1/*
2 * Copyright (C) 2008, 2009 Google Inc. All rights reserved.
3 * Copyright (C) 2009 Apple Inc. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are
7 * met:
8 *
9 *     * Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *     * Redistributions in binary form must reproduce the above
12 * copyright notice, this list of conditions and the following disclaimer
13 * in the documentation and/or other materials provided with the
14 * distribution.
15 *     * Neither the name of Google Inc. nor the names of its
16 * contributors may be used to endorse or promote products derived from
17 * this software without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
22 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
23 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
24 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
25 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
26 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
27 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 */
31
32#include "config.h"
33#include "ScriptController.h"
34
35#include "PlatformBridge.h"
36#include "Document.h"
37#include "ScriptCallStack.h"
38#include "ScriptCallStackFactory.h"
39#include "ScriptableDocumentParser.h"
40#include "DOMWindow.h"
41#include "Event.h"
42#include "EventListener.h"
43#include "EventNames.h"
44#include "Frame.h"
45#include "FrameLoaderClient.h"
46#include "Node.h"
47#include "NotImplemented.h"
48#include "npruntime_impl.h"
49#include "npruntime_priv.h"
50#include "NPV8Object.h"
51#include "ScriptSourceCode.h"
52#include "Settings.h"
53#include "UserGestureIndicator.h"
54#include "V8Binding.h"
55#include "V8BindingState.h"
56#include "V8DOMWindow.h"
57#include "V8Event.h"
58#include "V8HiddenPropertyName.h"
59#include "V8HTMLEmbedElement.h"
60#include "V8IsolatedContext.h"
61#include "V8NPObject.h"
62#include "V8Proxy.h"
63#include "Widget.h"
64#include <wtf/StdLibExtras.h>
65#include <wtf/text/CString.h>
66
67#if PLATFORM(QT)
68#include <QScriptEngine>
69#endif
70
71namespace WebCore {
72
73void ScriptController::initializeThreading()
74{
75    static bool initializedThreading = false;
76    if (!initializedThreading) {
77        WTF::initializeThreading();
78        WTF::initializeMainThread();
79        initializedThreading = true;
80    }
81}
82
83void ScriptController::setFlags(const char* string, int length)
84{
85    v8::V8::SetFlagsFromString(string, length);
86}
87
88Frame* ScriptController::retrieveFrameForEnteredContext()
89{
90    return V8Proxy::retrieveFrameForEnteredContext();
91}
92
93Frame* ScriptController::retrieveFrameForCurrentContext()
94{
95    return V8Proxy::retrieveFrameForCurrentContext();
96}
97
98bool ScriptController::canAccessFromCurrentOrigin(Frame *frame)
99{
100    return !v8::Context::InContext() || V8BindingSecurity::canAccessFrame(V8BindingState::Only(), frame, true);
101}
102
103bool ScriptController::isSafeScript(Frame* target)
104{
105    return V8BindingSecurity::canAccessFrame(V8BindingState::Only(), target, true);
106}
107
108ScriptController::ScriptController(Frame* frame)
109    : m_frame(frame)
110    , m_sourceURL(0)
111    , m_inExecuteScript(false)
112    , m_processingTimerCallback(false)
113    , m_paused(false)
114    , m_allowPopupsFromPlugin(false)
115    , m_proxy(new V8Proxy(frame))
116#if ENABLE(NETSCAPE_PLUGIN_API)
117    , m_windowScriptNPObject(0)
118#endif
119{
120}
121
122ScriptController::~ScriptController()
123{
124    m_proxy->disconnectFrame();
125}
126
127void ScriptController::clearScriptObjects()
128{
129    PluginObjectMap::iterator it = m_pluginObjects.begin();
130    for (; it != m_pluginObjects.end(); ++it) {
131        _NPN_UnregisterObject(it->second);
132        _NPN_ReleaseObject(it->second);
133    }
134    m_pluginObjects.clear();
135
136#if ENABLE(NETSCAPE_PLUGIN_API)
137    if (m_windowScriptNPObject) {
138        // Call _NPN_DeallocateObject() instead of _NPN_ReleaseObject() so that we don't leak if a plugin fails to release the window
139        // script object properly.
140        // This shouldn't cause any problems for plugins since they should have already been stopped and destroyed at this point.
