1 /* 2 * Copyright (C) 2009 Google Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are 6 * met: 7 * 8 * * Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * * Redistributions in binary form must reproduce the above 11 * copyright notice, this list of conditions and the following disclaimer 12 * in the documentation and/or other materials provided with the 13 * distribution. 14 * * Neither the name of Google Inc. nor the names of its 15 * contributors may be used to endorse or promote products derived from 16 * this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31 #ifndef DOMWrapperWorld_h 32 #define DOMWrapperWorld_h 33 34 #include "bindings/v8/V8DOMActivityLogger.h" 35 #include "bindings/v8/V8PerContextData.h" 36 #include "weborigin/SecurityOrigin.h" 37 #include <v8.h> 38 #include "wtf/PassRefPtr.h" 39 #include "wtf/RefCounted.h" 40 #include "wtf/RefPtr.h" 41 #include "wtf/text/WTFString.h" 42 43 namespace WebCore { 44 45 class DOMDataStore; 46 class ScriptExecutionContext; 47 48 // This class represent a collection of DOM wrappers for a specific world. 49 class DOMWrapperWorld : public RefCounted<DOMWrapperWorld> { 50 public: 51 static const int mainWorldId = 0; 52 static const int mainWorldExtensionGroup = 0; 53 static PassRefPtr<DOMWrapperWorld> ensureIsolatedWorld(int worldId, int extensionGroup); 54 ~DOMWrapperWorld(); 55 56 static bool isolatedWorldsExist() { return isolatedWorldCount; } 57 static bool isIsolatedWorldId(int worldId) { return worldId > mainWorldId; } 58 static void getAllWorlds(Vector<RefPtr<DOMWrapperWorld> >& worlds); 59 60 void setIsolatedWorldField(v8::Handle<v8::Context>); 61 62 static DOMWrapperWorld* isolatedWorld(v8::Handle<v8::Context> context) 63 { 64 ASSERT(contextHasCorrectPrototype(context)); 65 return static_cast<DOMWrapperWorld*>(context->GetAlignedPointerFromEmbedderData(v8ContextIsolatedWorld)); 66 } 67 68 // Will return null if there is no DOMWrapperWorld for the current v8::Context 69 static DOMWrapperWorld* current(); 70 71 // Associates an isolated world (see above for description) with a security 72 // origin. XMLHttpRequest instances used in that world will be considered 73 // to come from that origin, not the frame's. 74 static void setIsolatedWorldSecurityOrigin(int worldID, PassRefPtr<SecurityOrigin>); 75 static void clearIsolatedWorldSecurityOrigin(int worldID); 76 SecurityOrigin* isolatedWorldSecurityOrigin(); 77 78 // Associated an isolated world with a Content Security Policy. Resources 79 // embedded into the main world's DOM from script executed in an isolated 80 // world should be restricted based on the isolated world's DOM, not the 81 // main world's. 82 // 83 // FIXME: Right now, resource injection simply bypasses the main world's 84 // DOM. More work is necessary to allow the isolated world's policy to be 85 // applied correctly. 86 static void setIsolatedWorldContentSecurityPolicy(int worldID, const String& policy); 87 static void clearIsolatedWorldContentSecurityPolicy(int worldID); 88 bool isolatedWorldHasContentSecurityPolicy(); 89 90 // Associate a logger with the world identified by worldId (worlId may be 0 91 // identifying the main world). 92 static void setActivityLogger(int worldId, PassOwnPtr<V8DOMActivityLogger>); 93 static V8DOMActivityLogger* activityLogger(int worldId); 94 95 bool isMainWorld() const { return m_worldId == mainWorldId; } 96 bool isIsolatedWorld() const { return isIsolatedWorldId(m_worldId); } 97 98 int worldId() const { return m_worldId; } 99 int extensionGroup() const { return m_extensionGroup; } 100 DOMDataStore* isolatedWorldDOMDataStore() const 101 { 102 ASSERT(isIsolatedWorld()); 103 return m_domDataStore.get(); 104 } 105 106 static void setInitializingWindow(bool); 107 108 private: 109 static int isolatedWorldCount; 110 static PassRefPtr<DOMWrapperWorld> createMainWorld(); 111 static bool contextHasCorrectPrototype(v8::Handle<v8::Context>); 112 113 DOMWrapperWorld(int worldId, int extensionGroup); 114 115 const int m_worldId; 116 const int m_extensionGroup; 117 OwnPtr<DOMDataStore> m_domDataStore; 118 119 friend DOMWrapperWorld* mainThreadNormalWorld(); 120 friend DOMWrapperWorld* existingWindowShellWorkaroundWorld(); 121 }; 122 123 DOMWrapperWorld* mainThreadNormalWorld(); 124 125 // FIXME: this is a workaround for a problem in ScriptController 126 // Do not use this anywhere else!! 127 DOMWrapperWorld* existingWindowShellWorkaroundWorld(); 128 129 } // namespace WebCore 130 131 #endif // DOMWrapperWorld_h 132