[SCM] WebKit Debian packaging branch, webkit-1.2, updated. upstream/1.1.90-6072-g9a69373
japhet at chromium.org
japhet at chromium.org
Thu Apr 8 00:55:57 UTC 2010
The following commit has been merged in the webkit-1.2 branch:
commit fc55cce7497e4d2d75ed228dbd28c808ddfa343d
Author: japhet at chromium.org <japhet at chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Wed Jan 6 21:37:09 2010 +0000
2010-01-05 Nate Chapin <japhet at chromium.org>
Reviewed by Dimitri Glazkov.
Generate header declarations for V8 binding security checks
and delete V8CustomBinding.cpp
* Android.v8bindings.mk: Removed V8CustomBinding.cpp.
* WebCore.gypi: Removed V8CustomBinding.cpp.
* bindings/scripts/CodeGeneratorV8.pm: Generate security check declarations.
* bindings/v8/V8DOMWindowShell.cpp:
(WebCore::getTargetFrame): Moved from V8CustomBinding.cpp.
(WebCore::reportUnsafeJavaScriptAccess):
(WebCore::V8DOMWindowShell::createNewContext):
(WebCore::V8DOMWindowShell::setLocation): Moved from V8CustomBinding.cpp.
* bindings/v8/V8DOMWindowShell.h:
* bindings/v8/V8DOMWrapper.cpp:
(WebCore::downcastSVGPathSeg): Moved from V8CustomBinding.cpp.
(WebCore::V8DOMWrapper::convertSVGObjectWithContextToV8Object):
(WebCore::V8DOMWrapper::getTemplate):
* bindings/v8/custom/V8CustomBinding.cpp: Removed.
* bindings/v8/custom/V8CustomBinding.h:
* bindings/v8/custom/V8DOMWindowCustom.cpp:
(WebCore::V8DOMWindow::locationAccessorSetter):
(WebCore::V8DOMWindow::namedSecurityCheck):
(WebCore::V8DOMWindow::indexedSecurityCheck):
* bindings/v8/custom/V8DocumentLocationCustom.cpp:
(WebCore::V8Document::locationAccessorSetter):
* bindings/v8/custom/V8HistoryCustom.cpp:
(WebCore::V8History::indexedSecurityCheck):
(WebCore::V8History::namedSecurityCheck):
* bindings/v8/custom/V8LocationCustom.cpp:
(WebCore::V8Location::indexedSecurityCheck):
(WebCore::V8Location::namedSecurityCheck):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@52867 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebCore/Android.v8bindings.mk b/WebCore/Android.v8bindings.mk
index a7aeaf9..d8fef61 100644
--- a/WebCore/Android.v8bindings.mk
+++ b/WebCore/Android.v8bindings.mk
@@ -92,7 +92,6 @@ LOCAL_SRC_FILES += \
bindings/v8/custom/V8ClientRectListCustom.cpp \
bindings/v8/custom/V8ClipboardCustom.cpp \
bindings/v8/custom/V8CoordinatesCustom.cpp \
- bindings/v8/custom/V8CustomBinding.cpp \
bindings/v8/custom/V8CustomEventListener.cpp \
bindings/v8/custom/V8CustomPositionCallback.cpp \
bindings/v8/custom/V8CustomPositionErrorCallback.cpp \
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index 361d421..4113779 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,38 @@
+2010-01-05 Nate Chapin <japhet at chromium.org>
+
+ Reviewed by Dimitri Glazkov.
+
+ Generate header declarations for V8 binding security checks
+ and delete V8CustomBinding.cpp
+
+ * Android.v8bindings.mk: Removed V8CustomBinding.cpp.
+ * WebCore.gypi: Removed V8CustomBinding.cpp.
+ * bindings/scripts/CodeGeneratorV8.pm: Generate security check declarations.
+ * bindings/v8/V8DOMWindowShell.cpp:
+ (WebCore::getTargetFrame): Moved from V8CustomBinding.cpp.
+ (WebCore::reportUnsafeJavaScriptAccess):
+ (WebCore::V8DOMWindowShell::createNewContext):
+ (WebCore::V8DOMWindowShell::setLocation): Moved from V8CustomBinding.cpp.
+ * bindings/v8/V8DOMWindowShell.h:
+ * bindings/v8/V8DOMWrapper.cpp:
+ (WebCore::downcastSVGPathSeg): Moved from V8CustomBinding.cpp.
+ (WebCore::V8DOMWrapper::convertSVGObjectWithContextToV8Object):
+ (WebCore::V8DOMWrapper::getTemplate):
+ * bindings/v8/custom/V8CustomBinding.cpp: Removed.
