| /* |
| * Copyright (C) 2008, 2009, 2010 Apple Inc. All Rights Reserved. |
| * |
| * Redistribution and use in source and binary forms, with or without |
| * modification, are permitted provided that the following conditions |
| * are met: |
| * 1. Redistributions of source code must retain the above copyright |
| * notice, this list of conditions and the following disclaimer. |
| * 2. Redistributions in binary form must reproduce the above copyright |
| * notice, this list of conditions and the following disclaimer in the |
| * documentation and/or other materials provided with the distribution. |
| * |
| * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY |
| * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
| * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR |
| * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, |
| * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, |
| * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR |
| * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY |
| * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| */ |
| |
| #if USE(PLUGIN_HOST_PROCESS) |
| |
| #ifndef NetscapePluginInstanceProxy_h |
| #define NetscapePluginInstanceProxy_h |
| |
| #include <JavaScriptCore/JSGlobalData.h> |
| #include <JavaScriptCore/Strong.h> |
| #include <WebCore/Timer.h> |
| #include <WebKit/npapi.h> |
| #include <wtf/Deque.h> |
| #include <wtf/Forward.h> |
| #include <wtf/HashMap.h> |
| #include <wtf/PassRefPtr.h> |
| #include <wtf/RefCounted.h> |
| #include <wtf/RetainPtr.h> |
| #include "WebKitPluginHostTypes.h" |
| |
| namespace JSC { |
| namespace Bindings { |
| class Instance; |
| class RootObject; |
| } |
| class ArgList; |
| } |
| @class WebHostedNetscapePluginView; |
| @class WebFrame; |
| |
| namespace WebKit { |
| |
| class HostedNetscapePluginStream; |
| class NetscapePluginHostProxy; |
| class PluginRequest; |
| class ProxyInstance; |
| |
| class NetscapePluginInstanceProxy : public RefCounted<NetscapePluginInstanceProxy> { |
| public: |
| static PassRefPtr<NetscapePluginInstanceProxy> create(NetscapePluginHostProxy*, WebHostedNetscapePluginView *, bool fullFramePlugin); |
| ~NetscapePluginInstanceProxy(); |
| |
| uint32_t pluginID() const |
| { |
| ASSERT(m_pluginID); |
| |
| return m_pluginID; |
| } |
| uint32_t renderContextID() const { ASSERT(fastMallocSize(this)); return m_renderContextID; } |
| void setRenderContextID(uint32_t renderContextID) { m_renderContextID = renderContextID; } |
| |
| RendererType rendererType() const { return m_rendererType; } |
| void setRendererType(RendererType rendererType) { m_rendererType = rendererType; } |
| |
| WebHostedNetscapePluginView *pluginView() const { ASSERT(fastMallocSize(this)); return m_pluginView; } |
| NetscapePluginHostProxy* hostProxy() const { ASSERT(fastMallocSize(this)); return m_pluginHostProxy; } |
| |
| bool cancelStreamLoad(uint32_t streamID, NPReason); |
| void disconnectStream(HostedNetscapePluginStream*); |
| |
| void setManualStream(PassRefPtr<HostedNetscapePluginStream>); |
| HostedNetscapePluginStream* manualStream() const { return m_manualStream.get(); } |
| |
| void pluginHostDied(); |
| |
| void resize(NSRect size, NSRect clipRect); |
| void destroy(); |
| void focusChanged(bool hasFocus); |
| void windowFocusChanged(bool hasFocus); |
| void windowFrameChanged(NSRect frame); |
| |
| void mouseEvent(NSView *pluginView, NSEvent *, NPCocoaEventType); |
| void keyEvent(NSView *pluginView, NSEvent *, NPCocoaEventType); |
| void insertText(NSString *); |
| bool wheelEvent(NSView *pluginView, NSEvent *); |
| void syntheticKeyDownWithCommandModifier(int keyCode, char character); |
| void flagsChanged(NSEvent *); |
