Google Git
Sign in
android / platform / external / webkit / 1f60005350357f5b696dc1bf5343fd2d7d90ff72 / . / WebCore / bindings / v8 / custom / V8DOMWindowCustom.cpp
blob: ba6c7384b625c26fd12757f0b63dfba828588a36 [file] [log] [blame]
/*
* Copyright (C) 2009 Google Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
* met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following disclaimer
* in the documentation and/or other materials provided with the
* distribution.
* * Neither the name of Google Inc. nor the names of its
* contributors may be used to endorse or promote products derived from
* this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "config.h"
#include "V8DOMWindow.h"
#include "Base64.h"
#include "Chrome.h"
#include "Database.h"
#include "DOMTimer.h"
#include "DOMWindow.h"
#include "ExceptionCode.h"
#include "Frame.h"
#include "FrameLoadRequest.h"
#include "FrameView.h"
#include "HTMLCollection.h"
#include "HTMLDocument.h"
#include "MediaPlayer.h"
#include "Page.h"
#include "PlatformScreen.h"
#include "RuntimeEnabledFeatures.h"
#include "ScheduledAction.h"
#include "ScriptSourceCode.h"
#include "SerializedScriptValue.h"
#include "Settings.h"
#include "SharedWorkerRepository.h"
#include "Storage.h"
#include "V8Binding.h"
#include "V8BindingDOMWindow.h"
#include "V8BindingState.h"
#include "V8CustomBinding.h"
#include "V8CustomEventListener.h"
#include "V8HTMLCollection.h"
#include "V8MessagePortCustom.h"
#include "V8Node.h"
#include "V8Proxy.h"
#include "V8Utilities.h"
#if ENABLE(WEB_SOCKETS)
#include "WebSocket.h"
#endif
#include "WindowFeatures.h"
// Horizontal and vertical offset, from the parent content area, around newly
// opened popups that don't specify a location.
static const int popupTilePixels = 10;
namespace WebCore {
v8::Handle<v8::Value> WindowSetTimeoutImpl(const v8::Arguments& args, bool singleShot)
{
int argumentCount = args.Length();
if (argumentCount < 1)
return v8::Undefined();
DOMWindow* imp = V8DOMWindow::toNative(args.Holder());
ScriptExecutionContext* scriptContext = static_cast<ScriptExecutionContext*>(imp->document());
if (!scriptContext) {
V8Proxy::setDOMException(INVALID_ACCESS_ERR);
return v8::Undefined();
}
v8::Handle<v8::Value> function = args[0];
WebCore::String functionString;
if (!function->IsFunction()) {
if (function->IsString())
functionString = toWebCoreString(function);
else {
v8::Handle<v8::Value> v8String = function->ToString();
// Bail out if string conversion failed.
if (v8String.IsEmpty())
return v8::Undefined();
functionString = toWebCoreString(v8String);
}
// Don't allow setting timeouts to run empty functions!
// (Bug 1009597)
if (functionString.length() == 0)
return v8::Undefined();
}
int32_t timeout = 0;
if (argumentCount >= 2)
timeout = args[1]->Int32Value();
if (!V8BindingSecurity::canAccessFrame(V8BindingState::Only(), imp->frame(), true))
return v8::Undefined();
int id;
if (function->IsFunction()) {
int paramCount = argumentCount >= 2 ? argumentCount - 2 : 0;
v8::Local<v8::Value>* params = 0;
if (paramCount > 0) {
params = new v8::Local<v8::Value>[paramCount];
for (int i = 0; i < paramCount; i++)
// parameters must be globalized
params[i] = args[i+2];
}
// params is passed to action, and released in action's destructor
ScheduledAction* action = new ScheduledAction(V8Proxy::context(imp->frame()), v8::Handle<v8::Function>::Cast(function), paramCount, params);
