• yaar@chromium.org's avatar
    2010-05-19 Justin Schuh <jschuh@chromium.org> · a4b82d8b
    yaar@chromium.org authored
            Reviewed by Adam Barth.
    
            Moving frame.src checks out of the bindings
            https://bugs.webkit.org/show_bug.cgi?id=37815
    
            Moved JavaScript frame.src checks out of bindings and into
            HTMLFrameElementBase. Added main thread state stack to JavaScriptCore
            so ExecState is available inside core DOM. Updated affected bindings
            (except for GObject, which will need to be updated to avoid origin
            failures inside native code).
    
            * Android.jscbindings.mk:
            * CMakeLists.txt:
            * GNUmakefile.am:
            * WebCore.gypi:
            * WebCore.pro:
            * WebCore.vcproj/WebCore.vcproj:
            * WebCore.xcodeproj/project.pbxproj:
            * bindings/js/JSBindingsAllInOne.cpp:
            * bindings/js/JSCallbackData.cpp:
            (WebCore::JSCallbackData::invokeCallback):
            * bindings/js/JSEventListener.cpp:
            (WebCore::JSEventListener::handleEvent):
            * bindings/js/JSInjectedScriptHostCustom.cpp:
            (WebCore::InjectedScriptHost::createInjectedScript):
            * bindings/js/JSMainThreadExecState.cpp: Added.
            * bindings/js/JSMainThreadExecState.h: Added.
            (WebCore::JSMainThreadExecState::currentState):
            (WebCore::JSMainThreadExecState::call):
            (WebCore::JSMainThreadExecState::evaluate):
            (WebCore::JSMainThreadExecState::JSMainThreadExecState):
            (WebCore::JSMainThreadExecState::~JSMainThreadExecState):
            (WebCore::JSMainThreadNullState::JSMainThreadNullState):
            * bindings/js/ScheduledAction.cpp:
            (WebCore::ScheduledAction::executeFunctionInContext):
            (WebCore::ScheduledAction::execute):
            * bindings/js/ScheduledAction.h:
            * bindings/js/ScriptController.cpp:
            (WebCore::ScriptController::evaluateInWorld):
            (WebCore::ScriptController::canAccessFromCurrentOrigin):
            * bindings/js/ScriptController.h:
            * bindings/js/ScriptFunctionCall.cpp:
            (WebCore::ScriptFunctionCall::call):
            * bindings/objc/ObjCEventListener.mm:
            * bindings/objc/WebScriptObject.mm:
            (-[WebScriptObject callWebScriptMethod:withArguments:]):
            (-[WebScriptObject evaluateWebScript:]):
            * bindings/scripts/CodeGeneratorObjC.pm:
            * bindings/scripts/test/ObjC/DOMTestCallback.mm:
            (-[DOMTestCallback callbackWithClass1Param:]):
            (-[DOMTestCallback callbackWithClass2Param:strArg:]):
            (-[DOMTestCallback callbackWithNonBoolReturnType:]):
            (-[DOMTestCallback customCallback:class6Param:]):
            * bindings/scripts/test/ObjC/DOMTestInterface.mm:
            * bindings/scripts/test/ObjC/DOMTestObj.mm:
            (-[DOMTestObj readOnlyIntAttr]):
            (-[DOMTestObj readOnlyStringAttr]):
            (-[DOMTestObj readOnlyTestObjAttr]):
            (-[DOMTestObj intAttr]):
            (-[DOMTestObj setIntAttr:]):
            (-[DOMTestObj longLongAttr]):
            (-[DOMTestObj setLongLongAttr:]):
            (-[DOMTestObj unsignedLongLongAttr]):
            (-[DOMTestObj setUnsignedLongLongAttr:]):
            (-[DOMTestObj stringAttr]):
            (-[DOMTestObj setStringAttr:]):
            (-[DOMTestObj testObjAttr]):
            (-[DOMTestObj setTestObjAttr:]):
            (-[DOMTestObj attrWithException]):
            (-[DOMTestObj setAttrWithException:]):
            (-[DOMTestObj attrWithSetterException]):
            (-[DOMTestObj setAttrWithSetterException:]):
            (-[DOMTestObj attrWithGetterException]):
            (-[DOMTestObj setAttrWithGetterException:]):
            (-[DOMTestObj customAttr]):
            (-[DOMTestObj setCustomAttr:]):
            (-[DOMTestObj scriptStringAttr]):
            (-[DOMTestObj voidMethod]):
            (-[DOMTestObj voidMethodWithArgs:strArg:objArg:]):
            (-[DOMTestObj intMethod]):
            (-[DOMTestObj intMethodWithArgs:strArg:objArg:]):
            (-[DOMTestObj objMethod]):
            (-[DOMTestObj objMethodWithArgs:strArg:objArg:]):
            (-[DOMTestObj methodThatRequiresAllArgs:objArg:]):
            (-[DOMTestObj methodThatRequiresAllArgsAndThrows:objArg:]):
            (-[DOMTestObj serializedValue:]):
            (-[DOMTestObj methodWithException]):
            (-[DOMTestObj customMethod]):
            (-[DOMTestObj customMethodWithArgs:strArg:objArg:]):
            (-[DOMTestObj customArgsAndException:]):
            (-[DOMTestObj addEventListener:listener:useCapture:]):
            (-[DOMTestObj removeEventListener:listener:useCapture:]):
            (-[DOMTestObj withDynamicFrame]):
            (-[DOMTestObj withDynamicFrameAndArg:]):
            (-[DOMTestObj withDynamicFrameAndOptionalArg:optionalArg:]):
            (-[DOMTestObj withDynamicFrameAndUserGesture:]):
            (-[DOMTestObj withDynamicFrameAndUserGestureASAD:optionalArg:]):
            (-[DOMTestObj withScriptStateVoid]):
            (-[DOMTestObj withScriptStateObj]):
            (-[DOMTestObj withScriptStateVoidException]):
            (-[DOMTestObj withScriptStateObjException]):
            (-[DOMTestObj methodWithOptionalArg:]):
            (-[DOMTestObj methodWithNonOptionalArgAndOptionalArg:opt:]):
            (-[DOMTestObj methodWithNonOptionalArgAndTwoOptionalArgs:opt1:opt2:]):
            * bindings/v8/ScriptController.cpp:
            (WebCore::ScriptController::canAccessFromCurrentOrigin):
            * bindings/v8/ScriptController.h:
            * html/HTMLFrameElementBase.cpp:
            (WebCore::HTMLFrameElementBase::isURLAllowed):
    2010-05-19  Justin Schuh  <jschuh@chromium.org>
    
            Reviewed by Adam Barth.
    
            Moving frame.src checks out of the bindings
            https://bugs.webkit.org/show_bug.cgi?id=37815
    
            * http/tests/security/xss-DENIED-iframe-src-alias-expected.txt:
            * http/tests/security/xss-DENIED-iframe-src-alias.html:
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@59769 268f45cc-cd09-0410-ab3c-d52691b4dbfc
    a4b82d8b
ChangeLog 1.08 MB