+ * bindings/v8/custom/V8CustomBinding.h:
+ * bindings/v8/custom/V8DOMWindowCustom.cpp:
+ (WebCore::V8DOMWindow::locationAccessorSetter):
+ (WebCore::V8DOMWindow::namedSecurityCheck):
+ (WebCore::V8DOMWindow::indexedSecurityCheck):
+ * bindings/v8/custom/V8DocumentLocationCustom.cpp:
+ (WebCore::V8Document::locationAccessorSetter):
+ * bindings/v8/custom/V8HistoryCustom.cpp:
+ (WebCore::V8History::indexedSecurityCheck):
+ (WebCore::V8History::namedSecurityCheck):
+ * bindings/v8/custom/V8LocationCustom.cpp:
+ (WebCore::V8Location::indexedSecurityCheck):
+ (WebCore::V8Location::namedSecurityCheck):
+
2010-01-06 Nikolas Zimmermann <nzimmermann at rim.com>
Reviewed by Dirk Schulze.
diff --git a/WebCore/WebCore.gypi b/WebCore/WebCore.gypi
index d62c319..339b6fb 100644
--- a/WebCore/WebCore.gypi
+++ b/WebCore/WebCore.gypi
@@ -659,7 +659,6 @@
'bindings/v8/custom/V8CoordinatesCustom.cpp',
'bindings/v8/custom/V8CSSStyleDeclarationCustom.cpp',
'bindings/v8/custom/V8ConsoleCustom.cpp',
- 'bindings/v8/custom/V8CustomBinding.cpp',
'bindings/v8/custom/V8CustomBinding.h',
'bindings/v8/custom/V8CustomEventListener.cpp',
'bindings/v8/custom/V8CustomEventListener.h',
diff --git a/WebCore/bindings/scripts/CodeGeneratorV8.pm b/WebCore/bindings/scripts/CodeGeneratorV8.pm
index b999aa6..b459bec 100644
--- a/WebCore/bindings/scripts/CodeGeneratorV8.pm
+++ b/WebCore/bindings/scripts/CodeGeneratorV8.pm
@@ -317,6 +317,13 @@ END
GenerateHeaderRuntimeEnablerDeclarations(@enabledAtRuntime);
GenerateHeaderCustomCall($dataNode);
+
+ if ($dataNode->extendedAttributes->{"CheckDomainSecurity"}) {
+ push(@headerContent, <<END);
+ static bool namedSecurityCheck(v8::Local<v8::Object> host, v8::Local<v8::Value> key, v8::AccessType, v8::Local<v8::Value> data);
+ static bool indexedSecurityCheck(v8::Local<v8::Object> host, uint32_t index, v8::AccessType, v8::Local<v8::Value> data);
+END
+ }
push(@headerContent, <<END);
@@ -1567,7 +1574,7 @@ END
my $access_check = "";
if ($dataNode->extendedAttributes->{"CheckDomainSecurity"} && !($interfaceName eq "DOMWindow")) {
- $access_check = "instance->SetAccessCheckCallbacks(V8Custom::v8${interfaceName}NamedSecurityCheck, V8Custom::v8${interfaceName}IndexedSecurityCheck, v8::Integer::New(V8ClassIndex::ToInt(V8ClassIndex::${classIndex})));";
+ $access_check = "instance->SetAccessCheckCallbacks(V8${interfaceName}::namedSecurityCheck, V8${interfaceName}::indexedSecurityCheck, v8::Integer::New(V8ClassIndex::ToInt(V8ClassIndex::${classIndex})));";
}
# For the DOMWindow interface, generate the shadow object template
diff --git a/WebCore/bindings/v8/V8DOMWindowShell.cpp b/WebCore/bindings/v8/V8DOMWindowShell.cpp
index 088329a..7e1491f 100644
--- a/WebCore/bindings/v8/V8DOMWindowShell.cpp
+++ b/WebCore/bindings/v8/V8DOMWindowShell.cpp
@@ -36,6 +36,7 @@
#include "DateExtension.h"
#include "DocumentLoader.h"
#include "DOMObjectsInclude.h"
+#include "Frame.h"
#include "FrameLoaderClient.h"
#include "InspectorTimelineAgent.h"
#include "Page.h"
@@ -83,9 +84,40 @@ static void reportFatalErrorInV8(const char* location, const char* message)
handleFatalErrorInV8();
}
+// Returns the owner frame pointer of a DOM wrapper object. It only works for
+// these DOM objects requiring cross-domain access check.