delete[] params;
id = DOMTimer::install(scriptContext, action, timeout, singleShot);
} else {
id = DOMTimer::install(scriptContext, new ScheduledAction(V8Proxy::context(imp->frame()), functionString), timeout, singleShot);
}
return v8::Integer::New(id);
}
static bool isAscii(const String& str)
{
for (size_t i = 0; i < str.length(); i++) {
if (str[i] > 0xFF)
return false;
}
return true;
}
static v8::Handle<v8::Value> convertBase64(const String& str, bool encode)
{
if (!isAscii(str)) {
V8Proxy::setDOMException(INVALID_CHARACTER_ERR);
return notHandledByInterceptor();
}
Vector<char> inputCharacters(str.length());
for (size_t i = 0; i < str.length(); i++)
inputCharacters[i] = static_cast<char>(str[i]);
Vector<char> outputCharacters;
if (encode)
base64Encode(inputCharacters, outputCharacters);
else {
if (!base64Decode(inputCharacters, outputCharacters))
return throwError("Cannot decode base64", V8Proxy::GeneralError);
}
return v8String(String(outputCharacters.data(), outputCharacters.size()));
}
v8::Handle<v8::Value> V8DOMWindow::eventAccessorGetter(v8::Local<v8::String> name, const v8::AccessorInfo& info)
{
v8::Handle<v8::Object> holder = V8DOMWrapper::lookupDOMWrapper(V8ClassIndex::DOMWINDOW, info.This());
if (holder.IsEmpty())
return v8::Undefined();
Frame* frame = V8DOMWindow::toNative(holder)->frame();
if (!V8BindingSecurity::canAccessFrame(V8BindingState::Only(), frame, true))
return v8::Undefined();
v8::Local<v8::Context> context = V8Proxy::context(frame);
if (context.IsEmpty())
return v8::Undefined();
v8::Local<v8::String> eventSymbol = v8::String::NewSymbol("event");
v8::Handle<v8::Value> jsEvent = context->Global()->GetHiddenValue(eventSymbol);
if (jsEvent.IsEmpty())
return v8::Undefined();
return jsEvent;
}
void V8DOMWindow::eventAccessorSetter(v8::Local<v8::String> name, v8::Local<v8::Value> value, const v8::AccessorInfo& info)
{
v8::Handle<v8::Object> holder = V8DOMWrapper::lookupDOMWrapper(V8ClassIndex::DOMWINDOW, info.This());
if (holder.IsEmpty())
return;
Frame* frame = V8DOMWindow::toNative(holder)->frame();
if (!V8BindingSecurity::canAccessFrame(V8BindingState::Only(), frame, true))
return;
v8::Local<v8::Context> context = V8Proxy::context(frame);
if (context.IsEmpty())
return;
v8::Local<v8::String> eventSymbol = v8::String::NewSymbol("event");
context->Global()->SetHiddenValue(eventSymbol, value);
}
v8::Handle<v8::Value> V8DOMWindow::cryptoAccessorGetter(v8::Local<v8::String> name, const v8::AccessorInfo& info)
{
// FIXME: Implement me.
return v8::Undefined();
}
void V8DOMWindow::locationAccessorSetter(v8::Local<v8::String> name, v8::Local<v8::Value> value, const v8::AccessorInfo& info)
{
DOMWindow* imp = V8DOMWindow::toNative(info.Holder());
V8DOMWindowShell::setLocation(imp, toWebCoreString(value));
}
void V8DOMWindow::openerAccessorSetter(v8::Local<v8::String> name, v8::Local<v8::Value> value, const v8::AccessorInfo& info)
{
DOMWindow* imp = V8DOMWindow::toNative(info.Holder());
if (!V8BindingSecurity::canAccessFrame(V8BindingState::Only(), imp->frame(), true))
return;
// Opener can be shadowed if it is in the same domain.
// Have a special handling of null value to behave
// like Firefox. See bug http://b/1224887 & http://b/791706.
if (value->IsNull()) {
// imp->frame() cannot be null,
// otherwise, SameOrigin check would have failed.
