1/* 2* Copyright (C) 2006, 2007, 2008, 2009 Google Inc. All rights reserved. 3* 4* Redistribution and use in source and binary forms, with or without 5* modification, are permitted provided that the following conditions are 6* met: 7* 8* * Redistributions of source code must retain the above copyright 9* notice, this list of conditions and the following disclaimer. 10* * Redistributions in binary form must reproduce the above 11* copyright notice, this list of conditions and the following disclaimer 12* in the documentation and/or other materials provided with the 13* distribution. 14* * Neither the name of Google Inc. nor the names of its 15* contributors may be used to endorse or promote products derived from 16* this software without specific prior written permission. 17* 18* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 24* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 28* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29*/ 30 31#include "config.h" 32 33#include "V8NPObject.h" 34 35#include "HTMLPlugInElement.h" 36#include "IdentifierRep.h" 37#include "NPV8Object.h" 38#include "V8DOMMap.h" 39#include "V8HTMLAppletElement.h" 40#include "V8HTMLEmbedElement.h" 41#include "V8HTMLObjectElement.h" 42#include "V8Helpers.h" 43#include "V8NPUtils.h" 44#include "V8Proxy.h" 45#include "npruntime_impl.h" 46#include "npruntime_priv.h" 47#include <wtf/OwnArrayPtr.h> 48 49using namespace WebCore; 50 51enum InvokeFunctionType { 52 InvokeMethod = 1, 53 InvokeConstruct = 2, 54 InvokeDefault = 3 55}; 56 57// FIXME: need comments. 58// Params: holder could be HTMLEmbedElement or NPObject 59static v8::Handle<v8::Value> npObjectInvokeImpl(const v8::Arguments& args, InvokeFunctionType functionId) 60{ 61 NPObject* npObject; 62 63 // These three types are subtypes of HTMLPlugInElement. 64 if (V8HTMLAppletElement::HasInstance(args.Holder()) || V8HTMLEmbedElement::HasInstance(args.Holder()) 65 || V8HTMLObjectElement::HasInstance(args.Holder())) { 66 // The holder object is a subtype of HTMLPlugInElement. 67 HTMLPlugInElement* element; 68 if (V8HTMLAppletElement::HasInstance(args.Holder())) 69 element = V8HTMLAppletElement::toNative(args.Holder()); 70 else if (V8HTMLEmbedElement::HasInstance(args.Holder())) 71 element = V8HTMLEmbedElement::toNative(args.Holder()); 72 else 73 element = V8HTMLObjectElement::toNative(args.Holder()); 74 ScriptInstance scriptInstance = element->getInstance(); 75 if (scriptInstance) 76 npObject = v8ObjectToNPObject(scriptInstance->instance()); 77 else 78 npObject = 0; 79 } else { 80 // The holder object is not a subtype of HTMLPlugInElement, it must be an NPObject which has three 81 // internal fields. 82 if (args.Holder()->InternalFieldCount() != npObjectInternalFieldCount) 83 return throwError("NPMethod called on non-NPObject", V8Proxy::ReferenceError); 84 85 npObject = v8ObjectToNPObject(args.Holder()); 86 } 87 88 // Verify that our wrapper wasn't using a NPObject which has already been deleted. 89 if (!npObject || !_NPN_IsAlive(npObject)) 90 return throwError("NPObject deleted", V8Proxy::ReferenceError); 91 92 // Wrap up parameters. 93 int numArgs = args.Length(); 94 OwnArrayPtr<NPVariant> npArgs(new NPVariant[numArgs]); 95 96 for (int i = 0; i < numArgs; i++) 97 convertV8ObjectToNPVariant(args[i], npObject, &npArgs[i]); 98 99 NPVariant result; 100 VOID_TO_NPVARIANT(result); 101 102 bool retval = true; 103 switch (functionId) { 104 case InvokeMethod: 105 if (npObject->_class->invoke) { 106 v8::Handle<v8::String> functionName(v8::String::Cast(*args.Data())); 107 NPIdentifier identifier = getStringIdentifier(functionName); 108 retval = npObject->_class->invoke(npObject, identifier, npArgs.get(), numArgs, &result); 109 } 110 break; 111 case InvokeConstruct: 112 if (npObject->_class->construct) 113 retval = npObject->_class->construct(npObject, npArgs.get(), numArgs, &result); 114 break; 115 case InvokeDefault: 116 if (npObject->_class->invokeDefault) 117 retval = npObject->_class->invokeDefault(npObject, npArgs.get(), numArgs, &result); 118 break; 119 default: 120 break; 121 } 122 123 if (!retval) 124 throwError("Error calling method on NPObject!", V8Proxy::GeneralError); 125 126 for (int i = 0; i < numArgs; i++) 127 _NPN_ReleaseVariantValue(&npArgs[i]); 128 129 // Unwrap return values. 130 v8::Handle<v8::Value> returnValue = convertNPVariantToV8Object(&result, npObject); 131 _NPN_ReleaseVariantValue(&result); 132 133 return returnValue; 134} 135 136 137v8::Handle<v8::Value> npObjectMethodHandler(const v8::Arguments& args) 138{ 139 return npObjectInvokeImpl(args, InvokeMethod); 140} 141 142 143v8::Handle<v8::Value> npObjectInvokeDefaultHandler(const v8::Arguments& args) 144{ 145 if (args.IsConstructCall()) 146 return npObjectInvokeImpl(args, InvokeConstruct); 147 148 return npObjectInvokeImpl(args, InvokeDefault); 149} 150 151 152static void weakTemplateCallback(v8::Persistent<v8::Value>, void* parameter); 153 154// NPIdentifier is PrivateIdentifier*. 155static WeakReferenceMap<PrivateIdentifier, v8::FunctionTemplate> staticTemplateMap(&weakTemplateCallback); 156 157static void weakTemplateCallback(v8::Persistent<v8::Value> object, void* parameter) 158{ 159 PrivateIdentifier* identifier = static_cast<PrivateIdentifier*>(parameter); 160 ASSERT(identifier); 161 ASSERT(staticTemplateMap.contains(identifier)); 162 163 staticTemplateMap.forget(identifier); 164} 165 166 167static v8::Handle<v8::Value> npObjectGetProperty(v8::Local<v8::Object> self, NPIdentifier identifier, v8::Local<v8::Value> key) 168{ 169 NPObject* npObject = v8ObjectToNPObject(self); 170 171 // Verify that our wrapper wasn't using a NPObject which 172 // has already been deleted. 173 if (!npObject || !_NPN_IsAlive(npObject)) 174 return throwError("NPObject deleted", V8Proxy::ReferenceError); 175 176 177 if (npObject->_class->hasProperty && npObject->_class->hasProperty(npObject, identifier) 178 && npObject->_class->getProperty) { 179 180 NPVariant result; 181 VOID_TO_NPVARIANT(result); 182 if (!npObject->_class->getProperty(npObject, identifier, &result)) 183 return v8::Handle<v8::Value>(); 184 185 v8::Handle<v8::Value> returnValue = convertNPVariantToV8Object(&result, npObject); 186 _NPN_ReleaseVariantValue(&result); 187 return returnValue; 188 189 } 190 191 if (key->IsString() && npObject->_class->hasMethod && npObject->_class->hasMethod(npObject, identifier)) { 192 PrivateIdentifier* id = static_cast<PrivateIdentifier*>(identifier); 193 v8::Persistent<v8::FunctionTemplate> functionTemplate = staticTemplateMap.get(id); 194 // Cache templates using identifier as the key. 195 if (functionTemplate.IsEmpty()) { 196 // Create a new template. 197 v8::Local<v8::FunctionTemplate> temp = v8::FunctionTemplate::New(); 198 temp->SetCallHandler(npObjectMethodHandler, key); 199 functionTemplate = v8::Persistent<v8::FunctionTemplate>::New(temp); 200 staticTemplateMap.set(id, functionTemplate); 201 } 202 203 // FunctionTemplate caches function for each context. 