Chrome changes to extract the code from V8Proxy that special-cases
when scripts are allowed despite user preferences disabling them.
Adds more accessors and comments to WebSecurityOrigin.
Removes no longer necessary webkit_glue functions.
Removes no longer necessary TemporaryGlue.h file.
R=abarth
BUG=none
TEST=browser features like the new tab page and history view should
still work when passing --disable-javascript to chrome. similarly,
file and ftp directory listings should remain functional when that
command line flag is specified.
Review URL: http://codereview.chromium.org/351013
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@30797 0039d316-1c4b-4281-b951-d872f2087c98
diff --git a/DEPS b/DEPS
index 6e0930b..6eb1311 100644
--- a/DEPS
+++ b/DEPS
@@ -1,7 +1,7 @@
vars = {
"webkit_trunk":
"http://svn.webkit.org/repository/webkit/trunk",
- "webkit_revision": "50432",
+ "webkit_revision": "50442",
"ffmpeg_revision": "30374",
}
diff --git a/chrome/renderer/render_view.cc b/chrome/renderer/render_view.cc
index ce8a521..a2fea6f1d 100644
--- a/chrome/renderer/render_view.cc
+++ b/chrome/renderer/render_view.cc
@@ -2036,7 +2036,7 @@
// The rest of RenderView assumes that a WebDataSource will always have a
// non-null NavigationState.
NavigationState* state = pending_navigation_state_.get() ?
- pending_navigation_state_.release() :
+ pending_navigation_state_.release() :
NavigationState::CreateContentInitiated();
state->set_user_script_idle_scheduler(
@@ -2444,6 +2444,31 @@
origin.toString().utf8()));
}
+bool RenderView::allowScript(WebFrame* frame, bool enabled_per_settings) {
+ if (enabled_per_settings)
+ return true;
+
+ WebSecurityOrigin origin = frame->securityOrigin();
+ if (origin.isEmpty())
+ return false; // Uninitialized document?
+
+ if (EqualsASCII(origin.protocol(), chrome::kChromeUIScheme))
+ return true; // Browser UI elements should still work.
+
+ // If the scheme is ftp: or file:, an empty file name indicates a directory
+ // listing, which requires JavaScript to function properly.
+ GURL frame_url = frame->url();
+ const char* kDirProtocols[] = { "ftp", "file" };
+ for (size_t i = 0; i < arraysize(kDirProtocols); ++i) {
+ if (EqualsASCII(origin.protocol(), kDirProtocols[i])) {
+ return frame_url.SchemeIs(kDirProtocols[i]) &&
+ frame_url.ExtractFileName().empty();
+ }
+ }
+
+ return false; // Other protocols fall through here.
+}
+
void RenderView::didExhaustMemoryAvailableForScript(WebFrame* frame) {
Send(new ViewHostMsg_JSOutOfMemory(routing_id_));
}
diff --git a/chrome/renderer/render_view.h b/chrome/renderer/render_view.h
index 814d8bd..65e49756 100644
--- a/chrome/renderer/render_view.h
+++ b/chrome/renderer/render_view.h
@@ -350,6 +350,7 @@
virtual void didDisplayInsecureContent(WebKit::WebFrame* frame);
virtual void didRunInsecureContent(
WebKit::WebFrame* frame, const WebKit::WebSecurityOrigin& origin);
+ virtual bool allowScript(WebKit::WebFrame* frame, bool enabled_per_settings);
virtual void didExhaustMemoryAvailableForScript(WebKit::WebFrame* frame);
virtual void didCreateScriptContext(WebKit::WebFrame* frame);
virtual void didDestroyScriptContext(WebKit::WebFrame* frame);
diff --git a/chrome/renderer/renderer_glue.cc b/chrome/renderer/renderer_glue.cc
index 2dab562..e7a5a3673 100644
--- a/chrome/renderer/renderer_glue.cc
+++ b/chrome/renderer/renderer_glue.cc
@@ -199,15 +199,6 @@
markup, url));
}
-GURL GetInspectorURL() {
- return GURL(std::string(chrome::kChromeUIScheme) +
- "://inspector/inspector.html");
-}
-
-std::string GetUIResourceProtocol() {
- return "chrome";
-}
-
void GetPlugins(bool refresh, std::vector<WebPluginInfo>* plugins) {
if (!RenderThread::current()->plugin_refresh_allowed())
refresh = false;
diff --git a/webkit/api/public/WebFrameClient.h b/webkit/api/public/WebFrameClient.h
index d79a5b64..a592c21b0 100644
--- a/webkit/api/public/WebFrameClient.h
+++ b/webkit/api/public/WebFrameClient.h
@@ -90,10 +90,7 @@
virtual WebNavigationPolicy decidePolicyForNavigation(
WebFrame*, const WebURLRequest&, WebNavigationType,
const WebNode& originatingNode,
- WebNavigationPolicy defaultPolicy, bool isRedirect)
- {
- return defaultPolicy;
- }
+ WebNavigationPolicy defaultPolicy, bool isRedirect) { return defaultPolicy; }
// Query if the specified request can be handled.