ASSERT(imp->frame());
imp->frame()->loader()->setOpener(0);
}
// Delete the accessor from this object.
info.Holder()->Delete(name);
// Put property on the front (this) object.
info.This()->Set(name, value);
}
#if ENABLE(VIDEO)
v8::Handle<v8::Value> V8DOMWindow::AudioAccessorGetter(v8::Local<v8::String> name, const v8::AccessorInfo& info)
{
DOMWindow* window = V8DOMWindow::toNative(info.Holder());
return V8DOMWrapper::getConstructor(V8ClassIndex::AUDIO, window);
}
bool V8DOMWindow::AudioEnabled()
{
return MediaPlayer::isAvailable();
}
bool V8DOMWindow::HTMLMediaElementEnabled()
{
return MediaPlayer::isAvailable();
}
bool V8DOMWindow::HTMLAudioElementEnabled()
{
return MediaPlayer::isAvailable();
}
bool V8DOMWindow::HTMLVideoElementEnabled()
{
return MediaPlayer::isAvailable();
}
bool V8DOMWindow::MediaErrorEnabled()
{
return MediaPlayer::isAvailable();
}
#endif
#if ENABLE(SHARED_WORKERS)
bool V8DOMWindow::SharedWorkerEnabled()
{
return SharedWorkerRepository::isAvailable();
}
#endif
#if ENABLE(WEB_SOCKETS)
bool V8DOMWindow::WebSocketEnabled()
{
return WebSocket::isAvailable();
}
#endif
#if ENABLE(DATABASE)
bool V8DOMWindow::OpenDatabaseEnabled()
{
return Database::isAvailable();
}
#endif
#if ENABLE(INDEXED_DATABASE)
bool V8DOMWindow::IndexedDBEnabled()
{
return RuntimeEnabledFeatures::indexedDatabaseEnabled();
}
#endif
#if ENABLE(DOM_STORAGE)
bool V8DOMWindow::LocalStorageEnabled()
{
return RuntimeEnabledFeatures::localStorageEnabled();
}
bool V8DOMWindow::SessionStorageEnabled()
{
return RuntimeEnabledFeatures::sessionStorageEnabled();
}
#endif
#if ENABLE(NOTIFICATIONS)
bool V8DOMWindow::WebkitNotificationsEnabled()
{
return RuntimeEnabledFeatures::notificationsEnabled();
}
#endif
#if ENABLE(OFFLINE_WEB_APPLICATIONS)
bool V8DOMWindow::ApplicationCacheEnabled()
{
return RuntimeEnabledFeatures::applicationCacheEnabled();
}
#endif
v8::Handle<v8::Value> V8DOMWindow::ImageAccessorGetter(v8::Local<v8::String> name, const v8::AccessorInfo& info)
{
DOMWindow* window = V8DOMWindow::toNative(info.Holder());
return V8DOMWrapper::getConstructor(V8ClassIndex::IMAGE, window);
}
v8::Handle<v8::Value> V8DOMWindow::OptionAccessorGetter(v8::Local<v8::String> name, const v8::AccessorInfo& info)
{
DOMWindow* window = V8DOMWindow::toNative(info.Holder());
return V8DOMWrapper::getConstructor(V8ClassIndex::OPTION, window);
}
v8::Handle<v8::Value> V8DOMWindow::addEventListenerCallback(const v8::Arguments& args)
{
INC_STATS("DOM.DOMWindow.addEventListener()");
String eventType = toWebCoreString(args[0]);
bool useCapture = args[2]->BooleanValue();
DOMWindow* imp = V8DOMWindow::toNative(args.Holder());
if (!V8BindingSecurity::canAccessFrame(V8BindingState::Only(), imp->frame(), true))
return v8::Undefined();
Document* doc = imp->document();
if (!doc)
return v8::Undefined();
// FIXME: Check if there is not enough arguments
V8Proxy* proxy = V8Proxy::retrieve(imp->frame());
if (!proxy)
return v8::Undefined();
RefPtr<EventListener> listener = V8DOMWrapper::getEventListener(proxy, args[1], false, ListenerFindOrCreate);
if (listener) {
imp->addEventListener(eventType, listener, useCapture);
createHiddenDependency(args.Holder(), args[1], cacheIndex);
}
return v8::Undefined();
}
v8::Handle<v8::Value> V8DOMWindow::removeEventListenerCallback(const v8::Arguments& args)
{
INC_STATS("DOM.DOMWindow.removeEventListener()");
String eventType = toWebCoreString(args[0]);
bool useCapture = args[2]->BooleanValue();
DOMWindow* imp = V8DOMWindow::toNative(args.Holder());
if (!V8BindingSecurity::canAccessFrame(V8BindingState::Only(), imp->frame(), true))
return v8::Undefined();
Document* doc = imp->document();
if (!doc)
return v8::Undefined();
V8Proxy* proxy = V8Proxy::retrieve(imp->frame());
if (!proxy)
return v8::Undefined();
RefPtr<EventListener> listener = V8DOMWrapper::getEventListener(proxy, args[1], false, ListenerFindOnly);
if (listener) {
imp->removeEventListener(eventType, listener.get(), useCapture);
removeHiddenDependency(args.Holder(), args[1], cacheIndex);
}
return v8::Undefined();
}
v8::Handle<v8::Value> V8DOMWindow::postMessageCallback(const v8::Arguments& args)
{
INC_STATS("DOM.DOMWindow.postMessage()");
DOMWindow* window = V8DOMWindow::toNative(args.Holder());
DOMWindow* source = V8Proxy::retrieveFrameForCallingContext()->domWindow();
ASSERT(source->frame());
v8::TryCatch tryCatch;
RefPtr<SerializedScriptValue> message = SerializedScriptValue::create(args[0]);
MessagePortArray portArray;
String targetOrigin;
// This function has variable arguments and can either be:
// postMessage(message, port, targetOrigin);
// or
// postMessage(message, targetOrigin);
if (args.Length() > 2) {
if (!getMessagePortArray(args[1], portArray))
return v8::Undefined();
targetOrigin = toWebCoreStringWithNullOrUndefinedCheck(args[2]);
} else {
targetOrigin = toWebCoreStringWithNullOrUndefinedCheck(args[1]);
}
if (tryCatch.HasCaught())
return v8::Undefined();
ExceptionCode ec = 0;
window->postMessage(message.release(), &portArray, targetOrigin, source, ec);
return throwError(ec);
}
v8::Handle<v8::Value> V8DOMWindow::atobCallback(const v8::Arguments& args)
{
INC_STATS("DOM.DOMWindow.atob()");
if (args[0]->IsNull())
return v8String("");
String str = toWebCoreString(args[0]);
DOMWindow* imp = V8DOMWindow::toNative(args.Holder());
if (!V8BindingSecurity::canAccessFrame(V8BindingState::Only(), imp->frame(), true))
return v8::Undefined();
if (args.Length() < 1)
return throwError("Not enough arguments", V8Proxy::SyntaxError);
return convertBase64(str, false);
}
v8::Handle<v8::Value> V8DOMWindow::btoaCallback(const v8::Arguments& args)
{
INC_STATS("DOM.DOMWindow.btoa()");
if (args[0]->IsNull())
return v8String("");
String str = toWebCoreString(args[0]);
DOMWindow* imp = V8DOMWindow::toNative(args.Holder());
if (!V8BindingSecurity::canAccessFrame(V8BindingState::Only(), imp->frame(), true))
return v8::Undefined();
if (args.Length() < 1)
return throwError("Not enough arguments", V8Proxy::SyntaxError);
return convertBase64(str, true);
}
// FIXME(fqian): returning string is cheating, and we should
// fix this by calling toString function on the receiver.
// However, V8 implements toString in JavaScript, which requires
// switching context of receiver. I consider it is dangerous.
v8::Handle<v8::Value> V8DOMWindow::toStringCallback(const v8::Arguments& args)
{
INC_STATS("DOM.DOMWindow.toString()");
v8::Handle<v8::Object> domWrapper = V8DOMWrapper::lookupDOMWrapper(V8ClassIndex::DOMWINDOW, args.This());
if (domWrapper.IsEmpty())
return args.This()->ObjectProtoToString();
return domWrapper->ObjectProtoToString();
}
v8::Handle<v8::Value> V8DOMWindow::releaseEventsCallback(const v8::Arguments& args)
{
INC_STATS("DOM.DOMWindow.nop()");
return v8::Undefined();
}
v8::Handle<v8::Value> V8DOMWindow::captureEventsCallback(const v8::Arguments& args)
{
INC_STATS("DOM.DOMWindow.nop()");
return v8::Undefined();
}
static bool canShowModalDialogNow(const Frame* frame)
{
// A frame can out live its page. See bug 1219613.