| void print(CGContextRef, unsigned width, unsigned height); |
| void snapshot(CGContextRef, unsigned width, unsigned height); |
| |
| void startTimers(bool throttleTimers); |
| void stopTimers(); |
| |
| void invalidateRect(double x, double y, double width, double height); |
| |
| // NPRuntime |
| bool getWindowNPObject(uint32_t& objectID); |
| bool getPluginElementNPObject(uint32_t& objectID); |
| bool forgetBrowserObjectID(uint32_t objectID); // Will fail if the ID is being sent to plug-in right now (i.e., retain/release calls aren't balanced). |
| |
| bool evaluate(uint32_t objectID, const WTF::String& script, data_t& resultData, mach_msg_type_number_t& resultLength, bool allowPopups); |
| bool invoke(uint32_t objectID, const JSC::Identifier& methodName, data_t argumentsData, mach_msg_type_number_t argumentsLength, data_t& resultData, mach_msg_type_number_t& resultLength); |
| bool invokeDefault(uint32_t objectID, data_t argumentsData, mach_msg_type_number_t argumentsLength, data_t& resultData, mach_msg_type_number_t& resultLength); |
| bool construct(uint32_t objectID, data_t argumentsData, mach_msg_type_number_t argumentsLength, data_t& resultData, mach_msg_type_number_t& resultLength); |
| bool enumerate(uint32_t objectID, data_t& resultData, mach_msg_type_number_t& resultLength); |
| |
| bool getProperty(uint32_t objectID, const JSC::Identifier& propertyName, data_t &resultData, mach_msg_type_number_t& resultLength); |
| bool getProperty(uint32_t objectID, unsigned propertyName, data_t &resultData, mach_msg_type_number_t& resultLength); |
| bool setProperty(uint32_t objectID, const JSC::Identifier& propertyName, data_t valueData, mach_msg_type_number_t valueLength); |
| bool setProperty(uint32_t objectID, unsigned propertyName, data_t valueData, mach_msg_type_number_t valueLength); |
| bool removeProperty(uint32_t objectID, const JSC::Identifier& propertyName); |
| bool removeProperty(uint32_t objectID, unsigned propertyName); |
| bool hasProperty(uint32_t objectID, const JSC::Identifier& propertyName); |
| bool hasProperty(uint32_t objectID, unsigned propertyName); |
| bool hasMethod(uint32_t objectID, const JSC::Identifier& methodName); |
| |
| void status(const char* message); |
| NPError loadURL(const char* url, const char* target, const char* postData, uint32_t postDataLength, LoadURLFlags, uint32_t& requestID); |
| |
| bool getCookies(data_t urlData, mach_msg_type_number_t urlLength, data_t& cookiesData, mach_msg_type_number_t& cookiesLength); |
| bool setCookies(data_t urlData, mach_msg_type_number_t urlLength, data_t cookiesData, mach_msg_type_number_t cookiesLength); |
| |
| bool getProxy(data_t urlData, mach_msg_type_number_t urlLength, data_t& proxyData, mach_msg_type_number_t& proxyLength); |
| bool getAuthenticationInfo(data_t protocolData, data_t hostData, uint32_t port, data_t schemeData, data_t realmData, |
| data_t& usernameData, mach_msg_type_number_t& usernameLength, data_t& passwordData, mach_msg_type_number_t& passwordLength); |
| bool convertPoint(double sourceX, double sourceY, NPCoordinateSpace sourceSpace, |
| double& destX, double& destY, NPCoordinateSpace destSpace); |
| |
| PassRefPtr<JSC::Bindings::Instance> createBindingsInstance(PassRefPtr<JSC::Bindings::RootObject>); |
| RetainPtr<NSData *> marshalValues(JSC::ExecState*, const JSC::ArgList& args); |
| void marshalValue(JSC::ExecState*, JSC::JSValue, data_t& resultData, mach_msg_type_number_t& resultLength); |
| JSC::JSValue demarshalValue(JSC::ExecState*, const char* valueData, mach_msg_type_number_t valueLength); |
| |
| // No-op if the value does not contain a local object. |
| void retainLocalObject(JSC::JSValue); |