+static Frame* getTargetFrame(v8::Local<v8::Object> host, v8::Local<v8::Value> data)
+{
+ Frame* target = 0;
+ switch (V8ClassIndex::FromInt(data->Int32Value())) {
+ case V8ClassIndex::DOMWINDOW: {
+ v8::Handle<v8::Object> window = V8DOMWrapper::lookupDOMWrapper(V8ClassIndex::DOMWINDOW, host);
+ if (window.IsEmpty())
+ return target;
+
+ DOMWindow* targetWindow = V8DOMWrapper::convertToNativeObject<DOMWindow>(V8ClassIndex::DOMWINDOW, window);
+ target = targetWindow->frame();
+ break;
+ }
+ case V8ClassIndex::LOCATION: {
+ History* history = V8DOMWrapper::convertToNativeObject<History>(V8ClassIndex::HISTORY, host);
+ target = history->frame();
+ break;
+ }
+ case V8ClassIndex::HISTORY: {
+ Location* location = V8DOMWrapper::convertToNativeObject<Location>(V8ClassIndex::LOCATION, host);
+ target = location->frame();
+ break;
+ }
+ default:
+ break;
+ }
+ return target;
+}
+
static void reportUnsafeJavaScriptAccess(v8::Local<v8::Object> host, v8::AccessType type, v8::Local<v8::Value> data)
{
- Frame* target = V8Custom::GetTargetFrame(host, data);
+ Frame* target = getTargetFrame(host, data);
if (target)
V8Proxy::reportUnsafeAccessTo(target, V8Proxy::ReportLater);
}
@@ -301,7 +333,7 @@ v8::Persistent<v8::Context> V8DOMWindowShell::createNewContext(v8::Handle<v8::Ob
return result;
// Install a security handler with V8.
- globalTemplate->SetAccessCheckCallbacks(V8Custom::v8DOMWindowNamedSecurityCheck, V8Custom::v8DOMWindowIndexedSecurityCheck, v8::Integer::New(V8ClassIndex::DOMWINDOW));
+ globalTemplate->SetAccessCheckCallbacks(V8DOMWindow::namedSecurityCheck, V8DOMWindow::indexedSecurityCheck, v8::Integer::New(V8ClassIndex::DOMWINDOW));
globalTemplate->SetInternalFieldCount(V8Custom::kDOMWindowInternalFieldCount);
// Used to avoid sleep calls in unload handlers.
@@ -514,6 +546,20 @@ v8::Local<v8::Object> V8DOMWindowShell::createWrapperFromCacheSlowCase(V8ClassIn
return notHandledByInterceptor();
}
+void V8DOMWindowShell::setLocation(DOMWindow* window, const String& relativeURL)
+{
+ Frame* frame = window->frame();
+ if (!frame)
+ return;
+
+ KURL url = completeURL(relativeURL);
+ if (url.isNull())
+ return;
+ if (!shouldAllowNavigation(frame))
+ return;
+
+ navigateIfAllowed(frame, url, false, false);
+}
} // WebCore
diff --git a/WebCore/bindings/v8/V8DOMWindowShell.h b/WebCore/bindings/v8/V8DOMWindowShell.h
index 9535da5..d84b405 100644
--- a/WebCore/bindings/v8/V8DOMWindowShell.h
+++ b/WebCore/bindings/v8/V8DOMWindowShell.h
@@ -86,6 +86,8 @@ public:
return clone.IsEmpty() ? createWrapperFromCacheSlowCase(type) : clone;
}
+ static void setLocation(DOMWindow*, const String& relativeURL);
+
private:
V8DOMWindowShell(Frame*);
diff --git a/WebCore/bindings/v8/V8DOMWrapper.cpp b/WebCore/bindings/v8/V8DOMWrapper.cpp
index a637536..86e3f11 100644
--- a/WebCore/bindings/v8/V8DOMWrapper.cpp
+++ b/WebCore/bindings/v8/V8DOMWrapper.cpp
@@ -57,6 +57,10 @@
#include "WebGLUniformLocation.h"
#include "WorkerContextExecutionProxy.h"
+#if ENABLE(SVG)
+#include "SVGPathSeg.h"
+#endif
+
#include <algorithm>
#include <utility>
#include <v8.h>
@@ -97,6 +101,35 @@ static v8::Handle<v8::Value> ConstructorToString(const v8::Arguments& args)