if (!frame || !frame->page())
return false;
return frame->page()->chrome()->canRunModalNow();
}
static bool allowPopUp()
{
Frame* frame = V8Proxy::retrieveFrameForEnteredContext();
ASSERT(frame);
if (frame->script()->processingUserGesture())
return true;
Settings* settings = frame->settings();
return settings && settings->javaScriptCanOpenWindowsAutomatically();
}
static HashMap<String, String> parseModalDialogFeatures(const String& featuresArg)
{
HashMap<String, String> map;
Vector<String> features;
featuresArg.split(';', features);
Vector<String>::const_iterator end = features.end();
for (Vector<String>::const_iterator it = features.begin(); it != end; ++it) {
String featureString = *it;
int pos = featureString.find('=');
int colonPos = featureString.find(':');
if (pos >= 0 && colonPos >= 0)
continue; // ignore any strings that have both = and :
if (pos < 0)
pos = colonPos;
if (pos < 0) {
// null string for value means key without value
map.set(featureString.stripWhiteSpace().lower(), String());
} else {
String key = featureString.left(pos).stripWhiteSpace().lower();
String val = featureString.substring(pos + 1).stripWhiteSpace().lower();
int spacePos = val.find(' ');
if (spacePos != -1)
val = val.left(spacePos);
map.set(key, val);
}
}
return map;
}
v8::Handle<v8::Value> V8DOMWindow::showModalDialogCallback(const v8::Arguments& args)
{
INC_STATS("DOM.DOMWindow.showModalDialog()");
String url = toWebCoreStringWithNullOrUndefinedCheck(args[0]);
v8::Local<v8::Value> dialogArgs = args[1];
String featureArgs = toWebCoreStringWithNullOrUndefinedCheck(args[2]);
DOMWindow* window = V8DOMWindow::toNative(args.Holder());
Frame* frame = window->frame();
if (!V8BindingSecurity::canAccessFrame(V8BindingState::Only(), frame, true))
return v8::Undefined();
Frame* callingFrame = V8Proxy::retrieveFrameForCallingContext();
if (!callingFrame)
return v8::Undefined();
Frame* enteredFrame = V8Proxy::retrieveFrameForEnteredContext();
if (!enteredFrame)
return v8::Undefined();
if (!canShowModalDialogNow(frame) || !allowPopUp())
return v8::Undefined();
const HashMap<String, String> features = parseModalDialogFeatures(featureArgs);
const bool trusted = false;
FloatRect screenRect = screenAvailableRect(frame->view());
WindowFeatures windowFeatures;
// default here came from frame size of dialog in MacIE.
windowFeatures.width = WindowFeatures::floatFeature(features, "dialogwidth", 100, screenRect.width(), 620);
windowFeatures.widthSet = true;
// default here came from frame size of dialog in MacIE.
windowFeatures.height = WindowFeatures::floatFeature(features, "dialogheight", 100, screenRect.height(), 450);
windowFeatures.heightSet = true;
windowFeatures.x = WindowFeatures::floatFeature(features, "dialogleft", screenRect.x(), screenRect.right() - windowFeatures.width, -1);
windowFeatures.xSet = windowFeatures.x > 0;
windowFeatures.y = WindowFeatures::floatFeature(features, "dialogtop", screenRect.y(), screenRect.bottom() - windowFeatures.height, -1);
windowFeatures.ySet = windowFeatures.y > 0;
if (WindowFeatures::boolFeature(features, "center", true)) {
if (!windowFeatures.xSet) {
windowFeatures.x = screenRect.x() + (screenRect.width() - windowFeatures.width) / 2;
windowFeatures.xSet = true;
}
if (!windowFeatures.ySet) {
windowFeatures.y = screenRect.y() + (screenRect.height() - windowFeatures.height) / 2;
windowFeatures.ySet = true;
}
}
windowFeatures.dialog = true;
windowFeatures.resizable = WindowFeatures::boolFeature(features, "resizable");
windowFeatures.scrollbarsVisible = WindowFeatures::boolFeature(features, "scroll", true);
windowFeatures.statusBarVisible = WindowFeatures::boolFeature(features, "status", !trusted);
windowFeatures.menuBarVisible = false;
windowFeatures.toolBarVisible = false;
windowFeatures.locationBarVisible = false;
windowFeatures.fullscreen = false;
Frame* dialogFrame = V8BindingDOMWindow::createWindow(V8BindingState::Only(), callingFrame, enteredFrame, frame, url, "", windowFeatures, dialogArgs);
if (!dialogFrame)
return v8::Undefined();
// Hold on to the context of the dialog window long enough to retrieve the
// value of the return value property.
