormalWorld())->context());
+    if (!v8::Context::InContext())
+        return v8::Local<v8::Context>::New(windowShell(mainThreadNormalWorld())->context());
+
+    v8::Handle<v8::Context> context = v8::Context::GetEntered();
+    DOMWrapperWorld* isolatedWorld = DOMWrapperWorld::isolated(context);
+    if (!isolatedWorld)
+        return v8::Local<v8::Context>::New(windowShell(mainThreadNormalWorld())->context());
+
+    Frame* frame = toFrameIfNotDetached(context);
+    if (!m_frame)
+        return v8::Local<v8::Context>();
+
+    if (m_frame == frame)
+        return v8::Local<v8::Context>::New(context);
+
+    // FIXME: Need to handle weak isolated worlds correctly.
+    if (isolatedWorld->createdFromUnitializedWorld())
+        return v8::Local<v8::Context>();
+
+    return v8::Local<v8::Context>::New(windowShell(isolatedWorld)->context());
 }
 
 v8::Local<v8::Context> ScriptController::mainWorldContext()