Replace ContentSecurityPolicy::client() with a method returning an ExecutionContext

As bug305497 is marked WontFix, I'd like to merge back ExecutionContextClient to ExecutionContext for readability. This is 1st step for that. Note about behavior change induced by this CL addConsoleMessage(): When addConsoleMessage() is called via ExecutionContextClient, it just calls addMessage(). But ExecutionContext has non-virtual addConsoleMessage() which checks if m_client is non-NULL. We'll call the latter after this CL. If this change breaks something, that means such an addConsoleMessage() call has been invalid since it's called on an ExecutionContext that is already partially destructed. isDocument(): OK for the same reason. disableEval(): OK for the same reason. securityContext() and reportBlockedScriptExecutionToInspector(): No change as ExecutionContext doesn't have a non-virtual override for it. contextURL() and contextCompleteURL(): No change as they're implemented only on ExecutionContextClient. BUG=305497 Review URL: https://codereview.chromium.org/332993002 git-svn-id: svn://svn.chromium.org/blink/trunk@176183 bbb929c8-8fbe-4397-9dbb-9b2b20218538

Replace ContentSecurityPolicy::client() with a method returning an ExecutionContext
As bug305497 is marked WontFix, I'd like to merge back ExecutionContextClient to ExecutionContext for readability. This is 1st step for that. Note about behavior change induced by this CL addConsoleMessage(): When addConsoleMessage() is called via ExecutionContextClient, it just calls addMessage(). But ExecutionContext has non-virtual addConsoleMessage() which checks if m_client is non-NULL. We'll call the latter after this CL. If this change breaks something, that means such an addConsoleMessage() call has been invalid since it's called on an ExecutionContext that is already partially destructed. isDocument(): OK for the same reason. disableEval(): OK for the same reason. securityContext() and reportBlockedScriptExecutionToInspector(): No change as ExecutionContext doesn't have a non-virtual override for it. contextURL() and contextCompleteURL(): No change as they're implemented only on ExecutionContextClient. BUG=305497 Review URL: https://codereview.chromium.org/332993002 git-svn-id: svn://svn.chromium.org/blink/trunk@176183 bbb929c8-8fbe-4397-9dbb-9b2b20218538
0377b0ef · tyoshino@chromium.org · dc0f8ef9 · 0377b0ef · 0377b0ef · 0377b0ef
Commit 0377b0ef authored Jun 16, 2014 by tyoshino@chromium.org
8 changed files
--- a/third_party/WebKit/Source/core/dom/ExecutionContext.cpp
+++ b/third_party/WebKit/Source/core/dom/ExecutionContext.cpp
@@ -254,7 +254,7 @@ const KURL& ExecutionContext::url() const
        return emptyURL;
    }
-    return m_client->virtualURL();
+    return virtualURL();
 }
 KURL ExecutionContext::completeURL(const String& url) const
@@ -265,7 +265,7 @@ KURL ExecutionContext::completeURL(const String& url) const
        return emptyURL;
    }
-    return m_client->virtualCompleteURL(url);
+    return virtualCompleteURL(url);
 }
 void ExecutionContext::disableEval(const String& errorMessage)

--- a/third_party/WebKit/Source/core/dom/ExecutionContext.h
+++ b/third_party/WebKit/Source/core/dom/ExecutionContext.h
@@ -85,6 +85,12 @@ public:
    void postTask(const Closure&);
    double timerAlignmentInterval() const;
+    virtual void reportBlockedScriptExecutionToInspector(const String& directiveText) = 0;
+    virtual SecurityContext& securityContext() = 0;
+    KURL contextURL() const { return virtualURL(); }
+    KURL contextCompleteURL(const String& url) const { return virtualCompleteURL(url); }
    bool shouldSanitizeScriptError(const String& sourceURL, AccessControlStatus);
    void reportException(PassRefPtrWillBeRawPtr<ErrorEvent>, PassRefPtrWillBeRawPtr<ScriptCallStack>, AccessControlStatus);
@@ -132,6 +138,9 @@ public:
 protected:
    void setClient(ExecutionContextClient* client) { m_client = client; }
+    virtual const KURL& virtualURL() const = 0;
+    virtual KURL virtualCompleteURL(const String&) const = 0;
    ContextLifecycleNotifier& lifecycleNotifier();
 private:

