/* * Copyright (C) 1999-2001 Harri Porten (porten@kde.org) * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009 Apple Inc. All rights reserved. * Copyright (C) 2007 Samuel Weinig * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either * version 2 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this library; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ // gcc 3.x can't handle including the HashMap pointer specialization in this file #if defined __GNUC__ && !defined __GLIBCXX__ // less than gcc 3.4 #define HASH_MAP_PTR_SPEC_WORKAROUND 1 #endif #include "config.h" #include "JSDOMBinding.h" #include "ActiveDOMObject.h" #include "DOMCoreException.h" #include "Document.h" #include "EventException.h" #include "ExceptionCode.h" #include "Frame.h" #include "HTMLAudioElement.h" #include "HTMLImageElement.h" #include "HTMLScriptElement.h" #include "HTMLNames.h" #include "JSDOMCoreException.h" #include "JSDOMWindowCustom.h" #include "JSEventException.h" #include "JSNode.h" #include "JSRangeException.h" #include "JSXMLHttpRequestException.h" #include "KURL.h" #include "MessagePort.h" #include "RangeException.h" #include "ScriptController.h" #include "XMLHttpRequestException.h" #include #include #if ENABLE(SVG) #include "JSSVGException.h" #include "SVGException.h" #endif #if ENABLE(XPATH) #include "JSXPathException.h" #include "XPathException.h" #endif #if ENABLE(WORKERS) #include using namespace WTF; #endif using namespace JSC; namespace WebCore { using namespace HTMLNames; typedef Document::JSWrapperCache JSWrapperCache; // For debugging, keep a set of wrappers currently registered, and check that // all are unregistered before they are destroyed. This has helped us fix at // least one bug. static void addWrapper(DOMObject* wrapper); static void removeWrapper(DOMObject* wrapper); static void removeWrappers(const JSWrapperCache& wrappers); #ifdef NDEBUG static inline void addWrapper(DOMObject*) { } static inline void removeWrapper(DOMObject*) { } static inline void removeWrappers(const JSWrapperCache&) { } #else static HashSet& wrapperSet() { #if ENABLE(WORKERS) DEFINE_STATIC_LOCAL(ThreadSpecific >, staticWrapperSet, ()); return *staticWrapperSet; #else DEFINE_STATIC_LOCAL(HashSet, staticWrapperSet, ()); return staticWrapperSet; #endif } static void addWrapper(DOMObject* wrapper) { ASSERT(!wrapperSet().contains(wrapper)); wrapperSet().add(wrapper); } static void removeWrapper(DOMObject* wrapper) { if (!wrapper) return; ASSERT(wrapperSet().contains(wrapper)); wrapperSet().remove(wrapper); } static void removeWrappers(const JSWrapperCache& wrappers) { for (JSWrapperCache::const_iterator it = wrappers.begin(); it != wrappers.end(); ++it) removeWrapper(it->second); } DOMObject::~DOMObject() { ASSERT(!wrapperSet().contains(this)); } #endif class DOMObjectWrapperMap { public: static DOMObjectWrapperMap& mapFor(JSGlobalData&); DOMObject* get(void* objectHandle) { return m_map.get(objectHandle); } void set(void* objectHandle, DOMObject* wrapper) { addWrapper(wrapper); m_map.set(objectHandle, wrapper); } void remove(void* objectHandle) { removeWrapper(m_map.take(objectHandle)); } private: HashMap m_map; }; // Map from static HashTable instances to per-GlobalData ones. class DOMObjectHashTableMap { public: static DOMObjectHashTableMap& mapFor(JSGlobalData&); ~DOMObjectHashTableMap() { HashMap::iterator mapEnd = m_map.end(); for (HashMap::iterator iter = m_map.begin(); iter != m_map.end(); ++iter) iter->second.deleteTable(); } const JSC::HashTable* get(const JSC::HashTable* staticTable) { HashMap::iterator iter = m_map.find(staticTable); if (iter != m_map.end()) return &iter->second; return &m_map.set(staticTable, JSC::HashTable(*staticTable)).first->second; } private: HashMap m_map; }; class WebCoreJSClientData : public JSGlobalData::ClientData { public: DOMObjectHashTableMap hashTableMap; DOMObjectWrapperMap wrapperMap; }; DOMObjectHashTableMap& DOMObjectHashTableMap::mapFor(JSGlobalData& globalData) { JSGlobalData::ClientData* clientData = globalData.clientData; if (!clientData) { clientData = new WebCoreJSClientData; globalData.clientData = clientData; } return static_cast(clientData)->hashTableMap; } const JSC::HashTable* getHashTableForGlobalData(JSGlobalData& globalData, const JSC::HashTable* staticTable) { return DOMObjectHashTableMap::mapFor(globalData).get(staticTable); } inline DOMObjectWrapperMap& DOMObjectWrapperMap::mapFor(JSGlobalData& globalData) { JSGlobalData::ClientData* clientData = globalData.clientData; if (!clientData) { clientData = new WebCoreJSClientData; globalData.clientData = clientData; } return static_cast(clientData)->wrapperMap; } DOMObject* getCachedDOMObjectWrapper(JSGlobalData& globalData, void* objectHandle) { return DOMObjectWrapperMap::mapFor(globalData).get(objectHandle); } void cacheDOMObjectWrapper(JSGlobalData& globalData, void* objectHandle, DOMObject* wrapper) { DOMObjectWrapperMap::mapFor(globalData).set(objectHandle, wrapper); } void forgetDOMObject(JSGlobalData& globalData, void* objectHandle) { DOMObjectWrapperMap::mapFor(globalData).remove(objectHandle); } JSNode* getCachedDOMNodeWrapper(Document* document, Node* node) { if (!document) return static_cast(DOMObjectWrapperMap::mapFor(*JSDOMWindow::commonJSGlobalData()).get(node)); return document->wrapperCache().get(node); } void forgetDOMNode(Document* document, Node* node) { if (!document) { DOMObjectWrapperMap::mapFor(*JSDOMWindow::commonJSGlobalData()).remove(node); return; } removeWrapper(document->wrapperCache().take(node)); } void cacheDOMNodeWrapper(Document* document, Node* node, JSNode* wrapper) { if (!document) { DOMObjectWrapperMap::mapFor(*JSDOMWindow::commonJSGlobalData()).set(node, wrapper); return; } addWrapper(wrapper); document->wrapperCache().set(node, wrapper); } void forgetAllDOMNodesForDocument(Document* document) { ASSERT(document); removeWrappers(document->wrapperCache()); } static inline bool isObservableThroughDOM(JSNode* jsNode) { // Certain conditions implicitly make a JS DOM node wrapper observable // through the DOM, even if no explicit reference to it remains. Node* node = jsNode->impl(); if (node->inDocument()) { // 1. If a node is in the document, and its wrapper has custom properties, // the wrapper is observable because future access to the node through the // DOM must reflect those properties. if (jsNode->hasCustomProperties()) return true; // 2. If a node is in the document, and has event listeners, its wrapper is // observable because its wrapper is responsible for marking those event listeners. if (node->eventListeners().size()) return true; // Technically, we may overzealously mark a wrapper for a node that has only non-JS event listeners. Oh well. } else { // 3. If a wrapper is the last reference to an image or script element // that is loading but not in the document, the wrapper is observable // because it is the only thing keeping the image element alive, and if // the image element is destroyed, its load event will not fire. // FIXME: The DOM should manage this issue without the help of JavaScript wrappers. if (node->hasTagName(imgTag) && !static_cast(node)->haveFiredLoadEvent()) return true; if (node->hasTagName(scriptTag) && !static_cast(node)->haveFiredLoadEvent()) return true; #if ENABLE(VIDEO) if (node->hasTagName(audioTag) && !static_cast(node)->paused()) return true; #endif } return false; } void markDOMNodesForDocument(Document* doc) { JSWrapperCache& nodeDict = doc->wrapperCache(); JSWrapperCache::iterator nodeEnd = nodeDict.end(); for (JSWrapperCache::iterator nodeIt = nodeDict.begin(); nodeIt != nodeEnd; ++nodeIt) { JSNode* jsNode = nodeIt->second; if (!jsNode->marked() && isObservableThroughDOM(jsNode)) jsNode->mark(); } } void markActiveObjectsForContext(JSGlobalData& globalData, ScriptExecutionContext* scriptExecutionContext) { // If an element has pending activity that may result in event listeners being called // (e.g. an XMLHttpRequest), we need to keep JS wrappers alive. const HashMap& activeObjects = scriptExecutionContext->activeDOMObjects(); HashMap::const_iterator activeObjectsEnd = activeObjects.end(); for (HashMap::const_iterator iter = activeObjects.begin(); iter != activeObjectsEnd; ++iter) { if (iter->first->hasPendingActivity()) { DOMObject* wrapper = getCachedDOMObjectWrapper(globalData, iter->second); // Generally, an active object with pending activity must have a wrapper to mark its listeners. // However, some ActiveDOMObjects don't have JS wrappers (timers created by setTimeout is one example). // FIXME: perhaps need to make sure even timers have a markable 'wrapper'. if (wrapper && !wrapper->marked()) wrapper->mark(); } } const HashSet& messagePorts = scriptExecutionContext->messagePorts(); HashSet::const_iterator portsEnd = messagePorts.end(); for (HashSet::const_iterator iter = messagePorts.begin(); iter != portsEnd; ++iter) { // If the message port is remotely entangled, then always mark it as in-use because we can't determine reachability across threads. if (!(*iter)->locallyEntangledPort() || (*iter)->hasPendingActivity()) { DOMObject* wrapper = getCachedDOMObjectWrapper(globalData, *iter); if (wrapper && !wrapper->marked()) wrapper->mark(); } } } void updateDOMNodeDocument(Node* node, Document* oldDocument, Document* newDocument) { ASSERT(oldDocument != newDocument); JSNode* wrapper = getCachedDOMNodeWrapper(oldDocument, node); if (!wrapper) return; removeWrapper(wrapper); cacheDOMNodeWrapper(newDocument, node, wrapper); forgetDOMNode(oldDocument, node); addWrapper(wrapper); } void markDOMObjectWrapper(JSGlobalData& globalData, void* object) { if (!object) return; DOMObject* wrapper = getCachedDOMObjectWrapper(globalData, object); if (!wrapper || wrapper->marked()) return; wrapper->mark(); } JSValue jsStringOrNull(ExecState* exec, const String& s) { if (s.isNull()) return jsNull(); return jsString(exec, s); } JSValue jsOwnedStringOrNull(ExecState* exec, const UString& s) { if (s.isNull()) return jsNull(); return jsOwnedString(exec, s); } JSValue jsStringOrUndefined(ExecState* exec, const String& s) { if (s.isNull()) return jsUndefined(); return jsString(exec, s); } JSValue jsStringOrFalse(ExecState* exec, const String& s) { if (s.isNull()) return jsBoolean(false); return jsString(exec, s); } JSValue jsStringOrNull(ExecState* exec, const KURL& url) { if (url.isNull()) return jsNull(); return jsString(exec, url.string()); } JSValue jsStringOrUndefined(ExecState* exec, const KURL& url) { if (url.isNull()) return jsUndefined(); return jsString(exec, url.string()); } JSValue jsStringOrFalse(ExecState* exec, const KURL& url) { if (url.isNull()) return jsBoolean(false); return jsString(exec, url.string()); } UString valueToStringWithNullCheck(ExecState* exec, JSValue value) { if (value.isNull()) return UString(); return value.toString(exec); } UString valueToStringWithUndefinedOrNullCheck(ExecState* exec, JSValue value) { if (value.isUndefinedOrNull()) return UString(); return value.toString(exec); } void reportException(ExecState* exec, JSValue exception) { UString errorMessage = exception.toString(exec); JSObject* exceptionObject = exception.toObject(exec); int lineNumber = exceptionObject->get(exec, Identifier(exec, "line")).toInt32(exec); UString exceptionSourceURL = exceptionObject->get(exec, Identifier(exec, "sourceURL")).toString(exec); exec->clearException(); ScriptExecutionContext* scriptExecutionContext = static_cast(exec->lexicalGlobalObject())->scriptExecutionContext(); ASSERT(scriptExecutionContext); // Crash data indicates null-dereference crashes at this point in the Safari 4 Public Beta. // It's harmless to return here without reporting the exception to the log and the debugger in this case. if (!scriptExecutionContext) return; scriptExecutionContext->reportException(errorMessage, lineNumber, exceptionSourceURL); } void reportCurrentException(ExecState* exec) { JSValue exception = exec->exception(); exec->clearException(); reportException(exec, exception); } void setDOMException(ExecState* exec, ExceptionCode ec) { if (!ec || exec->hadException()) return; // FIXME: All callers to setDOMException need to pass in the right global object // for now, we're going to assume the lexicalGlobalObject. Which is wrong in cases like this: // frames[0].document.createElement(null, null); // throws an exception which should have the