-
Notifications
You must be signed in to change notification settings - Fork 6.6k
/
execution_context.h
289 lines (230 loc) · 11.1 KB
/
execution_context.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
/*
* Copyright (C) 2008 Apple Inc. All Rights Reserved.
* Copyright (C) 2012 Google Inc. All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY APPLE COMPUTER, INC. ``AS IS'' AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
* OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef THIRD_PARTY_BLINK_RENDERER_CORE_EXECUTION_CONTEXT_EXECUTION_CONTEXT_H_
#define THIRD_PARTY_BLINK_RENDERER_CORE_EXECUTION_CONTEXT_EXECUTION_CONTEXT_H_
#include <memory>
#include "base/location.h"
#include "base/macros.h"
#include "base/unguessable_token.h"
#include "third_party/blink/renderer/core/core_export.h"
#include "third_party/blink/renderer/core/dom/context_lifecycle_notifier.h"
#include "third_party/blink/renderer/core/dom/context_lifecycle_observer.h"
#include "third_party/blink/renderer/platform/heap/handle.h"
#include "third_party/blink/renderer/platform/loader/fetch/access_control_status.h"
#include "third_party/blink/renderer/platform/loader/fetch/https_state.h"
#include "third_party/blink/renderer/platform/supplementable.h"
#include "third_party/blink/renderer/platform/weborigin/referrer_policy.h"
#include "v8/include/v8.h"
namespace base {
class SingleThreadTaskRunner;
}
namespace service_manager {
class InterfaceProvider;
}
namespace blink {
class ConsoleMessage;
class ContentSecurityPolicy;
class CoreProbeSink;
class DOMTimerCoordinator;
class ErrorEvent;
class EventTarget;
class FetchClientSettingsObjectSnapshot;
class FrameOrWorkerScheduler;
class InterfaceInvalidator;
class KURL;
class LocalDOMWindow;
class PausableObject;
class PublicURLManager;
class ResourceFetcher;
class SecurityContext;
class SecurityOrigin;
class ScriptState;
enum class TaskType : unsigned;
enum ReasonForCallingCanExecuteScripts {
kAboutToExecuteScript,
kNotAboutToExecuteScript
};
enum class SecureContextMode { kInsecureContext, kSecureContext };
// An environment in which script can execute. This class exposes the common
// properties of script execution environments on the web (i.e, common between
// script executing in a document and script executing in a worker), such as:
//
// - a base URL for the resolution of relative URLs
// - a security context that defines the privileges associated with the
// environment (note, however, that specific isolated script contexts may
// still enjoy elevated privileges)
// - affordances for the activity (including script and active DOM objects) to
// be paused or terminated, e.g. because a frame has entered the background or
// been closed permanently
// - a console logging facility for debugging
//
// Typically, the ExecutionContext is an instance of Document or of
// WorkerOrWorkletGlobalScope.
//
// Note that this is distinct from the notion of a ScriptState or v8::Context,
// which are associated with a single script context (with a single global
// object). For example, there are separate JavaScript globals for "main world"
// script written by a web author and an "isolated world" content script written
// by an extension developer, but these share an ExecutionContext (the document)
// in common.
class CORE_EXPORT ExecutionContext : public ContextLifecycleNotifier,
public Supplementable<ExecutionContext> {
MERGE_GARBAGE_COLLECTED_MIXINS();
public:
void Trace(blink::Visitor*) override;
static ExecutionContext* From(const ScriptState*);
// Returns the ExecutionContext of the current realm.
static ExecutionContext* ForCurrentRealm(
const v8::FunctionCallbackInfo<v8::Value>&);
// Returns the ExecutionContext of the relevant realm for the receiver object.
static ExecutionContext* ForRelevantRealm(
const v8::FunctionCallbackInfo<v8::Value>&);
virtual bool IsDocument() const { return false; }
virtual bool IsWorkerOrWorkletGlobalScope() const { return false; }
virtual bool IsWorkerGlobalScope() const { return false; }
virtual bool IsWorkletGlobalScope() const { return false; }
virtual bool IsMainThreadWorkletGlobalScope() const { return false; }
virtual bool IsDedicatedWorkerGlobalScope() const { return false; }
virtual bool IsSharedWorkerGlobalScope() const { return false; }
virtual bool IsServiceWorkerGlobalScope() const { return false; }
virtual bool IsAnimationWorkletGlobalScope() const { return false; }
virtual bool IsAudioWorkletGlobalScope() const { return false; }
virtual bool IsLayoutWorkletGlobalScope() const { return false; }
virtual bool IsPaintWorkletGlobalScope() const { return false; }
virtual bool IsThreadedWorkletGlobalScope() const { return false; }
virtual bool IsJSExecutionForbidden() const { return false; }
virtual bool IsContextThread() const { return true; }
virtual bool ShouldInstallV8Extensions() const { return false; }
const SecurityOrigin* GetSecurityOrigin();
SecurityOrigin* GetMutableSecurityOrigin();
ContentSecurityPolicy* GetContentSecurityPolicy();
virtual const KURL& Url() const = 0;
virtual const KURL& BaseURL() const = 0;
virtual KURL CompleteURL(const String& url) const = 0;
virtual void DisableEval(const String& error_message) = 0;
virtual LocalDOMWindow* ExecutingWindow() const { return nullptr; }
virtual String UserAgent() const = 0;
virtual HttpsState GetHttpsState() const = 0;
// Gets the DOMTimerCoordinator which maintains the "active timer
// list" of tasks created by setTimeout and setInterval. The
// DOMTimerCoordinator is owned by the ExecutionContext and should
// not be used after the ExecutionContext is destroyed.