virtual bool canHandleRequest(
@@ -109,19 +106,19 @@
// Notify that a URL cannot be handled.
virtual void unableToImplementPolicyWithError(
- WebFrame*, const WebURLError&) { };
+ WebFrame*, const WebURLError&) { }
// Navigational notifications ------------------------------------------
// A form submission is about to occur.
- virtual void willSubmitForm(WebFrame*, const WebForm&) { };
+ virtual void willSubmitForm(WebFrame*, const WebForm&) { }
// A client-side redirect will occur. This may correspond to a <META
// refresh> or some script activity.
virtual void willPerformClientRedirect(
WebFrame*, const WebURL& from, const WebURL& to,
- double interval, double fireTime) { };
+ double interval, double fireTime) { }
// A client-side redirect was cancelled.
virtual void didCancelClientRedirect(WebFrame*) { }
@@ -234,6 +231,9 @@
// Script notifications ------------------------------------------------
+ // Controls whether scripts are allowed to execute for this frame.
+ virtual bool allowScript(WebFrame*, bool enabledPerSettings) { return enabledPerSettings; }
+
// Script in the page tried to allocate too much memory.
virtual void didExhaustMemoryAvailableForScript(WebFrame*) { }
diff --git a/webkit/api/public/WebKitClient.h b/webkit/api/public/WebKitClient.h
index 7301563..91c732f 100644
--- a/webkit/api/public/WebKitClient.h
+++ b/webkit/api/public/WebKitClient.h
@@ -36,7 +36,6 @@
#include "WebCommon.h"
#include "WebLocalizedString.h"
#include "WebVector.h"
-#include "webkit/api/src/TemporaryGlue.h"
#ifdef WIN32
typedef void *HANDLE;
@@ -62,9 +61,7 @@
struct WebPluginInfo;
template <typename T> class WebVector;
- // FIXME: Once our webkit api is complete, we should not need to inherit
- // from TemporaryGlue here.
- class WebKitClient : public TemporaryGlue {
+ class WebKitClient {
public:
// Must return non-null.
virtual WebClipboard* clipboard() = 0;
diff --git a/webkit/api/public/WebSecurityOrigin.h b/webkit/api/public/WebSecurityOrigin.h
index cbb1a3d5..85dde891 100644
--- a/webkit/api/public/WebSecurityOrigin.h
+++ b/webkit/api/public/WebSecurityOrigin.h
@@ -55,12 +55,22 @@
bool isNull() const { return m_private == 0; }
- // Returns a string representation of this SecurityOrigin that can be used as a file.
- // Should be used in storage APIs only.
- WEBKIT_API WebString databaseIdentifier();
+ WEBKIT_API WebString protocol() const;
+ WEBKIT_API WebString host() const;
+ WEBKIT_API unsigned short port() const;
+ // The empty WebSecurityOrigin is the least privileged WebSecurityOrigin.
+ WEBKIT_API bool isEmpty() const;
+
+ // Returns a string representation of the WebSecurityOrigin. The empty
+ // WebSecurityOrigin is represented by "null". The representation of a
+ // non-empty WebSecurityOrigin resembles a standard URL.
WEBKIT_API WebString toString() const;
+ // Returns a string representation of this WebSecurityOrigin that can
+ // be used as a file. Should be used in storage APIs only.
