1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_RENDERER_EXTENSIONS_SAFE_BUILTINS_H_ 6 #define CHROME_RENDERER_EXTENSIONS_SAFE_BUILTINS_H_ 7 8 #include "v8/include/v8.h" 9 10 namespace extensions { 11 class ChromeV8Context; 12 13 // A collection of safe builtin objects, in that they won't be tained by 14 // extensions overriding methods on them. 15 class SafeBuiltins { 16 public: 17 // Creates the v8::Extension which manages SafeBuiltins instances. 18 static v8::Extension* CreateV8Extension(); 19 20 explicit SafeBuiltins(ChromeV8Context* context); 21 22 virtual ~SafeBuiltins(); 23 24 // Each method returns an object with methods taken from their respective 25 // builtin object's prototype, adapted to automatically call() themselves. 26 // 27 // Examples: 28 // Array.prototype.forEach.call(...) becomes Array.forEach(...) 29 // Object.prototype.toString.call(...) becomes Object.toString(...) 30 // Object.keys.call(...) becomes Object.keys(...) 31 v8::Local<v8::Object> GetArray() const; 32 v8::Local<v8::Object> GetFunction() const; 33 v8::Local<v8::Object> GetJSON() const; 34 // NOTE(kalman): VS2010 won't compile "GetObject", it mysteriously renames it 35 // to "GetObjectW" - hence GetObjekt. Sorry. 36 v8::Local<v8::Object> GetObjekt() const; 37 v8::Local<v8::Object> GetRegExp() const; 38 v8::Local<v8::Object> GetString() const; 39 40 private: 41 ChromeV8Context* context_; 42 }; 43 44 } // namespace extensions 45 46 #endif // CHROME_RENDERER_EXTENSIONS_SAFE_BUILTINS_H_ 47