| void releaseLocalObject(JSC::JSValue); |
| |
| void addInstance(ProxyInstance*); |
| void removeInstance(ProxyInstance*); |
| |
| void cleanup(); |
| void invalidate(); |
| |
| void willCallPluginFunction(); |
| void didCallPluginFunction(bool& stopped); |
| bool shouldStop(); |
| |
| uint32_t nextRequestID(); |
| |
| uint32_t checkIfAllowedToLoadURL(const char* url, const char* target); |
| void cancelCheckIfAllowedToLoadURL(uint32_t checkID); |
| void checkIfAllowedToLoadURLResult(uint32_t checkID, bool allowed); |
| |
| void resolveURL(const char* url, const char* target, data_t& resolvedURLData, mach_msg_type_number_t& resolvedURLLength); |
| |
| void didDraw(); |
| void privateBrowsingModeDidChange(bool isPrivateBrowsingEnabled); |
| |
| static void setGlobalException(const WTF::String&); |
| static void moveGlobalExceptionToExecState(JSC::ExecState*); |
| |
| // Reply structs |
| struct Reply { |
| enum Type { |
| InstantiatePlugin, |
| GetScriptableNPObject, |
| BooleanAndData, |
| Boolean |
| }; |
| |
| Reply(Type type) |
| : m_type(type) |
| { |
| } |
| |
| virtual ~Reply() { } |
| |
| Type m_type; |
| }; |
| |
| struct InstantiatePluginReply : public Reply { |
| static const int ReplyType = InstantiatePlugin; |
| |
| InstantiatePluginReply(kern_return_t resultCode, uint32_t renderContextID, RendererType rendererType) |
| : Reply(InstantiatePlugin) |
| , m_resultCode(resultCode) |
| , m_renderContextID(renderContextID) |
| , m_rendererType(rendererType) |
| { |
| } |
| |
| kern_return_t m_resultCode; |
| uint32_t m_renderContextID; |
| RendererType m_rendererType; |
| }; |
| |
| struct GetScriptableNPObjectReply : public Reply { |
| static const Reply::Type ReplyType = GetScriptableNPObject; |
| |
| GetScriptableNPObjectReply(uint32_t objectID) |
| : Reply(ReplyType) |
| , m_objectID(objectID) |
| { |
| } |
| |
| uint32_t m_objectID; |
| }; |
| |
| struct BooleanReply : public Reply { |
| static const Reply::Type ReplyType = Boolean; |
| |
| BooleanReply(boolean_t result) |
| : Reply(ReplyType) |
| , m_result(result) |
| { |
| } |
| |
| boolean_t m_result; |
| }; |
| |
| struct BooleanAndDataReply : public Reply { |
| static const Reply::Type ReplyType = BooleanAndData; |
| |
| BooleanAndDataReply(boolean_t returnValue, RetainPtr<CFDataRef> result) |
| : Reply(ReplyType) |
| , m_returnValue(returnValue) |
| , m_result(result) |
| { |
| } |
| |
| boolean_t m_returnValue; |
| RetainPtr<CFDataRef> m_result; |
| }; |
| |
| void setCurrentReply(uint32_t requestID, Reply* reply) |
| { |
| ASSERT(!m_replies.contains(requestID)); |
| m_replies.set(requestID, reply); |
| } |
| |
| template <typename T> |
| std::auto_ptr<T> waitForReply(uint32_t requestID) |
| { |
| RefPtr<NetscapePluginInstanceProxy> protect(this); // Plug-in host may crash while we are waiting for reply, releasing all instances to the instance proxy. |
| |
| willCallPluginFunction(); |
| m_waitingForReply = true; |
| |
| Reply* reply = processRequestsAndWaitForReply(requestID); |
| if (reply) |
| ASSERT(reply->m_type == T::ReplyType); |
| |
| m_waitingForReply = false; |
| |
| bool stopped = false; |
| didCallPluginFunction(stopped); |
| if (stopped) { |
| // The instance proxy may have been deleted from didCallPluginFunction(), so a null reply needs to be returned. |
| delete static_cast<T*>(reply); |
| return std::auto_ptr<T>(); |
| } |
| |
| return std::auto_ptr<T>(static_cast<T*>(reply)); |
| } |
| |
| void webFrameDidFinishLoadWithReason(WebFrame*, NPReason); |
| |
| private: |
| NetscapePluginInstanceProxy(NetscapePluginHostProxy*, WebHostedNetscapePluginView*, bool fullFramePlugin); |
| |
| NPError loadRequest(NSURLRequest*, const char* cTarget, bool currentEventIsUserGesture, uint32_t& streamID); |