+ WEBKIT_API WebString databaseIdentifier();
+
#if WEBKIT_IMPLEMENTATION
WebSecurityOrigin(const WTF::PassRefPtr<WebCore::SecurityOrigin>&);
WebSecurityOrigin& operator=(const WTF::PassRefPtr<WebCore::SecurityOrigin>&);
diff --git a/webkit/api/src/ChromiumBridge.cpp b/webkit/api/src/ChromiumBridge.cpp
index d55abc1..afd8eb5 100644
--- a/webkit/api/src/ChromiumBridge.cpp
+++ b/webkit/api/src/ChromiumBridge.cpp
@@ -606,11 +606,6 @@
// Glue layer. Once the Glue layer moves entirely into the WebKit layer, these
// methods will be deleted.
-String ChromiumBridge::uiResourceProtocol()
-{
- return webKitClient()->uiResourceProtocol();
-}
-
void ChromiumBridge::notifyJSOutOfMemory(Frame* frame)
{
if (!frame)
diff --git a/webkit/api/src/FrameLoaderClientImpl.cpp b/webkit/api/src/FrameLoaderClientImpl.cpp
index b7b310e..10f709a 100644
--- a/webkit/api/src/FrameLoaderClientImpl.cpp
+++ b/webkit/api/src/FrameLoaderClientImpl.cpp
@@ -152,6 +152,14 @@
{
}
+bool FrameLoaderClientImpl::allowJavaScript(bool enabledPerSettings)
+{
+ if (m_webFrame->client())
+ return m_webFrame->client()->allowScript(m_webFrame, enabledPerSettings);
+
+ return enabledPerSettings;
+}
+
bool FrameLoaderClientImpl::hasWebView() const
{
return m_webFrame->viewImpl() != 0;
diff --git a/webkit/api/src/FrameLoaderClientImpl.h b/webkit/api/src/FrameLoaderClientImpl.h
index a3e7f18..f308ed15 100644
--- a/webkit/api/src/FrameLoaderClientImpl.h
+++ b/webkit/api/src/FrameLoaderClientImpl.h
@@ -182,6 +182,7 @@
virtual WebCore::String overrideMediaType() const;
virtual void didPerformFirstNavigation() const;
virtual void registerForIconNotification(bool listen = true);
+ virtual bool allowJavaScript(bool enabledPerSettings);
private:
void makeDocumentView();
diff --git a/webkit/api/src/TemporaryGlue.h b/webkit/api/src/TemporaryGlue.h
deleted file mode 100644
index b5fbf85e..0000000
--- a/webkit/api/src/TemporaryGlue.h
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright (C) 2009 Google Inc. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
- *
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- * * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#ifndef TemporaryGlue_h
-#define TemporaryGlue_h
-
-// This is a temporary file declaring some functions that the WebKit layer can
-// use to call to the Glue layer. Once the Glue layer moves entirely into the
-// WebKit layer, this file will be deleted.
-
-namespace WebCore {
- class String;
-}
-
-namespace WebKit {
- class TemporaryGlue {
- public:
- virtual WebCore::String uiResourceProtocol() = 0;
- };
-
-} // namespace WebKit
-
-#endif
diff --git a/webkit/api/src/WebSecurityOrigin.cpp b/webkit/api/src/WebSecurityOrigin.cpp
index 8368c83..2adf3db 100644
--- a/webkit/api/src/WebSecurityOrigin.cpp
+++ b/webkit/api/src/WebSecurityOrigin.cpp
@@ -55,22 +55,48 @@
assign(p);
}
-WebString WebSecurityOrigin::databaseIdentifier()
+WebString WebSecurityOrigin::protocol() const
{
- if (m_private)
- return m_private->databaseIdentifier();
+ ASSERT(m_private);
+ return m_private->protocol();
+}
- return WebString::fromUTF8("null");
+WebString WebSecurityOrigin::host() const
+{
+ ASSERT(m_private);
+ return m_private->host();
+}
+
+unsigned short WebSecurityOrigin::port() const
+{
+ ASSERT(m_private);
+ return m_private->port();
+}
+
+bool WebSecurityOrigin::isEmpty() const
+{
+ ASSERT(m_private);
+ return m_private->isEmpty();
}
WebString WebSecurityOrigin::toString() const
{
+ // FIXME: We should not support calling this method when m_private is null.
if (m_private)
return m_private->toString();
return WebString::fromUTF8("null");
}
+WebString WebSecurityOrigin::databaseIdentifier()
+{
+ // FIXME: We should not support calling this method when m_private is null.