}
#if ENABLE(SVG)
+
+static V8ClassIndex::V8WrapperType downcastSVGPathSeg(void* pathSeg)
+{
+ SVGPathSeg* realPathSeg = reinterpret_cast<SVGPathSeg*>(pathSeg);
+
+ switch (realPathSeg->pathSegType()) {
+ case SVGPathSeg::PATHSEG_CLOSEPATH: return V8ClassIndex::SVGPATHSEGCLOSEPATH;
+ case SVGPathSeg::PATHSEG_MOVETO_ABS: return V8ClassIndex::SVGPATHSEGMOVETOABS;
+ case SVGPathSeg::PATHSEG_MOVETO_REL: return V8ClassIndex::SVGPATHSEGMOVETOREL;
+ case SVGPathSeg::PATHSEG_LINETO_ABS: return V8ClassIndex::SVGPATHSEGLINETOABS;
+ case SVGPathSeg::PATHSEG_LINETO_REL: return V8ClassIndex::SVGPATHSEGLINETOREL;
+ case SVGPathSeg::PATHSEG_CURVETO_CUBIC_ABS: return V8ClassIndex::SVGPATHSEGCURVETOCUBICABS;
+ case SVGPathSeg::PATHSEG_CURVETO_CUBIC_REL: return V8ClassIndex::SVGPATHSEGCURVETOCUBICREL;
+ case SVGPathSeg::PATHSEG_CURVETO_QUADRATIC_ABS: return V8ClassIndex::SVGPATHSEGCURVETOQUADRATICABS;
+ case SVGPathSeg::PATHSEG_CURVETO_QUADRATIC_REL: return V8ClassIndex::SVGPATHSEGCURVETOQUADRATICREL;
+ case SVGPathSeg::PATHSEG_ARC_ABS: return V8ClassIndex::SVGPATHSEGARCABS;
+ case SVGPathSeg::PATHSEG_ARC_REL: return V8ClassIndex::SVGPATHSEGARCREL;
+ case SVGPathSeg::PATHSEG_LINETO_HORIZONTAL_ABS: return V8ClassIndex::SVGPATHSEGLINETOHORIZONTALABS;
+ case SVGPathSeg::PATHSEG_LINETO_HORIZONTAL_REL: return V8ClassIndex::SVGPATHSEGLINETOHORIZONTALREL;
+ case SVGPathSeg::PATHSEG_LINETO_VERTICAL_ABS: return V8ClassIndex::SVGPATHSEGLINETOVERTICALABS;
+ case SVGPathSeg::PATHSEG_LINETO_VERTICAL_REL: return V8ClassIndex::SVGPATHSEGLINETOVERTICALREL;
+ case SVGPathSeg::PATHSEG_CURVETO_CUBIC_SMOOTH_ABS: return V8ClassIndex::SVGPATHSEGCURVETOCUBICSMOOTHABS;
+ case SVGPathSeg::PATHSEG_CURVETO_CUBIC_SMOOTH_REL: return V8ClassIndex::SVGPATHSEGCURVETOCUBICSMOOTHREL;
+ case SVGPathSeg::PATHSEG_CURVETO_QUADRATIC_SMOOTH_ABS: return V8ClassIndex::SVGPATHSEGCURVETOQUADRATICSMOOTHABS;
+ case SVGPathSeg::PATHSEG_CURVETO_QUADRATIC_SMOOTH_REL: return V8ClassIndex::SVGPATHSEGCURVETOQUADRATICSMOOTHREL;
+ default: return V8ClassIndex::INVALID_CLASS_INDEX;
+ }
+}
+
v8::Handle<v8::Value> V8DOMWrapper::convertSVGElementInstanceToV8Object(SVGElementInstance* instance)
{
if (!instance)
@@ -128,7 +161,7 @@ v8::Handle<v8::Value> V8DOMWrapper::convertSVGObjectWithContextToV8Object(V8Clas
// Special case: SVGPathSegs need to be downcast to their real type
if (type == V8ClassIndex::SVGPATHSEG)
- type = V8Custom::DowncastSVGPathSeg(object);
+ type = downcastSVGPathSeg(object);
v8::Local<v8::Object> v8Object = instantiateV8Object(type, type, object);
if (!v8Object.IsEmpty()) {
@@ -152,7 +185,7 @@ v8::Handle<v8::Value> V8DOMWrapper::convertSVGObjectWithContextToV8Object(V8Clas
return result;
}
-#endif
+#endif // ENABLE(SVG)
#if ENABLE(3D_CANVAS)
void V8DOMWrapper::setIndexedPropertiesToExternalArray(v8::Handle<v8::Object> wrapper,
@@ -309,7 +342,7 @@ v8::Persistent<v8::FunctionTemplate> V8DOMWrapper::getTemplate(V8ClassIndex::V8W
// Set access check callbacks, but turned off initially.
// When a context is detached from a frame, turn on the access check.
// Turning on checks also invalidates inline caches of the object.
