Commit 91f86b0d authored by abarth@webkit.org's avatar abarth@webkit.org

2009-06-19 Adam Barth <abarth@webkit.org>

        Reviewed by Dimitri Glazkov.

        https://bugs.webkit.org/show_bug.cgi?id=26555

        Fix the Chromium canary bot.  Turns out ScriptSourceCode doesn't have
        the same API in V8 and JSC.

        * WebCore/bindings/js/ScriptController.cpp:
        * WebCore/bindings/js/ScriptSourceCode.h:
        * WebCore/bindings/v8/ScriptController.cpp:
        * WebCore/page/XSSAuditor.cpp:
        * WebCore/page/XSSAuditor.h:



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@44869 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent d5a83d80
2009-06-19 Adam Barth <abarth@webkit.org>
Reviewed by Dimitri Glazkov.
https://bugs.webkit.org/show_bug.cgi?id=26555
Fix the Chromium canary bot. Turns out ScriptSourceCode doesn't have
the same API in V8 and JSC.
* WebCore/bindings/js/ScriptController.cpp:
* WebCore/bindings/js/ScriptSourceCode.h:
* WebCore/bindings/v8/ScriptController.cpp:
* WebCore/page/XSSAuditor.cpp:
* WebCore/page/XSSAuditor.h:
2009-06-19 David Hyatt <hyatt@apple.com>
Reviewed by Anders Carlsson.
......@@ -160,7 +175,7 @@
* platform/graphics/cg/PatternCG.cpp:
(WebCore::Pattern::createPlatformPattern):
2009-06-19 abarth <abarth@webkit.org>
2009-06-19 Adam Barth <abarth@webkit.org>
Unreviewed attempt to fix the Chromium build.
......
......@@ -81,14 +81,14 @@ ScriptController::~ScriptController()
ScriptValue ScriptController::evaluate(const ScriptSourceCode& sourceCode)
{
if (!m_XSSAuditor->canEvaluate(sourceCode)) {
if (!m_XSSAuditor->canEvaluate(sourceCode.source())) {
// This script is not safe to be evaluated.
return JSValue();
}
// evaluate code. Returns the JS return value or 0
// if there was none, an error occured or the type couldn't be converted.
const SourceCode& jsSourceCode = sourceCode.jsSourceCode();
initScriptIfNeeded();
......
......@@ -53,6 +53,9 @@ public:
const JSC::SourceCode& jsSourceCode() const { return m_code; }
// Note the memcpy!
String source() const { return String(m_code.data(), m_code.length()); }
private:
JSC::SourceCode m_code;
};
......
......@@ -188,7 +188,7 @@ void ScriptController::evaluateInNewContext(const Vector<ScriptSourceCode>& sour
// Evaluate a script file in the environment of this proxy.
ScriptValue ScriptController::evaluate(const ScriptSourceCode& sourceCode)
{
if (!m_XSSAuditor->canEvaluate(sourceCode)) {
if (!m_XSSAuditor->canEvaluate(sourceCode.source())) {
// This script is not safe to be evaluated.
return ScriptValue();
}
......
......@@ -27,9 +27,12 @@
#include "config.h"
#include "XSSAuditor.h"
#include <wtf/StdLibExtras.h>
#include "Console.h"
#include "CString.h"
#include "DocumentLoader.h"
#include "DOMWindow.h"
#include "Frame.h"
#include "KURL.h"
#include "ScriptSourceCode.h"
......@@ -56,14 +59,6 @@ XSSAuditor::~XSSAuditor()
{
}
bool XSSAuditor::canEvaluate(const ScriptSourceCode& sourceCode) const
{
if (!m_isEnabled)
return true;
return canEvaluate(String(sourceCode.jsSourceCode().data(), sourceCode.jsSourceCode().length()));
}
bool XSSAuditor::canEvaluate(const String& sourceCode) const
{
if (!m_isEnabled)
......
......@@ -72,10 +72,6 @@ namespace WebCore {
bool isEnabled() const { return m_isEnabled; }
void setXSSAuditorEnabled(bool enabled) { m_isEnabled = enabled; }
// Determines whether the script should be allowed or denied execution
// based on the content of any user-submitted data.
bool canEvaluate(const ScriptSourceCode& sourceCode) const;
// Determines whether the script should be allowed or denied execution
// based on the content of any user-submitted data.
bool canEvaluate(const String& sourceCode) const;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment