PassRefPtr<JSLazyEventListener> createAttributeEventListener(Frame* frame, Attribute* attr)
{
if (!frame)
return 0;
ASSERT(attr);
if (attr->isNull())
return 0;
int lineNumber = 1;
String sourceURL;
ScriptController* scriptController = frame->script();
if (!scriptController->canExecuteScripts(AboutToExecuteScript))
return 0;
if (!scriptController->xssAuditor()->canCreateInlineEventListener(attr->localName().string(), attr->value())) {
// This script is not safe to execute.
return 0;
}
lineNumber = scriptController->eventHandlerLineNumber();
sourceURL = frame->document()->url().string();
JSObject* wrapper = toJSDOMWindow(frame, mainThreadNormalWorld());
return JSLazyEventListener::create(attr->localName().string(), eventParameterName(frame->document()->isSVGDocument()), attr->value(), 0, sourceURL, lineNumber, wrapper, mainThreadNormalWorld());
}
PassRefPtr<V8LazyEventListener> createAttributeEventListener(Frame* frame, Attribute* attr)
{
if (!frame)
return 0;
ASSERT(attr);
if (attr->isNull())
return 0;
int lineNumber = 1;
int columnNumber = 0;
String sourceURL;
ScriptController* scriptController = frame->script();
if (!scriptController->canExecuteScripts(AboutToExecuteScript))
return 0;
if (!scriptController->xssAuditor()->canCreateInlineEventListener(attr->localName().string(), attr->value())) {
// This script is not safe to execute.
return 0;
}
if (frame->document()->tokenizer()) {
// FIXME: Change to use script->eventHandlerLineNumber() when implemented.
lineNumber = frame->document()->tokenizer()->lineNumber();
columnNumber = frame->document()->tokenizer()->columnNumber();
}
sourceURL = frame->document()->url().string();
return V8LazyEventListener::create(attr->localName().string(), frame->document()->isSVGDocument(), attr->value(), sourceURL, lineNumber, columnNumber, WorldContextHandle(UseMainWorld));
}
PassRefPtr<JSLazyEventListener> createAttributeEventListener(Node* node, Attribute* attr)
{
ASSERT(node);
ASSERT(attr);
if (attr->isNull())
return 0;
int lineNumber = 1;
String sourceURL;
// FIXME: We should be able to provide accurate source information for frameless documents, too (e.g. for importing nodes from XMLHttpRequest.responseXML).
if (Frame* frame = node->document()->frame()) {
ScriptController* scriptController = frame->script();
if (!scriptController->canExecuteScripts(AboutToExecuteScript))
return 0;
if (!scriptController->xssAuditor()->canCreateInlineEventListener(attr->localName().string(), attr->value())) {
// This script is not safe to execute.
return 0;
}
lineNumber = scriptController->eventHandlerLineNumber();
sourceURL = node->document()->url().string();
}
return JSLazyEventListener::create(attr->localName().string(), eventParameterName(node->isSVGElement()), attr->value(), node, sourceURL, lineNumber, 0, mainThreadNormalWorld());
}
JSObject* JSLazyEventListener::initializeJSFunction(ScriptExecutionContext* executionContext) const
{
ASSERT(executionContext);
ASSERT(executionContext->isDocument());
if (!executionContext)
return 0;
Document* document = static_cast<Document*>(executionContext);
if (!document->frame())
return 0;
if (!document->contentSecurityPolicy()->allowInlineEventHandlers())
return 0;
ScriptController* script = document->frame()->script();
if (!script->canExecuteScripts(AboutToExecuteScript) || script->isPaused())
return 0;
JSDOMGlobalObject* globalObject = toJSDOMGlobalObject(executionContext, isolatedWorld());
if (!globalObject)
return 0;
ExecState* exec = globalObject->globalExec();
MarkedArgumentBuffer args;
args.append(jsNontrivialString(exec, stringToUString(m_eventParameterName)));
args.append(jsString(exec, m_code));
JSObject* jsFunction = constructFunctionSkippingEvalEnabledCheck(exec, exec->lexicalGlobalObject(), args, Identifier(exec, stringToUString(m_functionName)), stringToUString(m_sourceURL), m_position); // FIXME: is globalExec ok?
if (exec->hadException()) {
reportCurrentException(exec);
exec->clearException();
return 0;
}
JSFunction* listenerAsFunction = jsCast<JSFunction*>(jsFunction);
if (m_originalNode) {
if (!wrapper()) {
// Ensure that 'node' has a JavaScript wrapper to mark the event listener we're creating.
JSLock lock(SilenceAssertionsOnly);
// FIXME: Should pass the global object associated with the node
setWrapper(exec->globalData(), asObject(toJS(exec, globalObject, m_originalNode)));
}
// Add the event's home element to the scope
// (and the document, and the form - see JSHTMLElement::eventHandlerScope)
listenerAsFunction->setScope(exec->globalData(), jsCast<JSNode*>(wrapper())->pushEventHandlerScope(exec, listenerAsFunction->scope()));
}
// Since we only parse once, there's no need to keep data used for parsing around anymore.
m_functionName = String();
m_code = String();
m_eventParameterName = String();
m_sourceURL = String();
return jsFunction;
}
void ScheduledAction::execute(ScriptExecutionContext* context)
{
if (context->isDocument()) {
Frame* frame = static_cast<Document*>(context)->frame();
ScriptController* scriptController = frame->script();
if (!scriptController->canExecuteScripts(NotAboutToExecuteScript))
return;
V8Proxy* proxy = V8Proxy::retrieve(frame);
execute(proxy);
}
#if ENABLE(WORKERS)
else {
ASSERT(context->isWorkerContext());
execute(static_cast<WorkerContext*>(context));
}
#endif
}
PassRefPtr<JSLazyEventListener> createAttributeEventListener(Frame* frame, const QualifiedName& name, const AtomicString& value)
{
if (!frame)
return 0;
if (value.isNull())
return 0;
ScriptController* scriptController = frame->script();
if (!scriptController->canExecuteScripts(AboutToExecuteScript))
return 0;
TextPosition position = scriptController->eventHandlerPosition();
String sourceURL = frame->document()->url().string();
JSObject* wrapper = toJSDOMWindow(frame, mainThreadNormalWorld());
return JSLazyEventListener::create(name.localName().string(), eventParameterName(frame->document()->isSVGDocument()), value, 0, sourceURL, position, wrapper, mainThreadNormalWorld());
}
PassRefPtr<JSLazyEventListener> createAttributeEventListener(Node* node, const QualifiedName& name, const AtomicString& value)
{
ASSERT(node);
if (value.isNull())
return 0;
TextPosition position = TextPosition::minimumPosition();
String sourceURL;
// FIXME: We should be able to provide accurate source information for frameless documents, too (e.g. for importing nodes from XMLHttpRequest.responseXML).
if (Frame* frame = node->document()->frame()) {
ScriptController* scriptController = frame->script();
if (!scriptController->canExecuteScripts(AboutToExecuteScript))
return 0;
position = scriptController->eventHandlerPosition();
sourceURL = node->document()->url().string();
}
return JSLazyEventListener::create(name.localName().string(), eventParameterName(node->isSVGElement()), value, node, sourceURL, position, 0, mainThreadNormalWorld());
}
void JSEventListener::handleEvent(ScriptExecutionContext* scriptExecutionContext, Event* event)
{
ASSERT(scriptExecutionContext);
if (!scriptExecutionContext || scriptExecutionContext->isJSExecutionTerminated())
return;
JSLock lock(SilenceAssertionsOnly);
JSObject* jsFunction = this->jsFunction(scriptExecutionContext);
if (!jsFunction)
return;
JSDOMGlobalObject* globalObject = toJSDOMGlobalObject(scriptExecutionContext, m_isolatedWorld.get());
if (!globalObject)
return;
if (scriptExecutionContext->isDocument()) {
JSDOMWindow* window = static_cast<JSDOMWindow*>(globalObject);
Frame* frame = window->impl()->frame();
if (!frame)
return;
// The window must still be active in its frame. See <https://bugs.webkit.org/show_bug.cgi?id=21921>.
// FIXME: A better fix for this may be to change DOMWindow::frame() to not return a frame the detached window used to be in.
if (frame->domWindow() != window->impl())
return;
// FIXME: Is this check needed for other contexts?
ScriptController* script = frame->script();
if (!script->canExecuteScripts(AboutToExecuteScript) || script->isPaused())
return;
}
ExecState* exec = globalObject->globalExec();
JSValue handleEventFunction = jsFunction->get(exec, Identifier(exec, "handleEvent"));
CallData callData;
CallType callType = handleEventFunction.getCallData(callData);
if (callType == CallTypeNone) {
handleEventFunction = JSValue();
callType = jsFunction->getCallData(callData);
}
if (callType != CallTypeNone) {
ref();
MarkedArgumentBuffer args;
args.append(toJS(exec, globalObject, event));
Event* savedEvent = globalObject->currentEvent();
globalObject->setCurrentEvent(event);
JSGlobalData* globalData = globalObject->globalData();
DynamicGlobalObjectScope globalObjectScope(exec, globalData->dynamicGlobalObject ? globalData->dynamicGlobalObject : globalObject);
globalData->timeoutChecker.start();
JSValue retval = handleEventFunction
? JSC::call(exec, handleEventFunction, callType, callData, jsFunction, args)
: JSC::call(exec, jsFunction, callType, callData, toJS(exec, globalObject, event->currentTarget()), args);
globalData->timeoutChecker.stop();
globalObject->setCurrentEvent(savedEvent);
if (exec->hadException())
#if PLATFORM(APOLLO)
reportApolloException(globalObject);
#else
reportCurrentException(exec);
#endif
else {
if (!retval.isUndefinedOrNull() && event->storesResultAsString())
void JSEventListener::handleEvent(ScriptExecutionContext* scriptExecutionContext, Event* event)
{
ASSERT(scriptExecutionContext);
if (!scriptExecutionContext || scriptExecutionContext->isJSExecutionForbidden())
return;
JSLock lock(SilenceAssertionsOnly);
JSObject* jsFunction = this->jsFunction(scriptExecutionContext);
if (!jsFunction)
return;
JSDOMGlobalObject* globalObject = toJSDOMGlobalObject(scriptExecutionContext, m_isolatedWorld.get());
if (!globalObject)
return;
if (scriptExecutionContext->isDocument()) {
JSDOMWindow* window = static_cast<JSDOMWindow*>(globalObject);
Frame* frame = window->impl()->frame();
if (!frame)
return;
// The window must still be active in its frame. See <https://bugs.webkit.org/show_bug.cgi?id=21921>.
// FIXME: A better fix for this may be to change DOMWindow::frame() to not return a frame the detached window used to be in.
if (frame->domWindow() != window->impl())
return;
// FIXME: Is this check needed for other contexts?