141        _NPN_DeallocateObject(m_windowScriptNPObject);
142        m_windowScriptNPObject = 0;
143    }
144#endif
145}
146
147void ScriptController::updateSecurityOrigin()
148{
149    m_proxy->windowShell()->updateSecurityOrigin();
150}
151
152void ScriptController::updatePlatformScriptObjects()
153{
154    notImplemented();
155}
156
157bool ScriptController::processingUserGesture()
158{
159    Frame* activeFrame = V8Proxy::retrieveFrameForEnteredContext();
160    // No script is running, so it is user-initiated unless the gesture stack
161    // explicitly says it is not.
162    if (!activeFrame)
163        return UserGestureIndicator::getUserGestureState() != DefinitelyNotProcessingUserGesture;
164
165    V8Proxy* activeProxy = activeFrame->script()->proxy();
166
167    v8::HandleScope handleScope;
168    v8::Handle<v8::Context> v8Context = V8Proxy::mainWorldContext(activeFrame);
169    // FIXME: find all cases context can be empty:
170    //  1) JS is disabled;
171    //  2) page is NULL;
172    if (v8Context.IsEmpty())
173        return true;
174
175    v8::Context::Scope scope(v8Context);
176
177    v8::Handle<v8::Object> global = v8Context->Global();
178    v8::Handle<v8::String> eventSymbol = V8HiddenPropertyName::event();
179    v8::Handle<v8::Value> jsEvent = global->GetHiddenValue(eventSymbol);
180    Event* event = V8DOMWrapper::isValidDOMObject(jsEvent) ? V8Event::toNative(v8::Handle<v8::Object>::Cast(jsEvent)) : 0;
181
182    // Based on code from JSC's ScriptController::processingUserGesture.
183    // Note: This is more liberal than Firefox's implementation.
184    if (event) {
185        // Event::fromUserGesture will return false when UserGestureIndicator::processingUserGesture() returns false.
186        return event->fromUserGesture();
187    }
188    // FIXME: We check the javascript anchor navigation from the last entered
189    // frame becuase it should only be initiated on the last entered frame in
190    // which execution began if it does happen.
191    const String* sourceURL = activeFrame->script()->sourceURL();
192    if (sourceURL && sourceURL->isNull() && !activeProxy->timerCallback()) {
193        // This is the <a href="javascript:window.open('...')> case -> we let it through.
194        return true;
195    }
196    if (activeFrame->script()->allowPopupsFromPlugin())
197        return true;
198    // This is the <script>window.open(...)</script> case or a timer callback -> block it.
199    // Based on JSC version, use returned value of UserGestureIndicator::processingUserGesture for all other situations.
200    return UserGestureIndicator::processingUserGesture();
201}
202
203bool ScriptController::anyPageIsProcessingUserGesture() const
204{
205    // FIXME: is this right?
206    return ScriptController::processingUserGesture();
207}
208
209void ScriptController::evaluateInIsolatedWorld(unsigned worldID, const Vector<ScriptSourceCode>& sources)
210{
211    m_proxy->evaluateInIsolatedWorld(worldID, sources, 0);
212}
213
214void ScriptController::evaluateInIsolatedWorld(unsigned worldID, const Vector<ScriptSourceCode>& sources, int extensionGroup)
215{
216    m_proxy->evaluateInIsolatedWorld(worldID, sources, extensionGroup);
217}
218
219// Evaluate a script file in the environment of this proxy.
220ScriptValue ScriptController::evaluate(const ScriptSourceCode& sourceCode)
221{
222    String sourceURL = sourceCode.url();
223    const String* savedSourceURL = m_sourceURL;
224    m_sourceURL = &sourceURL;
225
226    v8::HandleScope handleScope;
227    v8::Handle<v8::Context> v8Context = V8Proxy::mainWorldContext(m_proxy->frame());
228    if (v8Context.IsEmpty())
229        return ScriptValue();
230
231    v8::Context::Scope scope(v8Context);
232
233    RefPtr<Frame> protect(m_frame);
234
235    v8::Local<v8::Value> object = m_proxy->evaluate(sourceCode, 0);
236
237    // Evaluating the JavaScript could cause the frame to be deallocated
238    // so we start the keep alive timer here.
239    m_frame->keepAlive();
240
241    m_sourceURL = savedSourceURL;
242
243    if (object.IsEmpty())
244        return ScriptValue();
245
246    return ScriptValue(object);
247}
248
249TextPosition0 ScriptController::eventHandlerPosition() const
250{
251    ScriptableDocumentParser* parser = m_frame->document()->scriptableDocumentParser();
252    if (parser)
253        return parser->textPosition();
254    return TextPosition0::minimumPosition();
255}
256
257void ScriptController::finishedWithEvent(Event* event)
258{
259    m_proxy->finishedWithEvent(event);
260}
261
262// Create a V8 object with an interceptor of NPObjectPropertyGetter.
