Source/WebCore/bindings/ScriptControllerBase.cpp - platform/external/webkit - Git at Google

 /*
  *  Copyright (C) 1999-2001 Harri Porten (porten@kde.org)
  *  Copyright (C) 2001 Peter Kelly (pmk@post.com)
  *  Copyright (C) 2006, 2007, 2008 Apple Inc. All rights reserved.
  *
  *  This library is free software; you can redistribute it and/or
  *  modify it under the terms of the GNU Lesser General Public
  *  License as published by the Free Software Foundation; either
  *  version 2 of the License, or (at your option) any later version.
  *
  *  This library is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  *  Lesser General Public License for more details.
  *
  *  You should have received a copy of the GNU Lesser General Public
  *  License along with this library; if not, write to the Free Software
  *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  */

 #include "config.h"
 #include "ScriptController.h"

 #include "ContentSecurityPolicy.h"
 #include "DocumentLoader.h"
 #include "Frame.h"
 #include "FrameLoaderClient.h"
 #include "Page.h"
 #include "ScriptSourceCode.h"
 #include "ScriptValue.h"
 #include "Settings.h"

 namespace WebCore {

 bool ScriptController::canExecuteScripts(ReasonForCallingCanExecuteScripts reason)
 {
     // FIXME: We should get this information from the document instead of the frame.
     if (m_frame->loader()->isSandboxed(SandboxScripts))
         return false;

     Settings* settings = m_frame->settings();
     const bool allowed = m_frame->loader()->client()->allowJavaScript(settings && settings->isJavaScriptEnabled());
     if (!allowed && reason == AboutToExecuteScript)
         m_frame->loader()->client()->didNotAllowScript();
     return allowed;
 }

 ScriptValue ScriptController::executeScript(const String& script, bool forceUserGesture)
 {
     return executeScript(ScriptSourceCode(script, forceUserGesture ? KURL() : m_frame->document()->url()));
 }

 ScriptValue ScriptController::executeScript(const ScriptSourceCode& sourceCode)
 {
     if (!canExecuteScripts(AboutToExecuteScript) || isPaused())
         return ScriptValue();

     bool wasInExecuteScript = m_inExecuteScript;
     m_inExecuteScript = true;

     ScriptValue result = evaluate(sourceCode);

     if (!wasInExecuteScript) {
         m_inExecuteScript = false;
         Document::updateStyleForAllDocuments();
     }

     return result;
 }

 bool ScriptController::executeIfJavaScriptURL(const KURL& url, ShouldReplaceDocumentIfJavaScriptURL shouldReplaceDocumentIfJavaScriptURL)
 {
     if (!protocolIsJavaScript(url))
         return false;

     if (!m_frame->page()
         || !m_frame->page()->javaScriptURLsAreAllowed()
         || !m_frame->document()->contentSecurityPolicy()->allowJavaScriptURLs()
         || m_frame->inViewSourceMode())
         return true;

     // We need to hold onto the Frame here because executing script can
     // destroy the frame.
     RefPtr<Frame> protector(m_frame);

     const int javascriptSchemeLength = sizeof("javascript:") - 1;

     String decodedURL = decodeURLEscapeSequences(url.string());
     ScriptValue result = executeScript(decodedURL.substring(javascriptSchemeLength), false);

     // If executing script caused this frame to be removed from the page, we
     // don't want to try to replace its document!
     if (!m_frame->page())
         return true;

     String scriptResult;
 #if USE(JSC)
     JSDOMWindowShell* shell = windowShell(mainThreadNormalWorld());
     JSC::ExecState* exec = shell->window()->globalExec();
     if (!result.getString(exec, scriptResult))
         return true;
 #else
     if (!result.getString(scriptResult))
         return true;
 #endif

     // FIXME: We should always replace the document, but doing so
     //        synchronously can cause crashes:
     //        http://bugs.webkit.org/show_bug.cgi?id=16782
     if (shouldReplaceDocumentIfJavaScriptURL == ReplaceDocumentIfJavaScriptURL) {
         // We're still in a frame, so there should be a DocumentLoader.
         ASSERT(m_frame->document()->loader());

         // DocumentWriter::replaceDocument can cause the DocumentLoader to get deref'ed and possible destroyed,
         // so protect it with a RefPtr.
         if (RefPtr<DocumentLoader> loader = m_frame->document()->loader())
             loader->writer()->replaceDocument(scriptResult);
     }
     return true;
 }