v8::Local<v8::Context> context = V8Proxy::context(dialogFrame);
// Run the dialog.
dialogFrame->page()->chrome()->runModal();
// Extract the return value property from the dialog window.
v8::Local<v8::Value> returnValue;
if (!context.IsEmpty()) {
v8::Context::Scope scope(context);
returnValue = context->Global()->Get(v8::String::New("returnValue"));
}
if (!returnValue.IsEmpty())
return returnValue;
return v8::Undefined();
}
v8::Handle<v8::Value> V8DOMWindow::openCallback(const v8::Arguments& args)
{
INC_STATS("DOM.DOMWindow.open()");
String urlString = toWebCoreStringWithNullOrUndefinedCheck(args[0]);
AtomicString frameName = (args[1]->IsUndefined() || args[1]->IsNull()) ? "_blank" : AtomicString(toWebCoreString(args[1]));
DOMWindow* parent = V8DOMWindow::toNative(args.Holder());
Frame* frame = parent->frame();
if (!V8BindingSecurity::canAccessFrame(V8BindingState::Only(), frame, true))
return v8::Undefined();
Frame* enteredFrame = V8Proxy::retrieveFrameForEnteredContext();
if (!enteredFrame)
return v8::Undefined();
Frame* callingFrame = V8Proxy::retrieveFrameForCallingContext();
// We may not have a calling context if we are invoked by a plugin via NPAPI.
if (!callingFrame)
callingFrame = enteredFrame;
Page* page = frame->page();
if (!page)
return v8::Undefined();
// Because FrameTree::find() returns true for empty strings, we must check
// for empty framenames. Otherwise, illegitimate window.open() calls with
// no name will pass right through the popup blocker.
if (!allowPopUp() &&
(frameName.isEmpty() || !frame->tree()->find(frameName))) {
return v8::Undefined();
}
// Get the target frame for the special cases of _top and _parent. In those
// cases, we can schedule a location change right now and return early.
bool topOrParent = false;
if (frameName == "_top") {
frame = frame->tree()->top();
topOrParent = true;
} else if (frameName == "_parent") {
if (Frame* parent = frame->tree()->parent())
frame = parent;
topOrParent = true;
}
if (topOrParent) {
if (!shouldAllowNavigation(frame))
return v8::Undefined();
String completedUrl;
if (!urlString.isEmpty())
completedUrl = completeURL(urlString);
if (!completedUrl.isEmpty() &&
(!protocolIsJavaScript(completedUrl) || ScriptController::isSafeScript(frame))) {
bool userGesture = processingUserGesture();
// For whatever reason, Firefox uses the entered frame to determine
// the outgoingReferrer. We replicate that behavior here.
String referrer = enteredFrame->loader()->outgoingReferrer();
frame->redirectScheduler()->scheduleLocationChange(completedUrl, referrer, false, userGesture);
}
return toV8(frame->domWindow());
}
// In the case of a named frame or a new window, we'll use the
// createWindow() helper.
// Parse the values, and then work with a copy of the parsed values
// so we can restore the values we may not want to overwrite after
// we do the multiple monitor fixes.
WindowFeatures rawFeatures(toWebCoreStringWithNullOrUndefinedCheck(args[2]));
WindowFeatures windowFeatures(rawFeatures);
FloatRect screenRect = screenAvailableRect(page->mainFrame()->view());
// Set default size and location near parent window if none were specified.