| |
| class PluginRequest; |
| void performRequest(PluginRequest*); |
| void evaluateJavaScript(PluginRequest*); |
| |
| void stopAllStreams(); |
| Reply* processRequestsAndWaitForReply(uint32_t requestID); |
| |
| NetscapePluginHostProxy* m_pluginHostProxy; |
| WebHostedNetscapePluginView *m_pluginView; |
| |
| void requestTimerFired(WebCore::Timer<NetscapePluginInstanceProxy>*); |
| WebCore::Timer<NetscapePluginInstanceProxy> m_requestTimer; |
| Deque<RefPtr<PluginRequest> > m_pluginRequests; |
| |
| HashMap<uint32_t, RefPtr<HostedNetscapePluginStream> > m_streams; |
| |
| uint32_t m_currentURLRequestID; |
| |
| uint32_t m_pluginID; |
| uint32_t m_renderContextID; |
| RendererType m_rendererType; |
| |
| bool m_waitingForReply; |
| HashMap<uint32_t, Reply*> m_replies; |
| |
| // NPRuntime |
| |
| void addValueToArray(NSMutableArray *, JSC::ExecState* exec, JSC::JSValue value); |
| |
| bool demarshalValueFromArray(JSC::ExecState*, NSArray *array, NSUInteger& index, JSC::JSValue& result); |
| void demarshalValues(JSC::ExecState*, data_t valuesData, mach_msg_type_number_t valuesLength, JSC::MarkedArgumentBuffer& result); |
| |
| class LocalObjectMap { |
| WTF_MAKE_NONCOPYABLE(LocalObjectMap); |
| public: |
| LocalObjectMap(); |
| ~LocalObjectMap(); |
| uint32_t idForObject(JSC::JSGlobalData&, JSC::JSObject*); |
| void retain(JSC::JSObject*); |
| void release(JSC::JSObject*); |
| void clear(); |
| bool forget(uint32_t); |
| bool contains(uint32_t) const; |
| JSC::JSObject* get(uint32_t) const; |
| |
| private: |
| HashMap<uint32_t, JSC::Strong<JSC::JSObject> > m_idToJSObjectMap; |
| // The pair consists of object ID and a reference count. One reference belongs to remote plug-in, |
| // and the proxy will add transient references for arguments that are being sent out. |
| HashMap<JSC::JSObject*, pair<uint32_t, uint32_t> > m_jsObjectToIDMap; |
| uint32_t m_objectIDCounter; |
| }; |
| |
| LocalObjectMap m_localObjects; |
| |
| typedef HashSet<ProxyInstance*> ProxyInstanceSet; |
| ProxyInstanceSet m_instances; |
| |
| uint32_t m_urlCheckCounter; |
| typedef HashMap<uint32_t, RetainPtr<id> > URLCheckMap; |
| URLCheckMap m_urlChecks; |
| |
| unsigned m_pluginFunctionCallDepth; |
| bool m_shouldStopSoon; |
| uint32_t m_currentRequestID; |
| |
| // All NPRuntime functions will return false when destroying a plug-in. This is necessary because there may be unhandled messages waiting, |
| // and spinning in processRequests() will unexpectedly execute them from inside destroy(). That's not a good time to execute arbitrary JavaScript, |
| // since both loading and rendering data structures may be in inconsistent state. |
| // This suppresses calls from all plug-ins, even those in different pages, since JS might affect the frame with plug-in that's being stopped. |
| // |
| // FIXME: Plug-ins can execute arbitrary JS from destroy() in same process case, and other browsers also support that. |
| // A better fix may be to make sure that unrelated messages are postponed until after destroy() returns. |
| // Another possible fix may be to send destroy message at a time when internal structures are consistent. |
| // |
| // FIXME: We lack similar message suppression in other cases - resize() is also triggered by layout, so executing arbitrary JS is also problematic. |
| static bool m_inDestroy; |
| |
| bool m_pluginIsWaitingForDraw; |
| |
| RefPtr<HostedNetscapePluginStream> m_manualStream; |
| |
| typedef HashMap<WebFrame*, RefPtr<PluginRequest> > FrameLoadMap; |
| FrameLoadMap m_pendingFrameLoads; |
| }; |
| |
| } // namespace WebKit |
| |
| #endif // NetscapePluginInstanceProxy_h |
| #endif // USE(PLUGIN_HOST_PROCESS) |