204 v8::Local<v8::Function> v8Function = functionTemplate->GetFunction(); 205 v8Function->SetName(v8::Handle<v8::String>::Cast(key)); 206 return v8Function; 207 } 208 209 return v8::Handle<v8::Value>(); 210} 211 212v8::Handle<v8::Value> npObjectNamedPropertyGetter(v8::Local<v8::String> name, const v8::AccessorInfo& info) 213{ 214 NPIdentifier identifier = getStringIdentifier(name); 215 return npObjectGetProperty(info.Holder(), identifier, name); 216} 217 218v8::Handle<v8::Value> npObjectIndexedPropertyGetter(uint32_t index, const v8::AccessorInfo& info) 219{ 220 NPIdentifier identifier = _NPN_GetIntIdentifier(index); 221 return npObjectGetProperty(info.Holder(), identifier, v8::Number::New(index)); 222} 223 224v8::Handle<v8::Value> npObjectGetNamedProperty(v8::Local<v8::Object> self, v8::Local<v8::String> name) 225{ 226 NPIdentifier identifier = getStringIdentifier(name); 227 return npObjectGetProperty(self, identifier, name); 228} 229 230v8::Handle<v8::Value> npObjectGetIndexedProperty(v8::Local<v8::Object> self, uint32_t index) 231{ 232 NPIdentifier identifier = _NPN_GetIntIdentifier(index); 233 return npObjectGetProperty(self, identifier, v8::Number::New(index)); 234} 235 236static v8::Handle<v8::Value> npObjectSetProperty(v8::Local<v8::Object> self, NPIdentifier identifier, v8::Local<v8::Value> value) 237{ 238 NPObject* npObject = v8ObjectToNPObject(self); 239 240 // Verify that our wrapper wasn't using a NPObject which has already been deleted. 241 if (!npObject || !_NPN_IsAlive(npObject)) { 242 throwError("NPObject deleted", V8Proxy::ReferenceError); 243 return value; // Intercepted, but an exception was thrown. 244 } 245 246 if (npObject->_class->hasProperty && npObject->_class->hasProperty(npObject, identifier) 247 && npObject->_class->setProperty) { 248 249 NPVariant npValue; 250 VOID_TO_NPVARIANT(npValue); 251 convertV8ObjectToNPVariant(value, npObject, &npValue); 252 bool success = npObject->_class->setProperty(npObject, identifier, &npValue); 253 _NPN_ReleaseVariantValue(&npValue); 254 if (success) 255 return value; // Intercept the call. 256 } 257 return notHandledByInterceptor(); 258} 259 260 261v8::Handle<v8::Value> npObjectNamedPropertySetter(v8::Local<v8::String> name, v8::Local<v8::Value> value, const v8::AccessorInfo& info) 262{ 263 NPIdentifier identifier = getStringIdentifier(name); 264 return npObjectSetProperty(info.Holder(), identifier, value); 265} 266 267 268v8::Handle<v8::Value> npObjectIndexedPropertySetter(uint32_t index, v8::Local<v8::Value> value, const v8::AccessorInfo& info) 269{ 270 NPIdentifier identifier = _NPN_GetIntIdentifier(index); 271 return npObjectSetProperty(info.Holder(), identifier, value); 272} 273 274v8::Handle<v8::Value> npObjectSetNamedProperty(v8::Local<v8::Object> self, v8::Local<v8::String> name, v8::Local<v8::Value> value) 275{ 276 NPIdentifier identifier = getStringIdentifier(name); 277 return npObjectSetProperty(self, identifier, value); 278} 279 280v8::Handle<v8::Value> npObjectSetIndexedProperty(v8::Local<v8::Object> self, uint32_t index, v8::Local<v8::Value> value) 281{ 282 NPIdentifier identifier = _NPN_GetIntIdentifier(index); 283 return npObjectSetProperty(self, identifier, value); 284} 285 286v8::Handle<v8::Array> npObjectPropertyEnumerator(const v8::AccessorInfo& info, bool namedProperty) 287{ 288 NPObject* npObject = v8ObjectToNPObject(info.Holder()); 289 290 // Verify that our wrapper wasn't using a NPObject which 291 // has already been deleted. 292 if (!npObject || !_NPN_IsAlive(npObject)) 293 throwError("NPObject deleted", V8Proxy::ReferenceError); 294 295 if (NP_CLASS_STRUCT_VERSION_HAS_ENUM(npObject->_class) && npObject->_class->enumerate) { 296 uint32_t count; 297 NPIdentifier* identifiers; 298 if (npObject->_class->enumerate(npObject, &identifiers, &count)) { 299 v8::Handle<v8::Array> properties = v8::Array::New(count); 300 for (uint32_t i = 0; i < count; ++i) { 301 IdentifierRep* identifier = static_cast<IdentifierRep*>(identifiers[i]); 302 if (namedProperty) 303 properties->Set(v8::Integer::New(i), v8::String::New(identifier->string())); 304 else 305 properties->Set(v8::Integer::New(i), v8::Integer::New(identifier->number())); 