2009-03-03 Dimitri Glazkov <dglazkov@chromium.org>
authordglazkov@chromium.org <dglazkov@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 3 Mar 2009 19:18:56 +0000 (19:18 +0000)
committerdglazkov@chromium.org <dglazkov@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 3 Mar 2009 19:18:56 +0000 (19:18 +0000)
        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=24331
        Add custom V8 bindings for Element, Attr, HTMLFrame, and HTMLIFrame.

        * bindings/v8/custom/V8AttrCustom.cpp: Added.
        * bindings/v8/custom/V8CustomBinding.cpp: Added.
        * bindings/v8/custom/V8CustomBinding.h: Added attribute-checking helpers.
        * bindings/v8/custom/V8ElementCustom.cpp: Added.
        * bindings/v8/custom/V8HTMLFrameElementCustom.cpp: Added.
        * bindings/v8/custom/V8HTMLIFrameElementCustom.cpp: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@41399 268f45cc-cd09-0410-ab3c-d52691b4dbfc

WebCore/ChangeLog
WebCore/bindings/v8/custom/V8AttrCustom.cpp [new file with mode: 0644]
WebCore/bindings/v8/custom/V8CustomBinding.cpp [new file with mode: 0644]
WebCore/bindings/v8/custom/V8CustomBinding.h
WebCore/bindings/v8/custom/V8ElementCustom.cpp [new file with mode: 0644]
WebCore/bindings/v8/custom/V8HTMLFrameElementCustom.cpp [new file with mode: 0644]
WebCore/bindings/v8/custom/V8HTMLIFrameElementCustom.cpp [new file with mode: 0644]

index c4d6f71e3d3ac87ac575ecd0cc4a35387768134d..9acc6fe535bc532a7811d6bcf37abbf552b81a02 100644 (file)
@@ -1,3 +1,17 @@
+2009-03-03  Dimitri Glazkov  <dglazkov@chromium.org>
+
+        Reviewed by Eric Seidel.
+
+        https://bugs.webkit.org/show_bug.cgi?id=24331
+        Add custom V8 bindings for Element, Attr, HTMLFrame, and HTMLIFrame.
+
+        * bindings/v8/custom/V8AttrCustom.cpp: Added.
+        * bindings/v8/custom/V8CustomBinding.cpp: Added.
+        * bindings/v8/custom/V8CustomBinding.h: Added attribute-checking helpers.
+        * bindings/v8/custom/V8ElementCustom.cpp: Added.
+        * bindings/v8/custom/V8HTMLFrameElementCustom.cpp: Added.
+        * bindings/v8/custom/V8HTMLIFrameElementCustom.cpp: Added.
+
 2009-03-03  Brady Eidson  <beidson@apple.com>
 
         Reviewed by Darin Adler
diff --git a/WebCore/bindings/v8/custom/V8AttrCustom.cpp b/WebCore/bindings/v8/custom/V8AttrCustom.cpp
new file mode 100644 (file)
index 0000000..184c5d9
--- /dev/null
@@ -0,0 +1,58 @@
+/*
+ * Copyright (C) 2007-2009 Google Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *     * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR iframeLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE iframeLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "Attr.h"
+
+#include "Element.h"
+#include "ExceptionCode.h"
+
+#include "V8Binding.h"
+#include "V8CustomBinding.h"
+#include "V8Proxy.h"
+
+namespace WebCore {
+
+ACCESSOR_SETTER(AttrValue)
+{
+    Attr* imp = V8Proxy::DOMWrapperToNode<Attr>(info.Holder());
+    String attrValue = toWebCoreStringWithNullCheck(value);
+    Element* ownerElement = imp->ownerElement();
+
+    if (ownerElement && !allowSettingSrcToJavascriptURL(ownerElement, imp->name(), attrValue))
+        return;
+
+    ExceptionCode ec = 0;
+    imp->setValue(attrValue, ec);
+    if (ec)
+        throwError(ec);
+}
+
+} // namespace WebCore
diff --git a/WebCore/bindings/v8/custom/V8CustomBinding.cpp b/WebCore/bindings/v8/custom/V8CustomBinding.cpp
new file mode 100644 (file)
index 0000000..841382b
--- /dev/null
@@ -0,0 +1,59 @@
+/*
+ * Copyright (C) 2007-2009 Google Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *     * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "V8CustomBinding.h"
+
+#include "Element.h"
+#include "Document.h"
+#include "HTMLNames.h"
+#include "HTMLFrameElementBase.h"
+#include "CSSHelper.h"
+
+namespace WebCore {
+
+bool allowSettingFrameSrcToJavascriptUrl(HTMLFrameElementBase* frame, String value)
+{
+    if (protocolIs(parseURL(value), "javascript")) {
+        Node* contentDoc = frame->contentDocument();
+        if (contentDoc && !V8Proxy::CheckNodeSecurity(contentDoc))
+            return false;
+    }
+    return true;
+}
+
+bool allowSettingSrcToJavascriptURL(Element* element, String name, String value)
+{
+    if ((element->hasTagName(HTMLNames::iframeTag) || element->hasTagName(HTMLNames::frameTag)) && equalIgnoringCase(name, "src"))
+        return allowSettingFrameSrcToJavascriptUrl(static_cast<HTMLFrameElementBase*>(element), value);
+    return true;
+}
+
+} // namespace WebCore
index 0fd376825d15606c8cd07c73abff4f47bde72393..20fa6a1dbd30931bddd298ab668c547840204674 100644 (file)
 // over and v8_custom actually becomes V8CustomBinding.
 #include "v8_custom.h"
 