- instanceTemplate->SetAccessCheckCallbacks(V8Custom::v8DOMWindowNamedSecurityCheck, V8Custom::v8DOMWindowIndexedSecurityCheck, v8::Integer::New(V8ClassIndex::DOMWINDOW), false);
+ instanceTemplate->SetAccessCheckCallbacks(V8DOMWindow::namedSecurityCheck, V8DOMWindow::indexedSecurityCheck, v8::Integer::New(V8ClassIndex::DOMWINDOW), false);
break;
}
case V8ClassIndex::LOCATION: {
diff --git a/WebCore/bindings/v8/custom/V8CustomBinding.cpp b/WebCore/bindings/v8/custom/V8CustomBinding.cpp
deleted file mode 100644
index de40fae..0000000
--- a/WebCore/bindings/v8/custom/V8CustomBinding.cpp
+++ /dev/null
@@ -1,140 +0,0 @@
-/*
- * Copyright (C) 2007-2009 Google Inc. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
- *
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- * * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "config.h"
-#include "V8CustomBinding.h"
-
-#include "CSSHelper.h"
-#include "Element.h"
-#include "Document.h"
-#include "DOMWindow.h"
-#include "History.h"
-#include "HTMLNames.h"
-#include "HTMLFrameElementBase.h"
-#include "Location.h"
-#include "V8Binding.h"
-#include "V8BindingState.h"
-#include "V8Proxy.h"
-
-#if ENABLE(SVG)
-#include "SVGPathSeg.h"
-#endif
-
-namespace WebCore {
-
-// --------------- Security Checks -------------------------
-INDEXED_ACCESS_CHECK(History)
-{
- ASSERT(V8ClassIndex::FromInt(data->Int32Value()) == V8ClassIndex::HISTORY);
- // Only allow same origin access.
- History* history = V8DOMWrapper::convertToNativeObject<History>(V8ClassIndex::HISTORY, host);
- return V8BindingSecurity::canAccessFrame(V8BindingState::Only(), history->frame(), false);
-}
-
-NAMED_ACCESS_CHECK(History)
-{
- ASSERT(V8ClassIndex::FromInt(data->Int32Value()) == V8ClassIndex::HISTORY);
- // Only allow same origin access.
- History* history = V8DOMWrapper::convertToNativeObject<History>(V8ClassIndex::HISTORY, host);
- return V8BindingSecurity::canAccessFrame(V8BindingState::Only(), history->frame(), false);
-}
-
-#undef INDEXED_ACCESS_CHECK
-#undef NAMED_ACCESS_CHECK
-#undef NAMED_PROPERTY_GETTER
-#undef NAMED_PROPERTY_SETTER
-
-Frame* V8Custom::GetTargetFrame(v8::Local<v8::Object> host, v8::Local<v8::Value> data)
-{
- Frame* target = 0;
- switch (V8ClassIndex::FromInt(data->Int32Value())) {
- case V8ClassIndex::DOMWINDOW: {
- v8::Handle<v8::Object> window = V8DOMWrapper::lookupDOMWrapper(V8ClassIndex::DOMWINDOW, host);
- if (window.IsEmpty())
- return target;
-
- DOMWindow* targetWindow = V8DOMWrapper::convertToNativeObject<DOMWindow>(V8ClassIndex::DOMWINDOW, window);
- target = targetWindow->frame();
- break;
- }
- case V8ClassIndex::LOCATION: {
- History* history = V8DOMWrapper::convertToNativeObject<History>(V8ClassIndex::HISTORY, host);
- target = history->frame();
- break;
- }
- case V8ClassIndex::HISTORY: {
- Location* location = V8DOMWrapper::convertToNativeObject<Location>(V8ClassIndex::LOCATION, host);
- target = location->frame();
- break;
- }
- default:
- break;
- }