+ if (m_private)
+ return m_private->databaseIdentifier();
+
+ return WebString::fromUTF8("null");
+}
+
WebSecurityOrigin::WebSecurityOrigin(const WTF::PassRefPtr<WebCore::SecurityOrigin>& origin)
: m_private(static_cast<WebSecurityOriginPrivate*>(origin.releaseRef()))
{
diff --git a/webkit/glue/webkit_glue.h b/webkit/glue/webkit_glue.h
index ba5d405..f52d9022 100644
--- a/webkit/glue/webkit_glue.h
+++ b/webkit/glue/webkit_glue.h
@@ -190,14 +190,6 @@
// Returns true if successful, false otherwise.
bool GetApplicationDirectory(FilePath* path);
-// Gets the URL where the inspector's HTML file resides. It must use the
-// protocol returned by GetUIResourceProtocol.
-GURL GetInspectorURL();
-
-// Gets the protocol that is used for all user interface resources, including
-// the Inspector. It must end with "-resource".
-std::string GetUIResourceProtocol();
-
// Gets the directory where the launching executable resides on disk.
// Path is an output parameter to receive the path.
// Returns true if successful, false otherwise.
diff --git a/webkit/glue/webkitclient_impl.cc b/webkit/glue/webkitclient_impl.cc
index 0bb2edca..a578d7cb 100644
--- a/webkit/glue/webkitclient_impl.cc
+++ b/webkit/glue/webkitclient_impl.cc
@@ -414,18 +414,4 @@
return webkit_glue::KURLToWebURL(webkit_glue::GURLToKURL(file_url));
}
-//--------------------------------------------------------------------------
-// BEGIN(TemporaryGlue)
-
-// These are temporary methods that the WebKit layer can use to call to the
-// Glue layer. Once the Glue layer moves entirely into the WebKit layer, these
-// methods will be deleted.
-
-WebCore::String WebKitClientImpl::uiResourceProtocol() {
- return StdStringToString(webkit_glue::GetUIResourceProtocol());
-}
-
-// END(TemporaryGlue)
-//--------------------------------------------------------------------------
-
} // namespace webkit_glue
diff --git a/webkit/glue/webkitclient_impl.h b/webkit/glue/webkitclient_impl.h
index e190465..8b6ab37 100644
--- a/webkit/glue/webkitclient_impl.h
+++ b/webkit/glue/webkitclient_impl.h
@@ -79,11 +79,6 @@
virtual void stopSharedTimer();
virtual void callOnMainThread(void (*func)());
- // These are temporary methods that the WebKit layer can use to call to the
- // Glue layer. Once the Glue layer moves entirely into the WebKit layer,
- // these methods will be deleted.
- virtual WebCore::String uiResourceProtocol();
-
private:
void DoTimeout() {
if (shared_timer_func_)
diff --git a/webkit/tools/test_shell/test_shell.cc b/webkit/tools/test_shell/test_shell.cc
index c6c0b3ad..2bfd69fa 100644
--- a/webkit/tools/test_shell/test_shell.cc
+++ b/webkit/tools/test_shell/test_shell.cc
@@ -659,14 +659,6 @@
return PathService::Get(base::DIR_EXE, path);
}
-GURL GetInspectorURL() {
- return GURL("test-shell-resource://inspector/inspector.html");
-}
-
-std::string GetUIResourceProtocol() {
- return "test-shell-resource";
-}
-
bool GetExeDirectory(FilePath* path) {
return GetApplicationDirectory(path);
}
diff --git a/webkit/tools/test_shell/test_shell_webkit_init.h b/webkit/tools/test_shell/test_shell_webkit_init.h
index f32c0a7..ee7845b 100644
--- a/webkit/tools/test_shell/test_shell_webkit_init.h
+++ b/webkit/tools/test_shell/test_shell_webkit_init.h
@@ -48,9 +48,9 @@
WebKit::initialize(this);
WebKit::setLayoutTestMode(layout_test_mode);
WebKit::WebSecurityPolicy::registerURLSchemeAsLocal(
- ASCIIToUTF16(webkit_glue::GetUIResourceProtocol()));
+ WebKit::WebString::fromUTF8("test-shell-resource"));
WebKit::WebSecurityPolicy::registerURLSchemeAsNoAccess(
- ASCIIToUTF16(webkit_glue::GetUIResourceProtocol()));
+ WebKit::WebString::fromUTF8("test-shell-resource"));
WebKit::WebScriptController::enableV8SingleThreadMode();
WebKit::WebScriptController::registerExtension(
extensions_v8::GearsExtension::Get());
