diff options
| author | Jüri Valdmann <juri.valdmann@qt.io> | 2018-02-19 11:25:24 +0100 |
|---|---|---|
| committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2018-03-22 23:47:35 +0000 |
| commit | 58658bc5e55155cf0087f58e6d4d35d9af50303c (patch) | |
| tree | b83d7fd0c7d7ed640579e91eb81e344230a8ad03 /src/core/renderer/web_channel_ipc_transport.h | |
| parent | f3974a4862b02f5c2c57c988d541dcd3eb8a4701 (diff) | |
Make WebChannelIPCTransport into a RenderFrameObserver
As of version 63, Chromium creates proxy frames also for the main frame in the
frame tree during cross-process navigations. This leads to a segmentation fault
in WebChannelIPCTransport because we assume that all main frames are local.
See https://crrev.com/27caae83cb530daaf49f9a38793e427cdf493a65 for details.
This patch refactors the renderer-side WebChannelIPCTransport from a
RenderViewObserver into a RenderFrameObserver, which prevents the segmentation
fault since the RenderFrameObserver is not created for proxy frames. Most likely
this would have to be done eventually anyway since the RenderView and
RenderViewObserver classes are deprecated and will likely be removed as part of
the Site Isolation project.
Installation is changed to follow Chromium's RenderFrameImpl in the sense of
performing the installation from RenderFrameObserver::DidClearWindowObject
instead of ContentRendererClient::RunScriptsAtDocumentStart. This has the
benefit of avoiding the ScriptForbiddenScope DCHECK.
Additionally there are the following minor changes:
- The deprecated parameterless version of v8::Value::ToObject() method is
replaced with v8::Value::IsObject() check and v8::Local::Cast.
- The deprecated v8::Handle typedef is replaced with v8::Local.
- The deprecated single-parameter WebContentsObserver::OnMessageReceived is
replaced with the new two-parameter version.
- blink::MainThreadIsolate() is used instead of v8::Isolate::GetCurrent() for
Install/Uninstall since we know we are executing on the main thread.
- WebChannelIPCTransportHost is changed to ignore messages from unexpected
renderers in case something goes wrong with the renderers.
- Logging is added to WebChannelIPCTransportHost for debugging purposes.
Some new unit tests are added, all of which fail with the old version.
Task-number: QTBUG-66333
Change-Id: I936d142fb042d9f936a3f9d08d4328ecba595f1f
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
Diffstat (limited to 'src/core/renderer/web_channel_ipc_transport.h')
| -rw-r--r-- | src/core/renderer/web_channel_ipc_transport.h | 36 |
1 files changed, 13 insertions, 23 deletions
diff --git a/src/core/renderer/web_channel_ipc_transport.h b/src/core/renderer/web_channel_ipc_transport.h index 04041c6c7..19494360a 100644 --- a/src/core/renderer/web_channel_ipc_transport.h +++ b/src/core/renderer/web_channel_ipc_transport.h @@ -40,41 +40,31 @@ #ifndef WEB_CHANNEL_IPC_TRANSPORT_H #define WEB_CHANNEL_IPC_TRANSPORT_H -#include "base/values.h" -#include "content/public/renderer/render_view_observer.h" -#include "content/public/renderer/render_view_observer_tracker.h" +#include "content/public/renderer/render_frame_observer.h" #include <QtCore/qglobal.h> -namespace content { -class RenderFrame; -} - -namespace v8 { -class Extension; -} - namespace QtWebEngineCore { -class WebChannelIPCTransport : public content::RenderViewObserver - , public content::RenderViewObserverTracker<WebChannelIPCTransport> -{ +class WebChannelIPCTransport : private content::RenderFrameObserver { public: - WebChannelIPCTransport(content::RenderView *); - - void RunScriptsAtDocumentStart(content::RenderFrame *render_frame); + WebChannelIPCTransport(content::RenderFrame *); private: - void dispatchWebChannelMessage(const std::vector<char> &binaryJSON, uint worldId); - void installWebChannel(uint worldId); - void uninstallWebChannel(uint worldId); + void setWorldId(base::Optional<uint> worldId); + void dispatchWebChannelMessage(const std::vector<char> &binaryJson, uint worldId); - // content::RenderViewObserver overrides: + // RenderFrameObserver + void WillReleaseScriptContext(v8::Local<v8::Context> context, int worldId) override; + void DidClearWindowObject() override; bool OnMessageReceived(const IPC::Message &message) override; void OnDestruct() override; - bool m_installed; - uint m_installedWorldId; + // The worldId from our WebChannelIPCTransportHost or empty when there is no + // WebChannelIPCTransportHost. + base::Optional<uint> m_worldId; + // True means it's currently OK to manipulate the frame's script context. + bool m_canUseContext = false; }; } // namespace |