void V8Proxy::updateDocumentWrapperCache()
{
v8::HandleScope handleScope;
v8::Context::Scope contextScope(context());
// If the document has no frame, NodeToV8Object might get the
// document wrapper for a document that is about to be deleted.
// If the ForceSet below causes a garbage collection, the document
// might get deleted and the global handle for the document
// wrapper cleared. Using the cleared global handle will lead to
// crashes. In this case we clear the cache and let the DOMWindow
// accessor handle access to the document.
if (!m_frame->document()->frame()) {
clearDocumentWrapperCache();
return;
}
v8::Handle<v8::Value> documentWrapper = V8DOMWrapper::convertNodeToV8Object(m_frame->document());
// If instantiation of the document wrapper fails, clear the cache
// and let the DOMWindow accessor handle access to the document.
if (documentWrapper.IsEmpty()) {
clearDocumentWrapperCache();
return;
}
context()->Global()->ForceSet(v8::String::New("document"), documentWrapper, static_cast<v8::PropertyAttribute>(v8::ReadOnly | v8::DontDelete));
}
void V8Proxy::clearForNavigation()
{
disconnectEventListeners();
if (!context().IsEmpty()) {
v8::HandleScope handle;
clearDocumentWrapper();
v8::Context::Scope contextScope(context());
// Clear the document wrapper cache before turning on access checks on
// the old DOMWindow wrapper. This way, access to the document wrapper
// will be protected by the security checks on the DOMWindow wrapper.
clearDocumentWrapperCache();
// Turn on access check on the old DOMWindow wrapper.
v8::Handle<v8::Object> wrapper = V8DOMWrapper::lookupDOMWrapper(V8ClassIndex::DOMWINDOW, m_global);
ASSERT(!wrapper.IsEmpty());
wrapper->TurnOnAccessCheck();
// Separate the context from its global object.
context()->DetachGlobal();
disposeContextHandles();
}
}
void V8DOMWindowShell::clearForNavigation()
{
if (!m_context.IsEmpty()) {
v8::HandleScope handle;
clearDocumentWrapper();
v8::Context::Scope contextScope(m_context);
// Clear the document wrapper cache before turning on access checks on
// the old DOMWindow wrapper. This way, access to the document wrapper
// will be protected by the security checks on the DOMWindow wrapper.
clearDocumentWrapperCache();
// Turn on access check on the old DOMWindow wrapper.
v8::Handle<v8::Object> wrapper = V8DOMWrapper::lookupDOMWrapper(V8DOMWindow::GetTemplate(), m_global);
ASSERT(!wrapper.IsEmpty());
wrapper->TurnOnAccessCheck();
// Separate the context from its global object.
m_context->DetachGlobal();
disposeContextHandles();
}
}