263void ScriptController::bindToWindowObject(Frame* frame, const String& key, NPObject* object)
264{
265    v8::HandleScope handleScope;
266
267    v8::Handle<v8::Context> v8Context = V8Proxy::mainWorldContext(frame);
268    if (v8Context.IsEmpty())
269        return;
270
271    v8::Context::Scope scope(v8Context);
272
273    v8::Handle<v8::Object> value = createV8ObjectForNPObject(object, 0);
274
275    // Attach to the global object.
276    v8::Handle<v8::Object> global = v8Context->Global();
277    global->Set(v8String(key), value);
278}
279
280void ScriptController::collectGarbage()
281{
282    v8::HandleScope handleScope;
283
284    v8::Persistent<v8::Context> v8Context = v8::Context::New();
285    if (v8Context.IsEmpty())
286        return;
287    {
288        v8::Context::Scope scope(v8Context);
289        v8::Local<v8::String> source = v8::String::New("if (gc) gc();");
290        v8::Local<v8::String> name = v8::String::New("gc");
291        v8::Handle<v8::Script> script = v8::Script::Compile(source, name);
292        if (!script.IsEmpty())
293            script->Run();
294    }
295    v8Context.Dispose();
296}
297
298void ScriptController::lowMemoryNotification()
299{
300    v8::V8::LowMemoryNotification();
301}
302
303bool ScriptController::haveInterpreter() const
304{
305    return m_proxy->windowShell()->isContextInitialized();
306}
307
308PassScriptInstance ScriptController::createScriptInstanceForWidget(Widget* widget)
309{
310    ASSERT(widget);
311
312    if (widget->isFrameView())
313        return 0;
314
315    NPObject* npObject = PlatformBridge::pluginScriptableObject(widget);
316
317    if (!npObject)
318        return 0;
319
320    // Frame Memory Management for NPObjects
321    // -------------------------------------
322    // NPObjects are treated differently than other objects wrapped by JS.
323    // NPObjects can be created either by the browser (e.g. the main
324    // window object) or by the plugin (the main plugin object
325    // for a HTMLEmbedElement). Further, unlike most DOM Objects, the frame
326    // is especially careful to ensure NPObjects terminate at frame teardown because
327    // if a plugin leaks a reference, it could leak its objects (or the browser's objects).
328    //
329    // The Frame maintains a list of plugin objects (m_pluginObjects)
330    // which it can use to quickly find the wrapped embed object.
331    //
332    // Inside the NPRuntime, we've added a few methods for registering
333    // wrapped NPObjects. The purpose of the registration is because
334    // javascript garbage collection is non-deterministic, yet we need to
335    // be able to tear down the plugin objects immediately. When an object
336    // is registered, javascript can use it. When the object is destroyed,
337    // or when the object's "owning" object is destroyed, the object will
338    // be un-registered, and the javascript engine must not use it.
339    //
340    // Inside the javascript engine, the engine can keep a reference to the
341    // NPObject as part of its wrapper. However, before accessing the object
342    // it must consult the _NPN_Registry.
343
344    v8::Local<v8::Object> wrapper = createV8ObjectForNPObject(npObject, 0);
345
346#ifdef ANDROID_FIX
347    // TODO: this should be up streamed.
348    // HTMLEmbedElement::getInstance() will call this function with its closest
349    // ancestor who has the objectTag. So this "widget" may be already in the
350    // HashMap. If it does, even m_pluginObjects.set() is a no-op, we do need to
351    // call _NPN_ReleaseObject on the npObject to balance the reference count.
352    PluginObjectMap::iterator it = m_pluginObjects.find(widget);
353    if (it != m_pluginObjects.end()) {
354        ASSERT(it->second == npObject);
355        _NPN_ReleaseObject(it->second);
356    }
357#endif
358
359    // Track the plugin object. We've been given a reference to the object.