virtual DOMTimerCoordinator* Timers() = 0;
virtual ResourceFetcher* Fetcher() const = 0;
virtual SecurityContext& GetSecurityContext() = 0;
// https://tc39.github.io/ecma262/#sec-agent-clusters
virtual const base::UnguessableToken& GetAgentClusterID() const = 0;
bool IsSameAgentCluster(const base::UnguessableToken&) const;
virtual bool CanExecuteScripts(ReasonForCallingCanExecuteScripts) {
return false;
}
bool ShouldSanitizeScriptError(const String& source_url, AccessControlStatus);
void DispatchErrorEvent(ErrorEvent*, AccessControlStatus);
virtual void AddConsoleMessage(ConsoleMessage*) = 0;
virtual void ExceptionThrown(ErrorEvent*) = 0;
PublicURLManager& GetPublicURLManager();
virtual void RemoveURLFromMemoryCache(const KURL&);
void PausePausableObjects();
void UnpausePausableObjects();
void StopPausableObjects();
void NotifyContextDestroyed() override;
void PauseScheduledTasks();
void UnpauseScheduledTasks();
// TODO(haraken): Remove these methods by making the customers inherit from
// PausableObject. PausableObject is a standard way to observe context
// suspension/resumption.
virtual bool TasksNeedPause() { return false; }
virtual void TasksWerePaused() {}
virtual void TasksWereUnpaused() {}
bool IsContextPaused() const { return is_context_paused_; }
bool IsContextDestroyed() const { return is_context_destroyed_; }
// Called after the construction of an PausableObject to synchronize
// pause state.
void PausePausableObjectIfNeeded(PausableObject*);
// Gets the next id in a circular sequence from 1 to 2^31-1.
int CircularSequentialID();
virtual EventTarget* ErrorEventTarget() = 0;
// Methods related to window interaction. It should be used to manage window
// focusing and window creation permission for an ExecutionContext.
void AllowWindowInteraction();
void ConsumeWindowInteraction();
bool IsWindowInteractionAllowed() const;
// Decides whether this context is privileged, as described in
// https://w3c.github.io/webappsec-secure-contexts/#is-settings-object-contextually-secure.
virtual bool IsSecureContext(String& error_message) const = 0;
virtual bool IsSecureContext() const;
SecureContextMode GetSecureContextMode() const {
return IsSecureContext() ? SecureContextMode::kSecureContext
: SecureContextMode::kInsecureContext;
}
// Returns a referrer to be used in the "Determine request's Referrer"
// algorithm defined in the Referrer Policy spec.
// https://w3c.github.io/webappsec-referrer-policy/#determine-requests-referrer
virtual String OutgoingReferrer() const;
FetchClientSettingsObjectSnapshot* CreateFetchClientSettingsObjectSnapshot();
// Parses a comma-separated list of referrer policy tokens, and sets
// the context's referrer policy to the last one that is a valid
// policy. Logs a message to the console if none of the policy
// tokens are valid policies.
//
// If |supportLegacyKeywords| is true, then the legacy keywords
// "never", "default", "always", and "origin-when-crossorigin" are
// parsed as valid policies.
void ParseAndSetReferrerPolicy(const String& policies,
bool support_legacy_keywords = false);
void SetReferrerPolicy(ReferrerPolicy);
virtual ReferrerPolicy GetReferrerPolicy() const { return referrer_policy_; }
virtual CoreProbeSink* GetProbeSink() { return nullptr; }
virtual service_manager::InterfaceProvider* GetInterfaceProvider() {
return nullptr;
}
virtual FrameOrWorkerScheduler* GetScheduler() = 0;
virtual scoped_refptr<base::SingleThreadTaskRunner> GetTaskRunner(
TaskType) = 0;
InterfaceInvalidator* GetInterfaceInvalidator() { return invalidator_.get(); }
protected:
ExecutionContext();
~ExecutionContext() override;
private:
bool DispatchErrorEventInternal(ErrorEvent*, AccessControlStatus);
unsigned circular_sequential_id_;
bool in_dispatch_error_event_;
HeapVector<Member<ErrorEvent>> pending_exceptions_;
bool is_context_paused_;
bool is_context_destroyed_;
Member<PublicURLManager> public_url_manager_;
// Counter that keeps track of how many window interaction calls are allowed
// for this ExecutionContext. Callers are expected to call
// |allowWindowInteraction()| and |consumeWindowInteraction()| in order to
// increment and decrement the counter.
int window_interaction_tokens_;
ReferrerPolicy referrer_policy_;
std::unique_ptr<InterfaceInvalidator> invalidator_;
DISALLOW_COPY_AND_ASSIGN(ExecutionContext);
};
} // namespace blink
#endif // THIRD_PARTY_BLINK_RENDERER_CORE_EXECUTION_CONTEXT_EXECUTION_CONTEXT_H_