+namespace WebCore {
+
+    class HTMLFrameElementBase;
+    class Element;
+    class String;
+
+    bool allowSettingFrameSrcToJavascriptUrl(HTMLFrameElementBase*, String value);
+    bool allowSettingSrcToJavascriptURL(Element*, String name, String value);
+
+} // namespace WebCore
+
 #endif // V8CustomBinding_h
diff --git a/WebCore/bindings/v8/custom/V8ElementCustom.cpp b/WebCore/bindings/v8/custom/V8ElementCustom.cpp
new file mode 100644 (file)
index 0000000..b193610
--- /dev/null
@@ -0,0 +1,167 @@
+/*
+ * Copyright (C) 2007-2009 Google Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *     * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR elementLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE elementLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "Element.h"
+
+#include "Attr.h"
+#include "CSSHelper.h"
+#include "Document.h"
+#include "ExceptionCode.h"
+#include "HTMLFrameElementBase.h"
+#include "HTMLNames.h"
+#include "Node.h"
+
+#include "V8Attr.h"
+#include "V8Binding.h"
+#include "V8CustomBinding.h"
+#include "V8CustomEventListener.h"
+#include "V8Proxy.h"
+
+#include <wtf/RefPtr.h>
+
+namespace WebCore {
+
+CALLBACK_FUNC_DECL(ElementSetAttribute)
+{
+    INC_STATS("DOM.Element.setAttribute()");
+    Element* element = V8Proxy::DOMWrapperToNode<Element>(args.Holder());
+    String name = toWebCoreString(args[0]);
+    String value = toWebCoreString(args[1]);
+
+    if (!allowSettingSrcToJavascriptURL(element, name, value))
+        return v8::Undefined();
+
+    ExceptionCode ec = 0;
+    element->setAttribute(name, value, ec);
+    if (ec)
+        return throwError(ec);
+
+    return v8::Undefined();
+}
+
+CALLBACK_FUNC_DECL(ElementSetAttributeNode)
+{
+    INC_STATS("DOM.Element.setAttributeNode()");
+    if (!V8Attr::HasInstance(args[0]))
+        throwError(TYPE_MISMATCH_ERR);
+
+    Attr* newAttr = V8Proxy::DOMWrapperToNode<Attr>(args[0]);
+    Element* element = V8Proxy::DOMWrapperToNode<Element>(args.Holder());
+
+    if (!allowSettingSrcToJavascriptURL(element, newAttr->name(), newAttr->value()))
+        return v8::Undefined();
+
+    ExceptionCode ec = 0;
+    RefPtr<Attr> result = element->setAttributeNode(newAttr, ec);
+    if (ec)
+        throwError(ec);
+
+    return V8Proxy::NodeToV8Object(result.get());
+}
+
+CALLBACK_FUNC_DECL(ElementSetAttributeNS)
+{
+    INC_STATS("DOM.Element.setAttributeNS()");
+    Element* element = V8Proxy::DOMWrapperToNode<Element>(args.Holder());
+    String namespaceURI = toWebCoreStringWithNullCheck(args[0]);
+    String qualifiedName = toWebCoreString(args[1]);
+    String value = toWebCoreString(args[2]);
+
+    if (!allowSettingSrcToJavascriptURL(element, qualifiedName, value))
+        return v8::Undefined();
+
+    ExceptionCode ec = 0;
+    element->setAttributeNS(namespaceURI, qualifiedName, value, ec);
+    if (ec)
+        throwError(ec);
+
+    return v8::Undefined();
+}
+
+CALLBACK_FUNC_DECL(ElementSetAttributeNodeNS)
+{
+    INC_STATS("DOM.Element.setAttributeNodeNS()");
+    if (!V8Attr::HasInstance(args[0]))
+        return throwError(TYPE_MISMATCH_ERR);
+
+    Attr* newAttr = V8Proxy::DOMWrapperToNode<Attr>(args[0]);
+    Element* element = V8Proxy::DOMWrapperToNode<Element>(args.Holder());
+
+    if (!allowSettingSrcToJavascriptURL(element, newAttr->name(), newAttr->value()))
+        return v8::Undefined();
+
+    ExceptionCode ec = 0;
