void V8DOMWindowShell::setSecurityToken()
{
ASSERT(m_world->isMainWorld());
Document* document = m_frame->document();
// Ask the document's SecurityOrigin to generate a security token.
// If two tokens are equal, then the SecurityOrigins canAccess each other.
// If two tokens are not equal, then we have to call canAccess.
// Note: we can't use the HTTPOrigin if it was set from the DOM.
SecurityOrigin* origin = document->securityOrigin();
String token;
if (!origin->domainWasSetInDOM())
token = document->securityOrigin()->toString();
// An empty or "null" token means we always have to call
// canAccess. The toString method on securityOrigins returns the
// string "null" for empty security origins and for security
// origins that should only allow access to themselves. In this
// case, we use the global object as the security token to avoid
// calling canAccess when a script accesses its own objects.
if (token.isEmpty() || token == "null") {
m_context->UseDefaultSecurityToken();
return;
}
CString utf8Token = token.utf8();
// NOTE: V8 does identity comparison in fast path, must use a symbol
// as the security token.
m_context->SetSecurityToken(v8::String::NewSymbol(utf8Token.data(), utf8Token.length()));
}
void WindowProxy::setSecurityToken(SecurityOrigin* origin)
{
// If two tokens are equal, then the SecurityOrigins canAccess each other.
// If two tokens are not equal, then we have to call canAccess.
// Note: we can't use the HTTPOrigin if it was set from the DOM.
String token;
// There are several situations where v8 needs to do a full canAccess check,
// so set an empty security token instead:
// - document.domain was modified
// - the frame is showing the initial empty document
// - the frame is remote
bool delaySet = m_frame->isRemoteFrame() || (m_world->isMainWorld() && (origin->domainWasSetInDOM() || toLocalFrame(m_frame)->loader().stateMachine()->isDisplayingInitialEmptyDocument()));
if (origin && !delaySet)
token = origin->toString();
// An empty or "null" token means we always have to call
// canAccess. The toString method on securityOrigins returns the
// string "null" for empty security origins and for security
// origins that should only allow access to themselves. In this
// case, we use the global object as the security token to avoid
// calling canAccess when a script accesses its own objects.
v8::HandleScope handleScope(m_isolate);
v8::Local<v8::Context> context = m_scriptState->context();
if (token.isEmpty() || token == "null") {
context->UseDefaultSecurityToken();
return;
}
if (m_world->isPrivateScriptIsolatedWorld()) {
token = "private-script://" + token;
} else if (m_world->isIsolatedWorld()) {
SecurityOrigin* frameSecurityOrigin = m_frame->securityContext()->getSecurityOrigin();
String frameSecurityToken = frameSecurityOrigin->toString();
// We need to check the return value of domainWasSetInDOM() on the
// frame's SecurityOrigin because, if that's the case, only
// SecurityOrigin::m_domain would have been modified.
// m_domain is not used by SecurityOrigin::toString(), so we would end
// up generating the same token that was already set.
if (frameSecurityOrigin->domainWasSetInDOM() || frameSecurityToken.isEmpty() || frameSecurityToken == "null") {
context->UseDefaultSecurityToken();
return;
}
token = frameSecurityToken + token;
}
CString utf8Token = token.utf8();
// NOTE: V8 does identity comparison in fast path, must use a symbol
// as the security token.
context->SetSecurityToken(v8AtomicString(m_isolate, utf8Token.data(), utf8Token.length()));
}
void V8WindowShell::setSecurityToken()
{
ASSERT(m_world->isMainWorld());
Document* document = m_frame->document();
// Ask the document's SecurityOrigin to generate a security token.
// If two tokens are equal, then the SecurityOrigins canAccess each other.
// If two tokens are not equal, then we have to call canAccess.
// Note: we can't use the HTTPOrigin if it was set from the DOM.
SecurityOrigin* origin = document->securityOrigin();
String token;
// We stick with an empty token if document.domain was modified or if we
// are in the initial empty document, so that we can do a full canAccess
// check in those cases.
if (!origin->domainWasSetInDOM()
&& !m_frame->loader().stateMachine()->isDisplayingInitialEmptyDocument())
token = document->securityOrigin()->toString();
// An empty or "null" token means we always have to call
// canAccess. The toString method on securityOrigins returns the
// string "null" for empty security origins and for security
// origins that should only allow access to themselves. In this
// case, we use the global object as the security token to avoid
// calling canAccess when a script accesses its own objects.
v8::HandleScope handleScope(m_isolate);
v8::Handle<v8::Context> context = m_contextHolder->context();
if (token.isEmpty() || token == "null") {
context->UseDefaultSecurityToken();
return;
}
CString utf8Token = token.utf8();
// NOTE: V8 does identity comparison in fast path, must use a symbol
// as the security token.
context->SetSecurityToken(v8AtomicString(m_isolate, utf8Token.data(), utf8Token.length()));
}
