ScriptController: limit script execution API to executeScript and callFunction, pass valid ScriptEx…

Source/bindings/v8/ScriptController.cpp

 /*
  * Copyright (C) 2008, 2009 Google Inc. All rights reserved.
  * Copyright (C) 2009 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
@@ skipping 132 matching lines @@
 
 void ScriptController::updateSecurityOrigin()
 {
     m_windowShell->updateSecurityOrigin();
 }
 
 v8::Local<v8::Value> ScriptController::callFunction(v8::Handle<v8::Function> function, v8::Handle<v8::Object> receiver, int argc, v8::Handle<v8::Value> args[])
 {
     // Keep Frame (and therefore ScriptController) alive.
     RefPtr<Frame> protect(m_frame);
-    return ScriptController::callFunctionWithInstrumentation(m_frame ? m_frame->document() : 0, function, receiver, argc, args, m_isolate);
-}
-
-ScriptValue ScriptController::callFunctionEvenIfScriptDisabled(v8::Handle<v8::Function> function, v8::Handle<v8::Object> receiver, int argc, v8::Handle<v8::Value> argv[])
-{
-    return ScriptValue(callFunction(function, receiver, argc, argv), m_isolate);
+    return ScriptController::callFunction(m_frame->document(), function, receiver, argc, args, m_isolate);
 }
 
 static void resourceInfo(const v8::Handle<v8::Function> function, String& resourceName, int& lineNumber)
 {
     v8::ScriptOrigin origin = function->GetScriptOrigin();
     if (origin.ResourceName().IsEmpty()) {
         resourceName = "undefined";
         lineNumber = 1;
     } else {
         resourceName = toWebCoreString(origin.ResourceName());
         lineNumber = function->GetScriptLineNumber() + 1;
     }
 }
 
 static String resourceString(const v8::Handle<v8::Function> function)
 {
     String resourceName;
     int lineNumber;
     resourceInfo(function, resourceName, lineNumber);
 
     StringBuilder builder;
     builder.append(resourceName);
     builder.append(':');
     builder.appendNumber(lineNumber);
     return builder.toString();
 }
 
-v8::Local<v8::Value> ScriptController::callFunctionWithInstrumentation(ScriptExecutionContext* context, v8::Handle<v8::Function> function, v8::Handle<v8::Object> receiver, int argc, v8::Handle<v8::Value> args[], v8::Isolate* isolate)
+v8::Local<v8::Value> ScriptController::callFunction(ScriptExecutionContext* context, v8::Handle<v8::Function> function, v8::Handle<v8::Object> receiver, int argc, v8::Handle<v8::Value> args[], v8::Isolate* isolate)
 {
     InspectorInstrumentationCookie cookie;
     if (InspectorInstrumentation::timelineAgentEnabled(context)) {
         String resourceName;
         int lineNumber;
         resourceInfo(function, resourceName, lineNumber);
         cookie = InspectorInstrumentation::willCallFunction(context, resourceName, lineNumber);
     }
 
     v8::Local<v8::Value> result = V8ScriptRunner::callFunction(function, context, receiver, argc, args, isolate);
 
     InspectorInstrumentation::didCallFunction(cookie);
     return result;
 }
 
-v8::Local<v8::Value> ScriptController::compileAndRunScript(const ScriptSourceCode& source, AccessControlStatus corsStatus)
+v8::Local<v8::Value> ScriptController::executeScriptAndReturnValue(v8::Handle<v8::Context> context, const ScriptSourceCode& source, AccessControlStatus corsStatus)
 {
-    ASSERT(v8::Context::InContext());
+    v8::Context::Scope scope(context);
 
     InspectorInstrumentationCookie cookie = InspectorInstrumentation::willEvaluateScript(m_frame, source.url().isNull() ? String() : source.url().string(), source.startLine());
 
     v8::Local<v8::Value> result;
     {
         // Isolate exceptions that occur when compiling and executing
         // the code. These exceptions should not interfere with
         // javascript code we might evaluate from C++ when returning
         // from here.
         v8::TryCatch tryCatch;
@@ skipping 92 matching lines @@
 {
     if (!v8::Context::InContext())
         return contextForWorld(this, mainThreadNormalWorld());
 
     v8::Handle<v8::Context> context = v8::Context::GetEntered();
     DOMWrapperWorld* isolatedWorld = DOMWrapperWorld::isolatedWorld(context);
     if (!isolatedWorld)
         return contextForWorld(this, mainThreadNormalWorld());
 
     Frame* frame = toFrameIfNotDetached(context);
-    if (!m_frame)
-        return v8::Local<v8::Context>();
-
     if (m_frame == frame)
         return v8::Local<v8::Context>::New(m_isolate, context);
 
     return contextForWorld(this, isolatedWorld);
 }
 
 v8::Local<v8::Context> ScriptController::mainWorldContext()
 {
     return contextForWorld(this, mainThreadNormalWorld());
 }
@@ skipping 333 matching lines @@
     if (v8Context.IsEmpty())
         return ScriptValue();
 
     RefPtr<Frame> protect(m_frame);
     if (m_frame->loader()->stateMachine()->isDisplayingInitialEmptyDocument())
         m_frame->loader()->didAccessInitialDocument();
 
     OwnPtr<ScriptSourceCode> maybeProcessedSourceCode =  InspectorInstrumentation::preprocess(m_frame, sourceCode);
     const ScriptSourceCode& sourceCodeToCompile = maybeProcessedSourceCode ? *maybeProcessedSourceCode : sourceCode;
 
-    v8::Context::Scope scope(v8Context);
-    v8::Local<v8::Value> object = compileAndRunScript(sourceCodeToCompile, corsStatus);
-
+    v8::Local<v8::Value> object = executeScriptAndReturnValue(v8Context, sourceCodeToCompile, corsStatus);
     m_sourceURL = savedSourceURL;
 
     if (object.IsEmpty())
         return ScriptValue();
 
     return ScriptValue(object, m_isolate);
 }
 
 void ScriptController::executeScriptInIsolatedWorld(int worldID, const Vector<ScriptSourceCode>& sources, int extensionGroup, Vector<ScriptValue>* results)
 {
     ASSERT(worldID > 0);
 
     v8::HandleScope handleScope(m_isolate);
     v8::Local<v8::Array> v8Results;
     {
         v8::HandleScope evaluateHandleScope(m_isolate);
         RefPtr<DOMWrapperWorld> world = DOMWrapperWorld::ensureIsolatedWorld(worldID, extensionGroup);
         V8WindowShell* isolatedWorldShell = windowShell(world.get());
 
         if (!isolatedWorldShell->isContextInitialized())
             return;
 
         v8::Local<v8::Context> context = isolatedWorldShell->context();
         v8::Context::Scope contextScope(context);
         v8::Local<v8::Array> resultArray = v8::Array::New(sources.size());
 
         for (size_t i = 0; i < sources.size(); ++i) {
-            v8::Local<v8::Value> evaluationResult = compileAndRunScript(sources[i]);
+            v8::Local<v8::Value> evaluationResult = executeScriptAndReturnValue(context, sources[i]);
             if (evaluationResult.IsEmpty())
                 evaluationResult = v8::Local<v8::Value>::New(m_isolate, v8::Undefined(m_isolate));
             resultArray->Set(i, evaluationResult);
         }
 
         v8Results = evaluateHandleScope.Close(resultArray);
     }
 
     if (results && !v8Results.IsEmpty()) {
         for (size_t i = 0; i < v8Results->Length(); ++i)
             results->append(ScriptValue(v8Results->Get(i), m_isolate));
     }
 }
 
 } // namespace WebCore