- return target;
-}
-
-#if ENABLE(SVG)
-V8ClassIndex::V8WrapperType V8Custom::DowncastSVGPathSeg(void* pathSeg)
-{
- WebCore::SVGPathSeg* realPathSeg = reinterpret_cast<WebCore::SVGPathSeg*>(pathSeg);
-
- switch (realPathSeg->pathSegType()) {
-#define MAKE_CASE(svgValue, v8Value) case WebCore::SVGPathSeg::svgValue: return V8ClassIndex::v8Value
-
- MAKE_CASE(PATHSEG_CLOSEPATH, SVGPATHSEGCLOSEPATH);
- MAKE_CASE(PATHSEG_MOVETO_ABS, SVGPATHSEGMOVETOABS);
- MAKE_CASE(PATHSEG_MOVETO_REL, SVGPATHSEGMOVETOREL);
- MAKE_CASE(PATHSEG_LINETO_ABS, SVGPATHSEGLINETOABS);
- MAKE_CASE(PATHSEG_LINETO_REL, SVGPATHSEGLINETOREL);
- MAKE_CASE(PATHSEG_CURVETO_CUBIC_ABS, SVGPATHSEGCURVETOCUBICABS);
- MAKE_CASE(PATHSEG_CURVETO_CUBIC_REL, SVGPATHSEGCURVETOCUBICREL);
- MAKE_CASE(PATHSEG_CURVETO_QUADRATIC_ABS, SVGPATHSEGCURVETOQUADRATICABS);
- MAKE_CASE(PATHSEG_CURVETO_QUADRATIC_REL, SVGPATHSEGCURVETOQUADRATICREL);
- MAKE_CASE(PATHSEG_ARC_ABS, SVGPATHSEGARCABS);
- MAKE_CASE(PATHSEG_ARC_REL, SVGPATHSEGARCREL);
- MAKE_CASE(PATHSEG_LINETO_HORIZONTAL_ABS, SVGPATHSEGLINETOHORIZONTALABS);
- MAKE_CASE(PATHSEG_LINETO_HORIZONTAL_REL, SVGPATHSEGLINETOHORIZONTALREL);
- MAKE_CASE(PATHSEG_LINETO_VERTICAL_ABS, SVGPATHSEGLINETOVERTICALABS);
- MAKE_CASE(PATHSEG_LINETO_VERTICAL_REL, SVGPATHSEGLINETOVERTICALREL);
- MAKE_CASE(PATHSEG_CURVETO_CUBIC_SMOOTH_ABS, SVGPATHSEGCURVETOCUBICSMOOTHABS);
- MAKE_CASE(PATHSEG_CURVETO_CUBIC_SMOOTH_REL, SVGPATHSEGCURVETOCUBICSMOOTHREL);
- MAKE_CASE(PATHSEG_CURVETO_QUADRATIC_SMOOTH_ABS, SVGPATHSEGCURVETOQUADRATICSMOOTHABS);
- MAKE_CASE(PATHSEG_CURVETO_QUADRATIC_SMOOTH_REL, SVGPATHSEGCURVETOQUADRATICSMOOTHREL);
-
-#undef MAKE_CASE
-
- default:
- return V8ClassIndex::INVALID_CLASS_INDEX;
- }
-}
-
-#endif // ENABLE(SVG)
-
-} // namespace WebCore
diff --git a/WebCore/bindings/v8/custom/V8CustomBinding.h b/WebCore/bindings/v8/custom/V8CustomBinding.h
index e9b2f1c..aafe1ea 100644
--- a/WebCore/bindings/v8/custom/V8CustomBinding.h
+++ b/WebCore/bindings/v8/custom/V8CustomBinding.h
@@ -34,8 +34,6 @@
#include "V8Index.h"
#include <v8.h>
-struct NPObject;
-
#define INDEXED_PROPERTY_GETTER(NAME) \
v8::Handle<v8::Value> V8Custom::v8##NAME##IndexedPropertyGetter( \
uint32_t index, const v8::AccessorInfo& info)
@@ -60,24 +58,7 @@ struct NPObject;
v8::Handle<v8::Boolean> V8Custom::v8##NAME##NamedPropertyDeleter( \
v8::Local<v8::String> name, const v8::AccessorInfo& info)
-#define NAMED_ACCESS_CHECK(NAME) \
- bool V8Custom::v8##NAME##NamedSecurityCheck(v8::Local<v8::Object> host, \
- v8::Local<v8::Value> key, v8::AccessType type, v8::Local<v8::Value> data)
-
-#define INDEXED_ACCESS_CHECK(NAME) \
- bool V8Custom::v8##NAME##IndexedSecurityCheck(v8::Local<v8::Object> host, \
- uint32_t index, v8::AccessType type, v8::Local<v8::Value> data)
-
namespace WebCore {
-
- class DOMWindow;
- class Element;
- class Frame;
- class HTMLCollection;
- class HTMLFrameElementBase;
- class String;
- class V8Proxy;
-
class V8Custom {
public:
// Constants.