--- a/third_party/WebKit/Source/core/dom/ExecutionContextClient.h
+++ b/third_party/WebKit/Source/core/dom/ExecutionContextClient.h
@@ -56,10 +56,7 @@ public:
    virtual String userAgent(const KURL&) const = 0;
    virtual void disableEval(const String& errorMessage) = 0;
    virtual SecurityContext& securityContext() = 0;
-    virtual const KURL& virtualURL() const = 0;
-    virtual KURL virtualCompleteURL(const String&) const = 0;
    virtual void addMessage(MessageSource, MessageLevel, const String& message, const String& sourceURL, unsigned lineNumber, ScriptState*) = 0;
-    virtual void reportBlockedScriptExecutionToInspector(const String& directiveText) = 0;
    virtual EventTarget* errorEventTarget() = 0;
    virtual void logExceptionToConsole(const String& errorMessage, const String& sourceURL, int lineNumber, int columnNumber, PassRefPtrWillBeRawPtr<ScriptCallStack>) = 0;
    virtual double timerAlignmentInterval() const = 0;
@@ -70,8 +67,6 @@ public:
    void addConsoleMessage(MessageSource source, MessageLevel level, const String& message, const String& sourceURL, unsigned lineNumber) { addMessage(source, level, message, sourceURL, lineNumber, 0); }
    void addConsoleMessage(MessageSource source, MessageLevel level, const String& message, ScriptState* state = 0) { addMessage(source, level, message, String(), 0, state); }
-    KURL contextURL() const { return virtualURL(); }
-    KURL contextCompleteURL(const String& url) const { return virtualCompleteURL(url); }
 protected:
    virtual ~ExecutionContextClient() { }

--- a/third_party/WebKit/Source/core/dom/MainThreadTaskRunnerTest.cpp
+++ b/third_party/WebKit/Source/core/dom/MainThreadTaskRunnerTest.cpp
@@ -30,8 +30,10 @@
 #include "core/dom/ExecutionContext.h"
 #include "core/dom/ExecutionContextTask.h"
+#include "core/dom/SecurityContext.h"
 #include "core/events/EventQueue.h"
 #include "core/testing/UnitTestHelpers.h"
+#include "wtf/Forward.h"
 #include <gtest/gtest.h>
 using namespace WebCore;
@@ -47,7 +49,7 @@ public:
    virtual void close() OVERRIDE { }
 };
-class NullExecutionContext : public RefCountedWillBeGarbageCollectedFinalized<NullExecutionContext>, public ExecutionContext {
+class NullExecutionContext : public RefCountedWillBeGarbageCollectedFinalized<NullExecutionContext>, public SecurityContext, public ExecutionContext {
    WILL_BE_USING_GARBAGE_COLLECTED_MIXIN(NullExecutionContext);
 public:
    NullExecutionContext();
@@ -67,13 +69,23 @@ public:
    using RefCounted<NullExecutionContext>::ref;
    using RefCounted<NullExecutionContext>::deref;
+    virtual void reportBlockedScriptExecutionToInspector(const String& directiveText) OVERRIDE { }
+    virtual SecurityContext& securityContext() { return *this; }
    virtual void refExecutionContext() OVERRIDE { ref(); }
    virtual void derefExecutionContext() OVERRIDE { deref(); }
 #endif
+protected:
+    virtual const KURL& virtualURL() const OVERRIDE { return m_dummyURL; }
+    virtual KURL virtualCompleteURL(const String&) const OVERRIDE { return m_dummyURL; }
 private:
    bool m_tasksNeedSuspension;
    OwnPtrWillBeMember<EventQueue> m_queue;
+    KURL m_dummyURL;
 };
 NullExecutionContext::NullExecutionContext()

