Skip to content
Find file Blame History Permalink
  • abarth@webkit.org's avatar
    2009-07-29 Adam Barth <abarth@webkit.org> · 1c3700e5
    abarth@webkit.org authored 
            Reviewed by Dimitri Glazkov.

        [V8] Teach V8Proxy::context about isolated worlds
        https://bugs.webkit.org/show_bug.cgi?id=27701

        Change V8Proxy::context(Frame*) to understand isolated worlds.  Audit
        all callers of this method to make sure they want isolated worlds.  In
        cases where we really want the main world, I've changed the call to
        V8Proxy::mainWorldContext(Frame*).
        
        The main visible change is to the document.open method when called with
        more than two arguments.  This design seems more likely to lead to
        future correct code.

        Test: http/tests/security/isolatedWorld/document-open.html

        * bindings/v8/ScriptController.cpp:
        (WebCore::ScriptController::processingUserGesture):
        (WebCore::ScriptController::evaluate):
        (WebCore::ScriptController::bindToWindowObject):
        (WebCore::ScriptController::collectGarbage):
        (WebCore::createScriptObject):
        (WebCore::ScriptController::createScriptObjectForPluginElement):
        * bindings/v8/ScriptObjectQuarantine.cpp:
        (WebCore::getQuarantinedScriptObject):
        * bindings/v8/V8AbstractEventListener.cpp:
        (WebCore::V8AbstractEventListener::handleEvent):
        * bindings/v8/V8DOMWrapper.cpp:
        (WebCore::V8DOMWrapper::getConstructor):
        (WebCore::V8DOMWrapper::setHiddenWindowReference):
        (WebCore::V8DOMWrapper::convertNodeToV8Object):
        (WebCore::V8DOMWrapper::convertWindowToV8Object):
        * bindings/v8/V8Helpers.cpp:
        (WebCore::toV8Context):
        * bindings/v8/V8LazyEventListener.cpp:
        (WebCore::V8LazyEventListener::getListenerFunction):
        (WebCore::V8LazyEventListener::getWrappedListenerFunction):
        * bindings/v8/V8Proxy.cpp:
        (WebCore::V8Proxy::context):
        (WebCore::V8Proxy::mainWorldContext):
        (WebCore::V8Proxy::bindJsObjectToWindow):
        * bindings/v8/V8Proxy.h:

2009-07-29  Adam Barth  <abarth@webkit.org>

        Reviewed by Dimitri Glazkov.

        [V8] Teach V8Proxy::context about isolated worlds
        https://bugs.webkit.org/show_bug.cgi?id=27701

        Test that calling document.open with more than two arguments calls the
        window.open method from the correct world.

        * http/tests/security/isolatedWorld/document-open-expected.txt: Added.
        * http/tests/security/isolatedWorld/document-open.html: Added.



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@46523 268f45cc-cd09-0410-ab3c-d52691b4dbfc
    1c3700e5