subframes prototypes. JSDOMGlobalObject* globalObject = deprecatedGlobalObjectForPrototype(exec); ExceptionCodeDescription description; getExceptionCodeDescription(ec, description); JSValue errorObject; switch (description.type) { case DOMExceptionType: errorObject = toJS(exec, globalObject, DOMCoreException::create(description)); break; case RangeExceptionType: errorObject = toJS(exec, globalObject, RangeException::create(description)); break; case EventExceptionType: errorObject = toJS(exec, globalObject, EventException::create(description)); break; case XMLHttpRequestExceptionType: errorObject = toJS(exec, globalObject, XMLHttpRequestException::create(description)); break; #if ENABLE(SVG) case SVGExceptionType: errorObject = toJS(exec, globalObject, SVGException::create(description).get(), 0); break; #endif #if ENABLE(XPATH) case XPathExceptionType: errorObject = toJS(exec, globalObject, XPathException::create(description)); break; #endif } ASSERT(errorObject); exec->setException(errorObject); } bool checkNodeSecurity(ExecState* exec, Node* node) { return node && allowsAccessFromFrame(exec, node->document()->frame()); } bool allowsAccessFromFrame(ExecState* exec, Frame* frame) { if (!frame) return false; JSDOMWindow* window = toJSDOMWindow(frame); return window && window->allowsAccessFrom(exec); } bool allowsAccessFromFrame(ExecState* exec, Frame* frame, String& message) { if (!frame) return false; JSDOMWindow* window = toJSDOMWindow(frame); return window && window->allowsAccessFrom(exec, message); } bool shouldAllowNavigation(ExecState* exec, Frame* frame) { Frame* lexicalFrame = toLexicalFrame(exec); return lexicalFrame && lexicalFrame->loader()->shouldAllowNavigation(frame); } void printErrorMessageForFrame(Frame* frame, const String& message) { if (!frame) return; if (JSDOMWindow* window = toJSDOMWindow(frame)) window->printErrorMessage(message); } Frame* toLexicalFrame(ExecState* exec) { return asJSDOMWindow(exec->lexicalGlobalObject())->impl()->frame(); } Frame* toDynamicFrame(ExecState* exec) { return asJSDOMWindow(exec->dynamicGlobalObject())->impl()->frame(); } bool processingUserGesture(ExecState* exec) { Frame* frame = toDynamicFrame(exec); return frame && frame->script()->processingUserGesture(); } KURL completeURL(ExecState* exec, const String& relativeURL) { // For histoical reasons, we need to complete the URL using the dynamic frame. Frame* frame = toDynamicFrame(exec); if (!frame) return KURL(); return frame->loader()->completeURL(relativeURL); } JSValue objectToStringFunctionGetter(ExecState* exec, const Identifier& propertyName, const PropertySlot&) { return new (exec) NativeFunctionWrapper(exec, exec->lexicalGlobalObject()->prototypeFunctionStructure(), 0, propertyName, objectProtoFuncToString); } Structure* getCachedDOMStructure(JSDOMGlobalObject* globalObject, const ClassInfo* classInfo) { JSDOMStructureMap& structures = globalObject->structures(); return structures.get(classInfo).get(); } Structure* cacheDOMStructure(JSDOMGlobalObject* globalObject, PassRefPtr structure, const ClassInfo* classInfo) { JSDOMStructureMap& structures = globalObject->structures(); ASSERT(!structures.contains(classInfo)); return structures.set(classInfo, structure).first->second.get(); } Structure* getCachedDOMStructure(ExecState* exec, const ClassInfo* classInfo) { return getCachedDOMStructure(static_cast(exec->lexicalGlobalObject()), classInfo); } Structure* cacheDOMStructure(ExecState* exec, PassRefPtr structure, const ClassInfo* classInfo) { return cacheDOMStructure(static_cast(exec->lexicalGlobalObject()), structure, classInfo); } JSObject* getCachedDOMConstructor(ExecState* exec, const ClassInfo* classInfo) { JSDOMConstructorMap& constructors = static_cast(exec->lexicalGlobalObject())->constructors(); return constructors.get(classInfo); } void cacheDOMConstructor(ExecState* exec, const ClassInfo* classInfo, JSObject* constructor) { JSDOMConstructorMap& constructors = static_cast(exec->lexicalGlobalObject())->constructors(); ASSERT(!constructors.contains(classInfo)); constructors.set(classInfo, constructor); } } // namespace WebCore