1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
|
/*
* Copyright (C) 2000 Harri Porten (porten@kde.org)
* Copyright (C) 2006 Jon Shier (jshier@iastate.edu)
* Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008, 2010 Apple Inc. All rights reseved.
* Copyright (C) 2006 Alexey Proskuryakov (ap@webkit.org)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
* USA
*/
#include "config.h"
#include "JSLocation.h"
#include "JSDOMBinding.h"
#include <runtime/JSFunction.h>
using namespace JSC;
namespace WebCore {
bool JSLocation::getOwnPropertySlotDelegate(ExecState* exec, PropertyName propertyName, PropertySlot& slot)
{
Frame* frame = wrapped().frame();
if (!frame) {
slot.setUndefined();
return true;
}
// When accessing Location cross-domain, functions are always the native built-in ones.
// See JSDOMWindow::getOwnPropertySlotDelegate for additional details.
// Our custom code is only needed to implement the Window cross-domain scheme, so if access is
// allowed, return false so the normal lookup will take place.
String message;
if (shouldAllowAccessToFrame(exec, frame, message))
return false;
// We only allow access to Location.replace() cross origin.
// Make it read-only / non-configurable to prevent writes via defineProperty.
if (propertyName == exec->propertyNames().replace) {
slot.setCustom(this, ReadOnly | DontDelete | DontEnum, nonCachingStaticFunctionGetter<jsLocationInstanceFunctionReplace, 1>);
return true;
}
printErrorMessageForFrame(frame, message);
slot.setUndefined();
return true;
}
bool JSLocation::putDelegate(ExecState* exec, PropertyName propertyName, JSValue value, PutPropertySlot& slot)
{
Frame* frame = wrapped().frame();
if (!frame)
return true;
if (propertyName == exec->propertyNames().toString || propertyName == exec->propertyNames().valueOf)
return true;
bool sameDomainAccess = shouldAllowAccessToFrame(exec, frame);
static_assert(hasStaticPropertyTable, "The implementation dereferences ClassInfo::staticPropHashTable without null check");
const HashTableValue* entry = JSLocation::info()->staticPropHashTable->entry(propertyName);
if (!entry) {
if (sameDomainAccess)
JSObject::put(this, exec, propertyName, value, slot);
return true;
}
// Cross-domain access to the location is allowed when assigning the whole location,
// but not when assigning the individual pieces, since that might inadvertently
// disclose other parts of the original location.
if (propertyName != exec->propertyNames().href && !sameDomainAccess)
return true;
return false;
}
bool JSLocation::deleteProperty(JSCell* cell, ExecState* exec, PropertyName propertyName)
{
JSLocation* thisObject = jsCast<JSLocation*>(cell);
// Only allow deleting by frames in the same origin.
if (!shouldAllowAccessToFrame(exec, thisObject->wrapped().frame()))
return false;
return Base::deleteProperty(thisObject, exec, propertyName);
}
bool JSLocation::deletePropertyByIndex(JSCell* cell, ExecState* exec, unsigned propertyName)
{
JSLocation* thisObject = jsCast<JSLocation*>(cell);
// Only allow deleting by frames in the same origin.
if (!shouldAllowAccessToFrame(exec, thisObject->wrapped().frame()))
return false;
return Base::deletePropertyByIndex(thisObject, exec, propertyName);
}
void JSLocation::getOwnPropertyNames(JSObject* object, ExecState* exec, PropertyNameArray& propertyNames, EnumerationMode mode)
{
JSLocation* thisObject = jsCast<JSLocation*>(object);
// Only allow the location object to enumerated by frames in the same origin.
if (!shouldAllowAccessToFrame(exec, thisObject->wrapped().frame()))
return;
Base::getOwnPropertyNames(thisObject, exec, propertyNames, mode);
}
bool JSLocation::defineOwnProperty(JSObject* object, ExecState* exec, PropertyName propertyName, const PropertyDescriptor& descriptor, bool throwException)
{
if (descriptor.isAccessorDescriptor() && (propertyName == exec->propertyNames().toString || propertyName == exec->propertyNames().valueOf))
return false;
return Base::defineOwnProperty(object, exec, propertyName, descriptor, throwException);
}
JSValue JSLocation::toStringFunction(ExecState& state)
{
Frame* frame = wrapped().frame();
if (!frame || !shouldAllowAccessToFrame(&state, frame))
return jsUndefined();
return jsStringWithCache(&state, wrapped().toString());
}
bool JSLocationPrototype::putDelegate(ExecState* exec, PropertyName propertyName, JSValue, PutPropertySlot&)
{
return (propertyName == exec->propertyNames().toString || propertyName == exec->propertyNames().valueOf);
}
bool JSLocationPrototype::defineOwnProperty(JSObject* object, ExecState* exec, PropertyName propertyName, const PropertyDescriptor& descriptor, bool throwException)
{
if (descriptor.isAccessorDescriptor() && (propertyName == exec->propertyNames().toString || propertyName == exec->propertyNames().valueOf))
return false;
return Base::defineOwnProperty(object, exec, propertyName, descriptor, throwException);
}
} // namespace WebCore
|