360    m_pluginObjects.set(widget, npObject);
361
362    return V8ScriptInstance::create(wrapper);
363}
364
365void ScriptController::cleanupScriptObjectsForPlugin(Widget* nativeHandle)
366{
367    PluginObjectMap::iterator it = m_pluginObjects.find(nativeHandle);
368    if (it == m_pluginObjects.end())
369        return;
370    _NPN_UnregisterObject(it->second);
371    _NPN_ReleaseObject(it->second);
372    m_pluginObjects.remove(it);
373}
374
375void ScriptController::getAllWorlds(Vector<DOMWrapperWorld*>& worlds)
376{
377    worlds.append(mainThreadNormalWorld());
378}
379
380void ScriptController::evaluateInWorld(const ScriptSourceCode& source,
381                                       DOMWrapperWorld* world)
382{
383    Vector<ScriptSourceCode> sources;
384    sources.append(source);
385    // FIXME: Get an ID from the world param.
386    evaluateInIsolatedWorld(0, sources);
387}
388
389static NPObject* createNoScriptObject()
390{
391    notImplemented();
392    return 0;
393}
394
395static NPObject* createScriptObject(Frame* frame)
396{
397    v8::HandleScope handleScope;
398    v8::Handle<v8::Context> v8Context = V8Proxy::mainWorldContext(frame);
399    if (v8Context.IsEmpty())
400        return createNoScriptObject();
401
402    v8::Context::Scope scope(v8Context);
403    DOMWindow* window = frame->domWindow();
404    v8::Handle<v8::Value> global = toV8(window);
405    ASSERT(global->IsObject());
406    return npCreateV8ScriptObject(0, v8::Handle<v8::Object>::Cast(global), window);
407}
408
409NPObject* ScriptController::windowScriptNPObject()
410{
411    if (m_windowScriptNPObject)
412        return m_windowScriptNPObject;
413
414    if (canExecuteScripts(NotAboutToExecuteScript)) {
415        // JavaScript is enabled, so there is a JavaScript window object.
416        // Return an NPObject bound to the window object.
417        m_windowScriptNPObject = createScriptObject(m_frame);
418        _NPN_RegisterObject(m_windowScriptNPObject, 0);
419    } else {
420        // JavaScript is not enabled, so we cannot bind the NPObject to the
421        // JavaScript window object. Instead, we create an NPObject of a
422        // different class, one which is not bound to a JavaScript object.
423        m_windowScriptNPObject = createNoScriptObject();
424    }
425    return m_windowScriptNPObject;
426}
427
428NPObject* ScriptController::createScriptObjectForPluginElement(HTMLPlugInElement* plugin)
429{
430    // Can't create NPObjects when JavaScript is disabled.
431    if (!canExecuteScripts(NotAboutToExecuteScript))
432        return createNoScriptObject();
433
434    v8::HandleScope handleScope;
435    v8::Handle<v8::Context> v8Context = V8Proxy::mainWorldContext(m_frame);
436    if (v8Context.IsEmpty())
437        return createNoScriptObject();
438    v8::Context::Scope scope(v8Context);
439
440    DOMWindow* window = m_frame->domWindow();
441    v8::Handle<v8::Value> v8plugin = toV8(static_cast<HTMLEmbedElement*>(plugin));
442    if (!v8plugin->IsObject())
443        return createNoScriptObject();
444
445    return npCreateV8ScriptObject(0, v8::Handle<v8::Object>::Cast(v8plugin), window);
446}
447
448
449void ScriptController::clearWindowShell(bool)
450{
451    // V8 binding expects ScriptController::clearWindowShell only be called
452    // when a frame is loading a new page. V8Proxy::clearForNavigation
453    // creates a new context for the new page.
454    m_proxy->clearForNavigation();
455}
456
457#if ENABLE(INSPECTOR)
458void ScriptController::setCaptureCallStackForUncaughtExceptions(bool value)
459{
460    v8::V8::SetCaptureStackTraceForUncaughtExceptions(value, ScriptCallStack::maxCallStackSizeToCapture, stackTraceOptions);
461}
462#endif
463
464void ScriptController::attachDebugger(void*)
465{
466    notImplemented();
467}
468
469void ScriptController::updateDocument()
470{
471    m_proxy->windowShell()->updateDocument();
472}
473
474void ScriptController::namedItemAdded(HTMLDocument* doc, const AtomicString& name)
475{
476    m_proxy->windowShell()->namedItemAdded(doc, name);
477}
478
479void ScriptController::namedItemRemoved(HTMLDocument* doc, const AtomicString& name)
480{
481    m_proxy->windowShell()->namedItemRemoved(doc, name);
482}
483
484} // namespace WebCore
485