--- a/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp
+++ b/third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp
@@ -44,21 +44,21 @@ PassOwnPtr<CSPDirectiveList> CSPDirectiveList::create(ContentSecurityPolicy* pol
 void CSPDirectiveList::reportViolation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL) const
 {
    String message = m_reportOnly ? "[Report Only] " + consoleMessage : consoleMessage;
-    m_policy->client()->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, message);
+    m_policy->executionContext()->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, message);
    m_policy->reportViolation(directiveText, effectiveDirective, message, blockedURL, m_reportURIs, m_header);
 }
 void CSPDirectiveList::reportViolationWithLocation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const String& contextURL, const WTF::OrdinalNumber& contextLine) const
 {
    String message = m_reportOnly ? "[Report Only] " + consoleMessage : consoleMessage;
-    m_policy->client()->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, message, contextURL, contextLine.oneBasedInt());
+    m_policy->executionContext()->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, message, contextURL, contextLine.oneBasedInt());
    m_policy->reportViolation(directiveText, effectiveDirective, message, blockedURL, m_reportURIs, m_header);
 }
 void CSPDirectiveList::reportViolationWithState(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, ScriptState* scriptState) const
 {
    String message = m_reportOnly ? "[Report Only] " + consoleMessage : consoleMessage;
-    m_policy->client()->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, message, scriptState);
+    m_policy->executionContext()->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, message, scriptState);
    m_policy->reportViolation(directiveText, effectiveDirective, message, blockedURL, m_reportURIs, m_header);
 }
@@ -677,4 +677,3 @@ void CSPDirectiveList::addDirective(const String& name, const String& value)
 } // namespace WebCore
--- a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
+++ b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
@@ -130,8 +130,8 @@ static ReferrerPolicy mergeReferrerPolicies(ReferrerPolicy a, ReferrerPolicy b)
    return a;
 }
-ContentSecurityPolicy::ContentSecurityPolicy(ExecutionContextClient* client)
+ContentSecurityPolicy::ContentSecurityPolicy(ExecutionContext* executionContext)
-    : m_client(client)
+    : m_executionContext(executionContext)
    , m_overrideInlineStyleAllowed(false)
    , m_scriptHashAlgorithmsUsed(ContentSecurityPolicyHashAlgorithmNone)
    , m_styleHashAlgorithmsUsed(ContentSecurityPolicyHashAlgorithmNone)
@@ -198,7 +198,7 @@ void ContentSecurityPolicy::addPolicyFromHeaderValue(const String& header, Conte
        // We disable 'eval()' even in the case of report-only policies, and rely on the check in the V8Initializer::codeGenerationCheckCallbackInMainThread callback to determine whether the call should execute or not.
        if (!policy->allowEval(0, SuppressReport))
-            m_client->disableEval(policy->evalDisabledErrorMessage());
+            m_executionContext->disableEval(policy->evalDisabledErrorMessage());
        m_policies.append(policy.release());
@@ -474,8 +474,8 @@ bool ContentSecurityPolicy::allowChildContextFromSource(const KURL& url, Content
 bool ContentSecurityPolicy::allowWorkerContextFromSource(const KURL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
 {
    // CSP 1.1 moves workers from 'script-src' to the new 'child-src'. Measure the impact of this backwards-incompatible change.
-    if (m_client->isDocument()) {
+    if (m_executionContext->isDocument()) {
-        Document* document = static_cast<Document*>(m_client);
+        Document* document = static_cast<Document*>(m_executionContext);
        UseCounter::count(*document, UseCounter::WorkerSubjectToCSP);
        if (isAllowedByAllWithURL<&CSPDirectiveList::allowChildContextFromSource>(m_policies, url, SuppressReport) && !isAllowedByAllWithURL<&CSPDirectiveList::allowScriptFromSource>(m_policies, url, SuppressReport))
            UseCounter::count(*document, UseCounter::WorkerAllowedByChildBlockedByScript);
@@ -527,17 +527,17 @@ bool ContentSecurityPolicy::didSetReferrerPolicy() const
 SecurityOrigin* ContentSecurityPolicy::securityOrigin() const
 {
-    return m_client->securityContext().securityOrigin();
+    return m_executionContext->securityContext().securityOrigin();
 }
 const KURL ContentSecurityPolicy::url() const
 {
-    return m_client->contextURL();
+    return m_executionContext->contextURL();
 }
 KURL ContentSecurityPolicy::completeURL(const String& url) const
 {
-    return m_client->contextCompleteURL(url);
+    return m_executionContext->contextCompleteURL(url);
 }
 void ContentSecurityPolicy::enforceSandboxFlags(SandboxFlags mask) const
@@ -588,7 +588,7 @@ static void gatherSecurityPolicyViolationEventData(SecurityPolicyViolationEventI
 void ContentSecurityPolicy::reportViolation(const String& directiveText, const String& effectiveDirective, const String& consoleMessage, const KURL& blockedURL, const Vector<KURL>& reportURIs, const String& header)
 {
    // FIXME: Support sending reports from worker.
-    if (!m_client->isDocument())
+    if (!m_executionContext->isDocument())
        return;
    Document* document = this->document();
@@ -749,12 +749,12 @@ void ContentSecurityPolicy::reportMissingReportURI(const String& policy) const
 void ContentSecurityPolicy::logToConsole(const String& message) const
 {
-    m_client->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, message);
+    m_executionContext->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, message);
 }
 void ContentSecurityPolicy::reportBlockedScriptExecutionToInspector(const String& directiveText) const
 {
-    m_client->reportBlockedScriptExecutionToInspector(directiveText);
+    m_executionContext->reportBlockedScriptExecutionToInspector(directiveText);
 }
 bool ContentSecurityPolicy::experimentalFeaturesEnabled() const