@@ -211,20 +192,6 @@ namespace WebCore {
#define USE_CALLBACK(NAME) V8Custom::v8##NAME##Callback
-#define DECLARE_NAMED_ACCESS_CHECK(NAME) \
- static bool v8##NAME##NamedSecurityCheck(v8::Local<v8::Object> host, \
- v8::Local<v8::Value> key, v8::AccessType type, v8::Local<v8::Value> data)
-
-#define DECLARE_INDEXED_ACCESS_CHECK(NAME) \
- static bool v8##NAME##IndexedSecurityCheck(v8::Local<v8::Object> host, \
- uint32_t index, v8::AccessType type, v8::Local<v8::Value> data)
-
- DECLARE_NAMED_ACCESS_CHECK(Location);
- DECLARE_INDEXED_ACCESS_CHECK(History);
-
- DECLARE_NAMED_ACCESS_CHECK(History);
- DECLARE_INDEXED_ACCESS_CHECK(Location);
-
DECLARE_NAMED_PROPERTY_GETTER(HTMLDocument);
DECLARE_NAMED_PROPERTY_DELETER(HTMLDocument);
@@ -253,8 +220,6 @@ namespace WebCore {
DECLARE_NAMED_PROPERTY_GETTER(DOMWindow);
DECLARE_INDEXED_PROPERTY_GETTER(DOMWindow);
- DECLARE_NAMED_ACCESS_CHECK(DOMWindow);
- DECLARE_INDEXED_ACCESS_CHECK(DOMWindow);
DECLARE_NAMED_PROPERTY_GETTER(HTMLFrameSetElement);
DECLARE_NAMED_PROPERTY_GETTER(HTMLFormElement);
@@ -335,9 +300,6 @@ namespace WebCore {
DECLARE_CALLBACK(WebSocketConstructor);
#endif
-#undef DECLARE_INDEXED_ACCESS_CHECK
-#undef DECLARE_NAMED_ACCESS_CHECK
-
#undef DECLARE_NAMED_PROPERTY_GETTER
#undef DECLARE_NAMED_PROPERTY_SETTER
#undef DECLARE_NAMED_PROPERTY_DELETER
@@ -347,19 +309,6 @@ namespace WebCore {
#undef DECLARE_INDEXED_PROPERTY_DELETER
#undef DECLARE_CALLBACK
-
- // Returns the NPObject corresponding to an HTMLElement object.
- static NPObject* GetHTMLPlugInElementNPObject(v8::Handle<v8::Object>);
-
- // Returns the owner frame pointer of a DOM wrapper object. It only works for
- // these DOM objects requiring cross-domain access check.
- static Frame* GetTargetFrame(v8::Local<v8::Object> host, v8::Local<v8::Value> data);
-
- // Special case for downcasting SVG path segments.
-#if ENABLE(SVG)
- static V8ClassIndex::V8WrapperType DowncastSVGPathSeg(void* pathSeg);
-#endif
- static void WindowSetLocation(DOMWindow*, const String&);
};
} // namespace WebCore
diff --git a/WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp b/WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp
index 922fa46..12d9f72 100644
--- a/WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp
+++ b/WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp
@@ -215,7 +215,7 @@ v8::Handle<v8::Value> V8DOMWindow::cryptoAccessorGetter(v8::Local<v8::String> na
void V8DOMWindow::locationAccessorSetter(v8::Local<v8::String> name, v8::Local<v8::Value> value, const v8::AccessorInfo& info)
{
DOMWindow* imp = V8DOMWrapper::convertToNativeObject<DOMWindow>(V8ClassIndex::DOMWINDOW, info.Holder());
- V8Custom::WindowSetLocation(imp, toWebCoreString(value));
+ V8DOMWindowShell::setLocation(imp, toWebCoreString(value));
}
@@ -826,23 +826,6 @@ NAMED_PROPERTY_GETTER(DOMWindow)
}
-void V8Custom::WindowSetLocation(DOMWindow* window, const String& relativeURL)
-{
- Frame* frame = window->frame();
- if (!frame)
- return;
-
- KURL url = completeURL(relativeURL);
- if (url.isNull())
- return;
-
- if (!shouldAllowNavigation(frame))
- return;
-
- navigateIfAllowed(frame, url, false, false);
-}
-
-
v8::Handle<v8::Value> V8DOMWindow::setTimeoutCallback(const v8::Arguments& args)
{
INC_STATS("DOM.DOMWindow.setTimeout()");
@@ -886,7 +869,7 @@ v8::Handle<v8::Value> V8DOMWindow::clearIntervalCallback(const v8::Arguments& ar
return v8::Undefined();
}
-NAMED_ACCESS_CHECK(DOMWindow)
+bool V8DOMWindow::namedSecurityCheck(v8::Local<v8::Object> host, v8::Local<v8::Value> key, v8::AccessType type, v8::Local<v8::Value> data)
{
ASSERT(V8ClassIndex::FromInt(data->Int32Value()) == V8ClassIndex::DOMWINDOW);
v8::Handle<v8::Object> window = V8DOMWrapper::lookupDOMWrapper(V8ClassIndex::DOMWINDOW, host);
@@ -912,7 +895,7 @@ NAMED_ACCESS_CHECK(DOMWindow)
return V8BindingSecurity::canAccessFrame(V8BindingState::Only(), target, false);
}
-INDEXED_ACCESS_CHECK(DOMWindow)
+bool V8DOMWindow::indexedSecurityCheck(v8::Local<v8::Object> host, uint32_t index, v8::AccessType type, v8::Local<v8::Value> data)
{
ASSERT(V8ClassIndex::FromInt(data->Int32Value()) == V8ClassIndex::DOMWINDOW);
v8::Handle<v8::Object> window = V8DOMWrapper::lookupDOMWrapper(V8ClassIndex::DOMWINDOW, host);
diff --git a/WebCore/bindings/v8/custom/V8DocumentLocationCustom.cpp b/WebCore/bindings/v8/custom/V8DocumentLocationCustom.cpp
index 3572aa8..65f1305 100644
--- a/WebCore/bindings/v8/custom/V8DocumentLocationCustom.cpp
+++ b/WebCore/bindings/v8/custom/V8DocumentLocationCustom.cpp
@@ -50,8 +50,8 @@ void V8Document::locationAccessorSetter(v8::Local<v8::String> name, v8::Local<v8
return;
DOMWindow* window = document->frame()->domWindow();
- // WindowSetLocation does security checks. // XXXMB- verify!