 } // namespace WebCore
	/*
	* Copyright (C) 1999-2001 Harri Porten (porten@kde.org)
	* Copyright (C) 2001 Peter Kelly (pmk@post.com)
	* Copyright (C) 2006, 2007, 2008 Apple Inc. All rights reserved.
	*
	* This library is free software; you can redistribute it and/or
	* modify it under the terms of the GNU Lesser General Public
	* License as published by the Free Software Foundation; either
	* version 2 of the License, or (at your option) any later version.
	*
	* This library is distributed in the hope that it will be useful,
	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	* Lesser General Public License for more details.
	*
	* You should have received a copy of the GNU Lesser General Public
	* License along with this library; if not, write to the Free Software
	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
	*/

	#include "config.h"
	#include "ScriptController.h"

	#include "ContentSecurityPolicy.h"
	#include "DocumentLoader.h"
	#include "Frame.h"
	#include "FrameLoaderClient.h"
	#include "Page.h"
	#include "ScriptSourceCode.h"
	#include "ScriptValue.h"
	#include "Settings.h"

	namespace WebCore {

	bool ScriptController::canExecuteScripts(ReasonForCallingCanExecuteScripts reason)
	{
	// FIXME: We should get this information from the document instead of the frame.
	if (m_frame->loader()->isSandboxed(SandboxScripts))
	return false;

	Settings* settings = m_frame->settings();
	const bool allowed = m_frame->loader()->client()->allowJavaScript(settings && settings->isJavaScriptEnabled());
	if (!allowed && reason == AboutToExecuteScript)
	m_frame->loader()->client()->didNotAllowScript();
	return allowed;
	}

	ScriptValue ScriptController::executeScript(const String& script, bool forceUserGesture)
	{
	return executeScript(ScriptSourceCode(script, forceUserGesture ? KURL() : m_frame->document()->url()));
	}

	ScriptValue ScriptController::executeScript(const ScriptSourceCode& sourceCode)
	{
	if (!canExecuteScripts(AboutToExecuteScript) \|\| isPaused())
	return ScriptValue();

	bool wasInExecuteScript = m_inExecuteScript;
	m_inExecuteScript = true;

	ScriptValue result = evaluate(sourceCode);

	if (!wasInExecuteScript) {
	m_inExecuteScript = false;
	Document::updateStyleForAllDocuments();
	}

	return result;
	}

	bool ScriptController::executeIfJavaScriptURL(const KURL& url, ShouldReplaceDocumentIfJavaScriptURL shouldReplaceDocumentIfJavaScriptURL)
	{
	if (!protocolIsJavaScript(url))
	return false;

	if (!m_frame->page()
	\|\| !m_frame->page()->javaScriptURLsAreAllowed()
	\|\| !m_frame->document()->contentSecurityPolicy()->allowJavaScriptURLs()
	\|\| m_frame->inViewSourceMode())
	return true;

	// We need to hold onto the Frame here because executing script can
	// destroy the frame.
	RefPtr<Frame> protector(m_frame);

	const int javascriptSchemeLength = sizeof("javascript:") - 1;

	String decodedURL = decodeURLEscapeSequences(url.string());
	ScriptValue result = executeScript(decodedURL.substring(javascriptSchemeLength), false);

	// If executing script caused this frame to be removed from the page, we
	// don't want to try to replace its document!
	if (!m_frame->page())
	return true;

	String scriptResult;
	#if USE(JSC)
	JSDOMWindowShell* shell = windowShell(mainThreadNormalWorld());
	JSC::ExecState* exec = shell->window()->globalExec();
	if (!result.getString(exec, scriptResult))
	return true;
	#else
	if (!result.getString(scriptResult))
	return true;
	#endif

	// FIXME: We should always replace the document, but doing so
	// synchronously can cause crashes:
	// http://bugs.webkit.org/show_bug.cgi?id=16782
	if (shouldReplaceDocumentIfJavaScriptURL == ReplaceDocumentIfJavaScriptURL) {
	// We're still in a frame, so there should be a DocumentLoader.
	ASSERT(m_frame->document()->loader());

	// DocumentWriter::replaceDocument can cause the DocumentLoader to get deref'ed and possible destroyed,
	// so protect it with a RefPtr.
	if (RefPtr<DocumentLoader> loader = m_frame->document()->loader())
	loader->writer()->replaceDocument(scriptResult);
	}
	return true;
	}

	} // namespace WebCore