--- a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h
+++ b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h
@@ -28,6 +28,7 @@
 #include "bindings/v8/ScriptState.h"
 #include "core/dom/Document.h"
+#include "core/dom/ExecutionContext.h"
 #include "platform/network/ContentSecurityPolicyParsers.h"
 #include "platform/network/HTTPParsers.h"
 #include "platform/weborigin/ReferrerPolicy.h"
@@ -51,7 +52,6 @@ class CSPDirectiveList;
 class DOMStringList;
 class JSONObject;
 class KURL;
-class ExecutionContextClient;
 class SecurityOrigin;
 typedef int SandboxFlags;
@@ -82,9 +82,9 @@ public:
    static const char ReflectedXSS[];
    static const char Referrer[];
-    static PassRefPtr<ContentSecurityPolicy> create(ExecutionContextClient* client)
+    static PassRefPtr<ContentSecurityPolicy> create(ExecutionContext* executionContext)
    {
-        return adoptRef(new ContentSecurityPolicy(client));
+        return adoptRef(new ContentSecurityPolicy(executionContext));
    }
    ~ContentSecurityPolicy();
@@ -173,11 +173,11 @@ public:
    static bool isDirectiveName(const String&);
-    ExecutionContextClient* client() const { return m_client; }
+    ExecutionContext* executionContext() const { return m_executionContext; }
-    Document* document() const { return client()->isDocument() ? toDocument(client()) : 0; }
+    Document* document() const { return m_executionContext->isDocument() ? toDocument(m_executionContext) : 0; }
 private:
-    explicit ContentSecurityPolicy(ExecutionContextClient*);
+    explicit ContentSecurityPolicy(ExecutionContext*);
    void logToConsole(const String& message) const;
    void addPolicyFromHeaderValue(const String&, ContentSecurityPolicyHeaderType, ContentSecurityPolicyHeaderSource);
@@ -185,7 +185,7 @@ private:
    bool shouldSendViolationReport(const String&) const;
    void didSendViolationReport(const String&);
-    ExecutionContextClient* m_client;
+    ExecutionContext* m_executionContext;
    bool m_overrideInlineStyleAllowed;
    CSPDirectiveListVector m_policies;

--- a/third_party/WebKit/Source/modules/indexeddb/IDBRequestTest.cpp
+++ b/third_party/WebKit/Source/modules/indexeddb/IDBRequestTest.cpp
@@ -28,6 +28,7 @@
 #include "core/dom/DOMError.h"
 #include "core/dom/Document.h"
+#include "core/dom/SecurityContext.h"
 #include "core/events/EventQueue.h"
 #include "modules/indexeddb/IDBDatabaseCallbacks.h"
 #include "modules/indexeddb/IDBKeyRange.h"
@@ -53,7 +54,7 @@ public:
    virtual void close() OVERRIDE { }
 };
-class NullExecutionContext FINAL : public RefCountedWillBeGarbageCollectedFinalized<NullExecutionContext>, public ExecutionContext {
+class NullExecutionContext FINAL : public RefCountedWillBeGarbageCollectedFinalized<NullExecutionContext>, public SecurityContext, public ExecutionContext {
    WILL_BE_USING_GARBAGE_COLLECTED_MIXIN(NullExecutionContext);
 public:
    NullExecutionContext();
@@ -70,12 +71,22 @@ public:
    using RefCounted<NullExecutionContext>::ref;
    using RefCounted<NullExecutionContext>::deref;
+    virtual void reportBlockedScriptExecutionToInspector(const String& directiveText) OVERRIDE { }
+    virtual SecurityContext& securityContext() { return *this; }
    virtual void refExecutionContext() OVERRIDE { ref(); }
    virtual void derefExecutionContext() OVERRIDE { deref(); }
 #endif
+protected:
+    virtual const KURL& virtualURL() const OVERRIDE { return m_dummyURL; }
+    virtual KURL virtualCompleteURL(const String&) const OVERRIDE { return m_dummyURL; }
 private:
    OwnPtrWillBeMember<EventQueue> m_queue;
+    KURL m_dummyURL;
 };
 NullExecutionContext::NullExecutionContext()