+    RefPtr<Attr> result = element->setAttributeNodeNS(newAttr, ec);
+    if (ec)
+        throwError(ec);
+
+    return V8Proxy::NodeToV8Object(result.get());
+}
+
+static inline String toEventType(v8::Local<v8::String> value)
+{
+    String key = toWebCoreString(value);
+    ASSERT(key.startsWith("on"));
+    return key.substring(2);
+}
+
+ACCESSOR_SETTER(ElementEventHandler)
+{
+    Node* node = V8Proxy::DOMWrapperToNode<Node>(info.Holder());
+
+    String eventType = toEventType(name);
+
+    // Set handler if the value is a function.  Otherwise, clear the
+    // event handler.
+    if (value->IsFunction()) {
+        V8Proxy* proxy = V8Proxy::retrieve(node->document()->frame());
+        // the document might be created using createDocument,
+        // which does not have a frame, use the active frame
+        if (!proxy)
+            proxy = V8Proxy::retrieve(V8Proxy::retrieveActiveFrame());
+        if (!proxy)
+            return;
+
+        if (RefPtr<EventListener> listener = proxy->FindOrCreateV8EventListener(value, true))
+            node->setInlineEventListenerForType(eventType, listener);
+    } else
+        node->removeInlineEventListenerForType(eventType);
+}
+
+ACCESSOR_GETTER(ElementEventHandler)
+{
+    Node* node = V8Proxy::DOMWrapperToNode<Node>(info.Holder());
+
+    EventListener* listener = node->inlineEventListenerForType(toEventType(name));
+    return V8Proxy::EventListenerToV8Object(listener);
+}
+
+} // namespace WebCore
diff --git a/WebCore/bindings/v8/custom/V8HTMLFrameElementCustom.cpp b/WebCore/bindings/v8/custom/V8HTMLFrameElementCustom.cpp
new file mode 100644 (file)
index 0000000..bfc4c28
--- /dev/null
@@ -0,0 +1,62 @@
+/*
+ * Copyright (C) 2007-2009 Google Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *     * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "HTMLFrameElement.h"
+
+#include "V8Binding.h"
+#include "V8CustomBinding.h"
+#include "V8Proxy.h"
+
+namespace WebCore {
+
+ACCESSOR_SETTER(HTMLFrameElementSrc)
+{
+    HTMLFrameElement* frame = V8Proxy::DOMWrapperToNode<HTMLFrameElement>(info.Holder());
+    String srcValue = toWebCoreStringWithNullCheck(value);
+
+    if (!allowSettingFrameSrcToJavascriptUrl(frame, srcValue))
+        return;
+
+    frame->setSrc(srcValue);
+}
+
+ACCESSOR_SETTER(HTMLFrameElementLocation)
+{
+    HTMLFrameElement* frame = V8Proxy::DOMWrapperToNode<HTMLFrameElement>(info.Holder());
+    String locationValue = toWebCoreStringWithNullCheck(value);
+
+    if (!allowSettingFrameSrcToJavascriptUrl(frame, locationValue))
+        return;
+
+    frame->setLocation(locationValue);
+}
+
+} // namespace WebCore
diff --git a/WebCore/bindings/v8/custom/V8HTMLIFrameElementCustom.cpp b/WebCore/bindings/v8/custom/V8HTMLIFrameElementCustom.cpp
new file mode 100644 (file)
index 0000000..3739a4e
--- /dev/null
@@ -0,0 +1,51 @@
+/*
+ * Copyright (C) 2007-2009 Google Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *     * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "HTMLIFrameElement.h"
+
+#include "V8Binding.h"
+#include "V8CustomBinding.h"
+#include "V8Proxy.h"
+
+namespace WebCore {
+
+ACCESSOR_SETTER(HTMLIFrameElementSrc)
+{
+    HTMLIFrameElement* iframe = V8Proxy::DOMWrapperToNode<HTMLIFrameElement>(info.Holder());
+    String v = valueToStringWithNullCheck(value);
+
+    if (!allowSettingFrameSrcToJavascriptUrl(iframe, v))
+        return;
+
+    iframe->setSrc(v);
+}
+
+} // namespace WebCore