bool WindowProxy::initialize() { TRACE_EVENT0("v8", "WindowProxy::initialize"); SCOPED_BLINK_UMA_HISTOGRAM_TIMER("Blink.Binding.InitializeWindowProxy"); ScriptForbiddenScope::AllowUserAgentScript allowScript; v8::HandleScope handleScope(m_isolate); createContext(); if (!isContextInitialized()) return false; ScriptState::Scope scope(m_scriptState.get()); v8::Local<v8::Context> context = m_scriptState->context(); if (m_global.isEmpty()) { m_global.set(m_isolate, context->Global()); if (m_global.isEmpty()) { disposeContext(DoNotDetachGlobal); return false; } } if (!setupWindowPrototypeChain()) { disposeContext(DoNotDetachGlobal); return false; } SecurityOrigin* origin = 0; if (m_world->isMainWorld()) { // ActivityLogger for main world is updated within updateDocument(). updateDocument(); origin = m_frame->securityContext()->getSecurityOrigin(); // FIXME: Can this be removed when CSP moves to browser? ContentSecurityPolicy* csp = m_frame->securityContext()->contentSecurityPolicy(); context->AllowCodeGenerationFromStrings( csp->allowEval(0, ContentSecurityPolicy::SuppressReport)); context->SetErrorMessageForCodeGenerationFromStrings( v8String(m_isolate, csp->evalDisabledErrorMessage())); } else { updateActivityLogger(); origin = m_world->isolatedWorldSecurityOrigin(); setSecurityToken(origin); } // All interfaces must be registered to V8PerContextData. // So we explicitly call constructorForType for the global object. V8PerContextData::from(context)->constructorForType( &V8Window::wrapperTypeInfo); if (m_frame->isLocalFrame()) { LocalFrame* frame = toLocalFrame(m_frame); MainThreadDebugger::instance()->contextCreated(m_scriptState.get(), frame, origin); frame->loader().client()->didCreateScriptContext( context, m_world->extensionGroup(), m_world->worldId()); } return true; }
bool WindowProxy::initialize() { TRACE_EVENT0("v8", "WindowProxy::initialize"); TRACE_EVENT_SCOPED_SAMPLING_STATE("blink", "InitializeWindow"); SCOPED_BLINK_UMA_HISTOGRAM_TIMER("Blink.Binding.InitializeWindowProxy"); ScriptForbiddenScope::AllowUserAgentScript allowScript; v8::HandleScope handleScope(m_isolate); createContext(); if (!isContextInitialized()) return false; ScriptState::Scope scope(m_scriptState.get()); v8::Local<v8::Context> context = m_scriptState->context(); if (m_global.isEmpty()) { m_global.set(m_isolate, context->Global()); if (m_global.isEmpty()) { disposeContext(DoNotDetachGlobal); return false; } } if (!setupWindowPrototypeChain()) { disposeContext(DoNotDetachGlobal); return false; } SecurityOrigin* origin = 0; if (m_world->isMainWorld()) { // ActivityLogger for main world is updated within updateDocument(). updateDocument(); origin = m_frame->securityContext()->getSecurityOrigin(); // FIXME: Can this be removed when CSP moves to browser? ContentSecurityPolicy* csp = m_frame->securityContext()->contentSecurityPolicy(); context->AllowCodeGenerationFromStrings(csp->allowEval(0, ContentSecurityPolicy::SuppressReport)); context->SetErrorMessageForCodeGenerationFromStrings(v8String(m_isolate, csp->evalDisabledErrorMessage())); } else { updateActivityLogger(); origin = m_world->isolatedWorldSecurityOrigin(); setSecurityToken(origin); } if (m_frame->isLocalFrame()) { LocalFrame* frame = toLocalFrame(m_frame); MainThreadDebugger::instance()->contextCreated(m_scriptState.get(), frame, origin); frame->loader().client()->didCreateScriptContext(context, m_world->extensionGroup(), m_world->worldId()); } // If Origin Trials have been registered before the V8 context was ready, // then inject them into the context now ExecutionContext* executionContext = m_scriptState->getExecutionContext(); if (executionContext) { OriginTrialContext* originTrialContext = OriginTrialContext::from(executionContext); if (originTrialContext) originTrialContext->initializePendingFeatures(); } return true; }
bool WindowProxy::initialize() { TRACE_EVENT0("v8", "WindowProxy::initialize"); TRACE_EVENT_SCOPED_SAMPLING_STATE("blink", "InitializeWindow"); ScriptForbiddenScope::AllowUserAgentScript allowScript; v8::HandleScope handleScope(m_isolate); createContext(); if (!isContextInitialized()) return false; ScriptState::Scope scope(m_scriptState.get()); v8::Local<v8::Context> context = m_scriptState->context(); if (m_global.isEmpty()) { m_global.set(m_isolate, context->Global()); if (m_global.isEmpty()) { disposeContext(DoNotDetachGlobal); return false; } } if (!installDOMWindow()) { disposeContext(DoNotDetachGlobal); return false; } SecurityOrigin* origin = 0; if (m_world->isMainWorld()) { // ActivityLogger for main world is updated within updateDocument(). updateDocument(); origin = m_frame->securityContext()->securityOrigin(); // FIXME: Can this be removed when CSP moves to browser? ContentSecurityPolicy* csp = m_frame->securityContext()->contentSecurityPolicy(); context->AllowCodeGenerationFromStrings(csp->allowEval(0, ContentSecurityPolicy::SuppressReport)); context->SetErrorMessageForCodeGenerationFromStrings(v8String(m_isolate, csp->evalDisabledErrorMessage())); } else { updateActivityLogger(); origin = m_world->isolatedWorldSecurityOrigin(); setSecurityToken(origin); } if (m_frame->isLocalFrame()) { LocalFrame* frame = toLocalFrame(m_frame); MainThreadDebugger::initializeContext(context, m_world->worldId()); InspectorInstrumentation::didCreateScriptContext(frame, m_scriptState.get(), origin, m_world->worldId()); frame->loader().client()->didCreateScriptContext(context, m_world->extensionGroup(), m_world->worldId()); } return true; }