- V8Custom::WindowSetLocation(window, toWebCoreString(value));
+ // setLocation does security checks. // XXXMB- verify!
+ V8DOMWindowShell::setLocation(window, toWebCoreString(value));
}
} // namespace WebCore
diff --git a/WebCore/bindings/v8/custom/V8HistoryCustom.cpp b/WebCore/bindings/v8/custom/V8HistoryCustom.cpp
index acb96ed..e919524 100644
--- a/WebCore/bindings/v8/custom/V8HistoryCustom.cpp
+++ b/WebCore/bindings/v8/custom/V8HistoryCustom.cpp
@@ -35,6 +35,7 @@
#include "History.h"
#include "SerializedScriptValue.h"
#include "V8Binding.h"
+#include "V8BindingState.h"
#include "V8CustomBinding.h"
#include "V8Proxy.h"
@@ -82,4 +83,20 @@ v8::Handle<v8::Value> V8History::replaceStateCallback(const v8::Arguments& args)
return throwError(ec);
}
+bool V8History::indexedSecurityCheck(v8::Local<v8::Object> host, uint32_t index, v8::AccessType type, v8::Local<v8::Value> data)
+{
+ ASSERT(V8ClassIndex::FromInt(data->Int32Value()) == V8ClassIndex::HISTORY);
+ // Only allow same origin access.
+ History* history = V8DOMWrapper::convertToNativeObject<History>(V8ClassIndex::HISTORY, host);
+ return V8BindingSecurity::canAccessFrame(V8BindingState::Only(), history->frame(), false);
+}
+
+bool V8History::namedSecurityCheck(v8::Local<v8::Object> host, v8::Local<v8::Value> key, v8::AccessType type, v8::Local<v8::Value> data)
+{
+ ASSERT(V8ClassIndex::FromInt(data->Int32Value()) == V8ClassIndex::HISTORY);
+ // Only allow same origin access.
+ History* history = V8DOMWrapper::convertToNativeObject<History>(V8ClassIndex::HISTORY, host);
+ return V8BindingSecurity::canAccessFrame(V8BindingState::Only(), history->frame(), false);
+}
+
} // namespace WebCore
diff --git a/WebCore/bindings/v8/custom/V8LocationCustom.cpp b/WebCore/bindings/v8/custom/V8LocationCustom.cpp
index 87541ea..f83b1a1 100644
--- a/WebCore/bindings/v8/custom/V8LocationCustom.cpp
+++ b/WebCore/bindings/v8/custom/V8LocationCustom.cpp
@@ -342,7 +342,7 @@ v8::Handle<v8::Value> V8Location::toStringCallback(const v8::Arguments& args)
return v8String(result);
}
-INDEXED_ACCESS_CHECK(Location)
+bool V8Location::indexedSecurityCheck(v8::Local<v8::Object> host, uint32_t index, v8::AccessType type, v8::Local<v8::Value> data)
{
ASSERT(V8ClassIndex::FromInt(data->Int32Value()) == V8ClassIndex::LOCATION);
// Only allow same origin access
@@ -350,7 +350,7 @@ INDEXED_ACCESS_CHECK(Location)
return V8BindingSecurity::canAccessFrame(V8BindingState::Only(), imp->frame(), false);
}
-NAMED_ACCESS_CHECK(Location)
+bool V8Location::namedSecurityCheck(v8::Local<v8::Object> host, v8::Local<v8::Value> key, v8::AccessType type, v8::Local<v8::Value> data)
{
ASSERT(V8ClassIndex::FromInt(data->Int32Value()) == V8ClassIndex::LOCATION);
// Only allow same origin access
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list