Use BigString16 for JavaScript execution

When passing strings to the renderer for execution, use BigString16, which has no strict limit on their length. This is due to the fact that this API is sometimes used to pass JavaScript that is user-provided and therefore we can't make any guarantees about its length. Bug: 1073673 Change-Id: I013312968161c56e0856226cd650095558c201f3 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2167577Reviewed-by: Ken Rockot <rockot@google.com> Reviewed-by: Daniel Cheng <dcheng@chromium.org> Commit-Queue: Avi Drissman <avi@chromium.org> Cr-Commit-Position: refs/heads/master@{#763999}

Use BigString16 for JavaScript execution
When passing strings to the renderer for execution, use BigString16, which has no strict limit on their length. This is due to the fact that this API is sometimes used to pass JavaScript that is user-provided and therefore we can't make any guarantees about its length. Bug: 1073673 Change-Id: I013312968161c56e0856226cd650095558c201f3 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2167577Reviewed-by: Ken Rockot <rockot@google.com> Reviewed-by: Daniel Cheng <dcheng@chromium.org> Commit-Queue: Avi Drissman <avi@chromium.org> Cr-Commit-Position: refs/heads/master@{#763999}
90630d9d · Avi Drissman · Commit Bot · 7f5c997b · 90630d9d
Commit 90630d9d authored Apr 29, 2020 by Avi Drissman Committed by Commit Bot Apr 29, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 4 deletions

content/common/frame.mojom content/common/frame.mojom +7 -4

No files found.
--- a/content/common/frame.mojom
+++ b/content/common/frame.mojom
@@ -180,7 +180,10 @@ interface FrameNavigationControl {
  // Request for the renderer to execute JavaScript in the frame's context.
  //
  // |javascript| is the string containing the JavaScript to be executed in the
-  // target frame's context.
+  // target frame's context. Note that this uses BigString16 rather than
+  // String16 as this is used in contexts, like DevTools, where the contents of
+  // the JavaScript script is user-provided, and therefore we can't guarantee
+  // the size of the script.
  //
  // |wants_result| is true if the result of this execution is required by the
  // caller. If it is false, a reply is still required by Mojo, but a null value
@@ -190,14 +193,14 @@ interface FrameNavigationControl {
  // order with other navigation-related messages. Fix this and move this to a
  // non-navigate-related interface if possible.
  JavaScriptExecuteRequest(
-      mojo_base.mojom.String16 javascript,
+      mojo_base.mojom.BigString16 javascript,
      bool wants_result) => (mojo_base.mojom.Value result);
  // ONLY FOR TESTS: Same as above but this can optionally trigger a fake user
  // activation notification to test functionalities that are gated by user
  // activation.
  JavaScriptExecuteRequestForTests(
-      mojo_base.mojom.String16 javascript,
+      mojo_base.mojom.BigString16 javascript,
      bool wants_result,
      bool has_user_gesture,
      int32 world_id)
@@ -206,7 +209,7 @@ interface FrameNavigationControl {
  // Same as JavaScriptExecuteRequest above except the script is run in the
  // isolated world specified by the fourth parameter.
  JavaScriptExecuteRequestInIsolatedWorld(
-      mojo_base.mojom.String16 javascript,
+      mojo_base.mojom.BigString16 javascript,
      bool wants_result,
      int32 world_id) => (mojo_base.mojom.Value result);