// These may be further modified by adjustWindowRect, below.
if (!windowFeatures.xSet) {
windowFeatures.x = parent->screenX() - screenRect.x() + popupTilePixels;
windowFeatures.xSet = true;
}
if (!windowFeatures.ySet) {
windowFeatures.y = parent->screenY() - screenRect.y() + popupTilePixels;
windowFeatures.ySet = true;
}
if (!windowFeatures.widthSet) {
windowFeatures.width = parent->innerWidth();
windowFeatures.widthSet = true;
}
if (!windowFeatures.heightSet) {
windowFeatures.height = parent->innerHeight();
windowFeatures.heightSet = true;
}
FloatRect windowRect(windowFeatures.x, windowFeatures.y, windowFeatures.width, windowFeatures.height);
// The new window's location is relative to its current screen, so shift
// it in case it's on a secondary monitor. See http://b/viewIssue?id=967905.
windowRect.move(screenRect.x(), screenRect.y());
WebCore::DOMWindow::adjustWindowRect(screenRect, windowRect, windowRect);
windowFeatures.x = windowRect.x();
windowFeatures.y = windowRect.y();
windowFeatures.height = windowRect.height();
windowFeatures.width = windowRect.width();
// If either of the origin coordinates weren't set in the original
// string, make sure they aren't set now.
if (!rawFeatures.xSet) {
windowFeatures.x = 0;
windowFeatures.xSet = false;
}
if (!rawFeatures.ySet) {
windowFeatures.y = 0;
windowFeatures.ySet = false;
}
frame = V8BindingDOMWindow::createWindow(V8BindingState::Only(), callingFrame, enteredFrame, frame, urlString, frameName, windowFeatures, v8::Local<v8::Value>());
if (!frame)
return v8::Undefined();
return toV8(frame->domWindow());
}
v8::Handle<v8::Value> V8DOMWindow::indexedPropertyGetter(uint32_t index, const v8::AccessorInfo& info)
{
INC_STATS("DOM.DOMWindow.IndexedPropertyGetter");
DOMWindow* window = V8DOMWindow::toNative(info.Holder());
if (!window)
return notHandledByInterceptor();
Frame* frame = window->frame();
if (!frame)
return notHandledByInterceptor();
Frame* child = frame->tree()->child(index);
if (child)
return toV8(child->domWindow());
return notHandledByInterceptor();
}
v8::Handle<v8::Value> V8DOMWindow::namedPropertyGetter(v8::Local<v8::String> name, const v8::AccessorInfo& info)
{
INC_STATS("DOM.DOMWindow.NamedPropertyGetter");
DOMWindow* window = V8DOMWindow::toNative(info.Holder());
if (!window)
return notHandledByInterceptor();
Frame* frame = window->frame();
// window is detached from a frame.
if (!frame)
return notHandledByInterceptor();
// Search sub-frames.
AtomicString propName = v8StringToAtomicWebCoreString(name);
Frame* child = frame->tree()->child(propName);
if (child)
return toV8(child->domWindow());
// Search IDL functions defined in the prototype
v8::Handle<v8::Value> result = info.Holder()->GetRealNamedProperty(name);
if (!result.IsEmpty())
return result;
// Search named items in the document.