ScriptController* script = frame->script();
if (!script->canExecuteScripts(AboutToExecuteScript) || script->isPaused())
return;
}
ExecState* exec = globalObject->globalExec();
JSValue handleEventFunction = jsFunction;
CallData callData;
CallType callType = getCallData(handleEventFunction, callData);
// If jsFunction is not actually a function, see if it implements the EventListener interface and use that
if (callType == CallTypeNone) {
handleEventFunction = jsFunction->get(exec, Identifier(exec, "handleEvent"));
callType = getCallData(handleEventFunction, callData);
}
if (callType != CallTypeNone) {
RefPtr<JSEventListener> protect(this);
MarkedArgumentBuffer args;
args.append(toJS(exec, globalObject, event));
Event* savedEvent = globalObject->currentEvent();
globalObject->setCurrentEvent(event);
JSGlobalData& globalData = globalObject->globalData();
DynamicGlobalObjectScope globalObjectScope(globalData, globalData.dynamicGlobalObject ? globalData.dynamicGlobalObject : globalObject);
globalData.timeoutChecker.start();
JSValue thisValue = handleEventFunction == jsFunction ? toJS(exec, globalObject, event->currentTarget()) : jsFunction;
JSValue retval = scriptExecutionContext->isDocument()
? JSMainThreadExecState::call(exec, handleEventFunction, callType, callData, thisValue, args)
: JSC::call(exec, handleEventFunction, callType, callData, thisValue, args);
globalData.timeoutChecker.stop();
globalObject->setCurrentEvent(savedEvent);
#if ENABLE(WORKERS)
if (scriptExecutionContext->isWorkerContext()) {
bool terminatorCausedException = (exec->hadException() && isTerminatedExecutionException(exec->exception()));
if (terminatorCausedException || globalData.terminator.shouldTerminate())
static_cast<WorkerContext*>(scriptExecutionContext)->script()->forbidExecution();
}
#endif
if (exec->hadException()) {
event->target()->uncaughtExceptionInEventHandler();
reportCurrentException(exec);
} else {
if (!retval.isUndefinedOrNull() && event->storesResultAsString())
event->storeResult(ustringToString(retval.toString(exec)->value(exec)));
if (m_isAttribute) {
if (retval.isFalse())
event->preventDefault();
}
}
}
}
JSObject* JSLazyEventListener::initializeJSFunction(ScriptExecutionContext* executionContext) const
{
ASSERT(executionContext);
ASSERT(executionContext->isDocument());
if (!executionContext)
return 0;
Frame* frame = static_cast<Document*>(executionContext)->frame();
if (!frame)
return 0;
ScriptController* scriptController = frame->script();
if (!scriptController->canExecuteScripts(AboutToExecuteScript))
return 0;
JSDOMGlobalObject* globalObject = toJSDOMGlobalObject(executionContext, isolatedWorld());
if (!globalObject)
return 0;
if (executionContext->isDocument()) {
JSDOMWindow* window = static_cast<JSDOMWindow*>(globalObject);
Frame* frame = window->impl()->frame();
if (!frame)
return 0;
// FIXME: Is this check needed for non-Document contexts?
ScriptController* script = frame->script();
if (!script->canExecuteScripts(AboutToExecuteScript) || script->isPaused())
return 0;
}
ExecState* exec = globalObject->globalExec();
MarkedArgumentBuffer args;
args.append(jsNontrivialString(exec, stringToUString(m_eventParameterName)));
args.append(jsString(exec, m_code));
JSObject* jsFunction = constructFunction(exec, args, Identifier(exec, stringToUString(m_functionName)), stringToUString(m_sourceURL), m_lineNumber); // FIXME: is globalExec ok?
if (exec->hadException()) {
exec->clearException();
return 0;
}
JSFunction* listenerAsFunction = static_cast<JSFunction*>(jsFunction);
if (m_originalNode) {
if (!wrapper()) {
// Ensure that 'node' has a JavaScript wrapper to mark the event listener we're creating.
JSLock lock(SilenceAssertionsOnly);
// FIXME: Should pass the global object associated with the node
setWrapper(asObject(toJS(globalObject->globalExec(), globalObject, m_originalNode)));
}
// Add the event's home element to the scope
// (and the document, and the form - see JSHTMLElement::eventHandlerScope)
ScopeChain scope = listenerAsFunction->scope();
static_cast<JSNode*>(wrapper())->pushEventHandlerScope(exec, scope);
listenerAsFunction->setScope(scope);
}
// Since we only parse once, there's no need to keep data used for parsing around anymore.
m_functionName = String();
m_code = String();
m_eventParameterName = String();
m_sourceURL = String();
return jsFunction;
}