306 } 307 308 return properties; 309 } 310 } 311 312 return v8::Handle<v8::Array>(); 313} 314 315v8::Handle<v8::Array> npObjectNamedPropertyEnumerator(const v8::AccessorInfo& info) 316{ 317 return npObjectPropertyEnumerator(info, true); 318} 319 320v8::Handle<v8::Array> npObjectIndexedPropertyEnumerator(const v8::AccessorInfo& info) 321{ 322 return npObjectPropertyEnumerator(info, false); 323} 324 325static void weakNPObjectCallback(v8::Persistent<v8::Value>, void* parameter); 326 327static DOMWrapperMap<NPObject> staticNPObjectMap(&weakNPObjectCallback); 328 329static void weakNPObjectCallback(v8::Persistent<v8::Value> object, void* parameter) 330{ 331 NPObject* npObject = static_cast<NPObject*>(parameter); 332 ASSERT(staticNPObjectMap.contains(npObject)); 333 ASSERT(npObject); 334 335 // Must remove from our map before calling _NPN_ReleaseObject(). _NPN_ReleaseObject can call ForgetV8ObjectForNPObject, which 336 // uses the table as well. 337 staticNPObjectMap.forget(npObject); 338 339 if (_NPN_IsAlive(npObject)) 340 _NPN_ReleaseObject(npObject); 341} 342 343 344v8::Local<v8::Object> createV8ObjectForNPObject(NPObject* object, NPObject* root) 345{ 346 static v8::Persistent<v8::FunctionTemplate> npObjectDesc; 347 348 ASSERT(v8::Context::InContext()); 349 350 // If this is a v8 object, just return it. 351 if (object->_class == npScriptObjectClass) { 352 V8NPObject* v8NPObject = reinterpret_cast<V8NPObject*>(object); 353 return v8::Local<v8::Object>::New(v8NPObject->v8Object); 354 } 355 356 // If we've already wrapped this object, just return it. 357 if (staticNPObjectMap.contains(object)) 358 return v8::Local<v8::Object>::New(staticNPObjectMap.get(object)); 359 360 // FIXME: we should create a Wrapper type as a subclass of JSObject. It has two internal fields, field 0 is the wrapped 361 // pointer, and field 1 is the type. There should be an api function that returns unused type id. The same Wrapper type 362 // can be used by DOM bindings. 363 if (npObjectDesc.IsEmpty()) { 364 npObjectDesc = v8::Persistent<v8::FunctionTemplate>::New(v8::FunctionTemplate::New()); 365 npObjectDesc->InstanceTemplate()->SetInternalFieldCount(npObjectInternalFieldCount); 366 npObjectDesc->InstanceTemplate()->SetNamedPropertyHandler(npObjectNamedPropertyGetter, npObjectNamedPropertySetter, 0, 0, npObjectNamedPropertyEnumerator); 367 npObjectDesc->InstanceTemplate()->SetIndexedPropertyHandler(npObjectIndexedPropertyGetter, npObjectIndexedPropertySetter, 0, 0, npObjectIndexedPropertyEnumerator); 368 npObjectDesc->InstanceTemplate()->SetCallAsFunctionHandler(npObjectInvokeDefaultHandler); 369 } 370 371 v8::Handle<v8::Function> v8Function = npObjectDesc->GetFunction(); 372 v8::Local<v8::Object> value = SafeAllocation::newInstance(v8Function); 373 374 // If we were unable to allocate the instance, we avoid wrapping and registering the NP object. 375 if (value.IsEmpty()) 376 return value; 377 378 wrapNPObject(value, object); 379 380 // KJS retains the object as part of its wrapper (see Bindings::CInstance). 381 _NPN_RetainObject(object); 382 383 _NPN_RegisterObject(object, root); 384 385 // Maintain a weak pointer for v8 so we can cleanup the object. 386 v8::Persistent<v8::Object> weakRef = v8::Persistent<v8::Object>::New(value); 387 staticNPObjectMap.set(object, weakRef); 388 389 return value; 390} 391 392void forgetV8ObjectForNPObject(NPObject* object) 393{ 394 if (staticNPObjectMap.contains(object)) { 395 v8::HandleScope scope; 396 v8::Persistent<v8::Object> handle(staticNPObjectMap.get(object)); 397 V8DOMWrapper::setDOMWrapper(handle, WebCore::V8ClassIndex::NPOBJECT, 0); 398 staticNPObjectMap.forget(object); 399 _NPN_ReleaseObject(object); 400 } 401} 402