Document* doc = frame->document();
if (doc && doc->isHTMLDocument()) {
if (static_cast<HTMLDocument*>(doc)->hasNamedItem(propName.impl()) || doc->hasElementWithId(propName.impl())) {
RefPtr<HTMLCollection> items = doc->windowNamedItems(propName);
if (items->length() >= 1) {
if (items->length() == 1)
return toV8(items->firstItem());
return toV8(items.release());
}
}
}
return notHandledByInterceptor();
}
v8::Handle<v8::Value> V8DOMWindow::setTimeoutCallback(const v8::Arguments& args)
{
INC_STATS("DOM.DOMWindow.setTimeout()");
return WindowSetTimeoutImpl(args, true);
}
v8::Handle<v8::Value> V8DOMWindow::setIntervalCallback(const v8::Arguments& args)
{
INC_STATS("DOM.DOMWindow.setInterval()");
return WindowSetTimeoutImpl(args, false);
}
void ClearTimeoutImpl(const v8::Arguments& args)
{
int handle = toInt32(args[0]);
v8::Handle<v8::Object> holder = args.Holder();
DOMWindow* imp = V8DOMWindow::toNative(holder);
if (!V8BindingSecurity::canAccessFrame(V8BindingState::Only(), imp->frame(), true))
return;
ScriptExecutionContext* context = static_cast<ScriptExecutionContext*>(imp->document());
if (!context)
return;
DOMTimer::removeById(context, handle);
}
v8::Handle<v8::Value> V8DOMWindow::clearTimeoutCallback(const v8::Arguments& args)
{
INC_STATS("DOM.DOMWindow.clearTimeout");
ClearTimeoutImpl(args);
return v8::Undefined();
}
v8::Handle<v8::Value> V8DOMWindow::clearIntervalCallback(const v8::Arguments& args)
{
INC_STATS("DOM.DOMWindow.clearInterval");
ClearTimeoutImpl(args);
return v8::Undefined();
}
bool V8DOMWindow::namedSecurityCheck(v8::Local<v8::Object> host, v8::Local<v8::Value> key, v8::AccessType type, v8::Local<v8::Value> data)
{
ASSERT(V8ClassIndex::FromInt(data->Int32Value()) == V8ClassIndex::DOMWINDOW);
v8::Handle<v8::Object> window = V8DOMWrapper::lookupDOMWrapper(V8ClassIndex::DOMWINDOW, host);
if (window.IsEmpty())
return false; // the frame is gone.
DOMWindow* targetWindow = V8DOMWindow::toNative(window);
ASSERT(targetWindow);
Frame* target = targetWindow->frame();
if (!target)
return false;
if (key->IsString()) {
String name = toWebCoreString(key);
// Allow access of GET and HAS if index is a subframe.
if ((type == v8::ACCESS_GET || type == v8::ACCESS_HAS) && target->tree()->child(name))
return true;
}
return V8BindingSecurity::canAccessFrame(V8BindingState::Only(), target, false);
}
bool V8DOMWindow::indexedSecurityCheck(v8::Local<v8::Object> host, uint32_t index, v8::AccessType type, v8::Local<v8::Value> data)
{
ASSERT(V8ClassIndex::FromInt(data->Int32Value()) == V8ClassIndex::DOMWINDOW);
v8::Handle<v8::Object> window = V8DOMWrapper::lookupDOMWrapper(V8ClassIndex::DOMWINDOW, host);
if (window.IsEmpty())
return false;
DOMWindow* targetWindow = V8DOMWindow::toNative(window);
ASSERT(targetWindow);
Frame* target = targetWindow->frame();
if (!target)
return false;
// Allow access of GET and HAS if index is a subframe.
if ((type == v8::ACCESS_GET || type == v8::ACCESS_HAS) && target->tree()->child(index))
return true;
return V8BindingSecurity::canAccessFrame(V8BindingState::Only(), target, false);
}
v8::Handle<v8::Value> toV8(DOMWindow* window)
{
if (!window)
return v8::Null();
// Initializes environment of a frame, and return the global object
// of the frame.
Frame* frame = window->frame();
if (!frame)
return v8::Handle<v8::Object>();
// Special case: Because of evaluateInIsolatedWorld() one DOMWindow can have
// multiple contexts and multiple global objects associated with it. When
// code running in one of those contexts accesses the window object, we
// want to return the global object associated with that context, not
// necessarily the first global object associated with that DOMWindow.
v8::Handle<v8::Context> currentContext = v8::Context::GetCurrent();
v8::Handle<v8::Object> currentGlobal = currentContext->Global();
v8::Handle<v8::Object> windowWrapper = V8DOMWrapper::lookupDOMWrapper(V8ClassIndex::DOMWINDOW, currentGlobal);
if (!windowWrapper.IsEmpty()) {
if (V8DOMWindow::toNative(windowWrapper) == window)
return currentGlobal;
}
// Otherwise, return the global object associated with this frame.
v8::Handle<v8::Context> context = V8Proxy::context(frame);
if (context.IsEmpty())
return v8::Handle<v8::Object>();
v8::Handle<v8::Object> global = context->Global();
ASSERT(!global.IsEmpty());
return global;
}
} // namespace WebCore