// Create a new environment and setup the global object. // // The global object corresponds to a DOMWindow instance. However, to // allow properties of the JS DOMWindow instance to be shadowed, we // use a shadow object as the global object and use the JS DOMWindow // instance as the prototype for that shadow object. The JS DOMWindow // instance is undetectable from JavaScript code because the __proto__ // accessors skip that object. // // The shadow object and the DOMWindow instance are seen as one object // from JavaScript. The JavaScript object that corresponds to a // DOMWindow instance is the shadow object. When mapping a DOMWindow // instance to a V8 object, we return the shadow object. // // To implement split-window, see // 1) https://bugs.webkit.org/show_bug.cgi?id=17249 // 2) https://wiki.mozilla.org/Gecko:SplitWindow // 3) https://bugzilla.mozilla.org/show_bug.cgi?id=296639 // we need to split the shadow object further into two objects: // an outer window and an inner window. The inner window is the hidden // prototype of the outer window. The inner window is the default // global object of the context. A variable declared in the global // scope is a property of the inner window. // // The outer window sticks to a Frame, it is exposed to JavaScript // via window.window, window.self, window.parent, etc. The outer window // has a security token which is the domain. The outer window cannot // have its own properties. window.foo = 'x' is delegated to the // inner window. // // When a frame navigates to a new page, the inner window is cut off // the outer window, and the outer window identify is preserved for // the frame. However, a new inner window is created for the new page. // If there are JS code holds a closure to the old inner window, // it won't be able to reach the outer window via its global object. bool V8WindowShell::initializeIfNeeded() { if (m_contextHolder) return true; TRACE_EVENT0("v8", "V8WindowShell::initializeIfNeeded"); v8::HandleScope handleScope(m_isolate); createContext(); if (!m_contextHolder) return false; v8::Handle<v8::Context> context = m_contextHolder->context(); V8PerContextDataHolder::install(context); m_world->setIsolatedWorldField(context); bool isMainWorld = m_world->isMainWorld(); v8::Context::Scope contextScope(context); if (m_global.isEmpty()) { m_global.set(m_isolate, context->Global()); if (m_global.isEmpty()) { disposeContext(DoNotDetachGlobal); return false; } } if (!isMainWorld) { V8WindowShell* mainWindow = m_frame->script().existingWindowShell(mainThreadNormalWorld()); if (mainWindow && !mainWindow->context().IsEmpty()) setInjectedScriptContextDebugId(context, m_frame->script().contextDebugId(mainWindow->context())); } m_perContextData = V8PerContextData::create(context); if (!m_perContextData->init()) { disposeContext(DoNotDetachGlobal); return false; } m_perContextData->setActivityLogger(DOMWrapperWorld::activityLogger(m_world->worldId())); if (!installDOMWindow()) { disposeContext(DoNotDetachGlobal); return false; } if (isMainWorld) { updateDocument(); setSecurityToken(); if (m_frame->document()) { ContentSecurityPolicy* csp = m_frame->document()->contentSecurityPolicy(); context->AllowCodeGenerationFromStrings(csp->allowEval(0, ContentSecurityPolicy::SuppressReport)); context->SetErrorMessageForCodeGenerationFromStrings(v8String(m_isolate, csp->evalDisabledErrorMessage())); } } else { // Using the default security token means that the canAccess is always // called, which is slow. // FIXME: Use tokens where possible. This will mean keeping track of all // created contexts so that they can all be updated when the // document domain // changes. context->UseDefaultSecurityToken(); SecurityOrigin* origin = m_world->isolatedWorldSecurityOrigin(); if (origin && InspectorInstrumentation::hasFrontends()) { ScriptState* scriptState = ScriptState::forContext(v8::Local<v8::Context>::New(m_isolate, context)); InspectorInstrumentation::didCreateIsolatedContext(m_frame, scriptState, origin); } } m_frame->loader().client()->didCreateScriptContext(context, m_world->extensionGroup(), m_world->worldId()); return true; }