Suppress ScriptForbiddenScope in Document.cpp and FrameView.cpp in release mode

r178351 enabled ScriptForbiddenScope in release builds, then we hit a lot of crashes from real-world plugins (see the below bugs). We should suppress the ScriptForbiddenScopes in Document.cpp and FrameView.cpp in release builds.

BUG=395299,395081,395164

Review URL: https://codereview.chromium.org/403133002

git-svn-id: svn://svn.chromium.org/blink/trunk@178518 bbb929c8-8fbe-4397-9dbb-9b2b20218538

third_party/WebKit/Source/bindings/core/v8/NPV8Object.cpp

@@ -204,6 +204,8 @@ void disposeUnderlyingV8Object(NPObject* npObject, v8::Isolate* isolate)
 
 bool _NPN_Invoke(NPP npp, NPObject* npObject, NPIdentifier methodName, const NPVariant* arguments, uint32_t argumentCount, NPVariant* result)
 {
+    ScriptForbiddenScope::AllowSuperUnsafeScript thisShouldBeRemoved;
+
     if (!npObject)
         return false;
 
@@ -269,6 +271,8 @@ bool _NPN_Invoke(NPP npp, NPObject* npObject, NPIdentifier methodName, const NPV
 // FIXME: Fix it same as _NPN_Invoke (HandleScope and such).
 bool _NPN_InvokeDefault(NPP npp, NPObject* npObject, const NPVariant* arguments, uint32_t argumentCount, NPVariant* result)
 {
+    ScriptForbiddenScope::AllowSuperUnsafeScript thisShouldBeRemoved;
+
     if (!npObject)
         return false;
 
@@ -324,6 +328,8 @@ bool _NPN_Evaluate(NPP npp, NPObject* npObject, NPString* npScript, NPVariant* r
 
 bool _NPN_EvaluateHelper(NPP npp, bool popupsAllowed, NPObject* npObject, NPString* npScript, NPVariant* result)
 {
+    ScriptForbiddenScope::AllowSuperUnsafeScript thisShouldBeRemoved;
+
     VOID_TO_NPVARIANT(*result);
     if (!npObject)
         return false;

third_party/WebKit/Source/platform/ScriptForbiddenScope.cpp

@@ -40,4 +40,18 @@ ScriptForbiddenScope::AllowUserAgentScript::~AllowUserAgentScript()
     ASSERT(!s_scriptForbiddenCount);
 }
 
+ScriptForbiddenScope::AllowSuperUnsafeScript::AllowSuperUnsafeScript()
+#if !ASSERT_ENABLED
+    : m_change(s_scriptForbiddenCount, 0)
+#endif
+{
+}
+
+ScriptForbiddenScope::AllowSuperUnsafeScript::~AllowSuperUnsafeScript()
+{
+#if !ASSERT_ENABLED
+    RELEASE_ASSERT(!s_scriptForbiddenCount);
+#endif
+}
+
 } // namespace blink

third_party/WebKit/Source/platform/ScriptForbiddenScope.h

@@ -24,6 +24,20 @@ public:
         TemporaryChange<unsigned> m_change;
     };
 
+    // FIXME: This should be removed. AllowSuperUnsafeScript is used
+    // to exceptionally allow script execution in ScriptForbiddenScope, because
+    // some real-world plugins try to execute script in ScriptForbiddenScope.
+    // This is unsafe and we should get rid of all the unsafe script executions.
+    class PLATFORM_EXPORT AllowSuperUnsafeScript {
+    public:
+        AllowSuperUnsafeScript();
+        ~AllowSuperUnsafeScript();
+#if !ASSERT_ENABLED
+    private:
+        TemporaryChange<unsigned> m_change;
+#endif
+    };
+
     static bool isScriptForbidden();
 };
 

third_party/WebKit/Source/web/WebPluginContainerImpl.cpp

@@ -684,6 +684,8 @@ WebPluginContainerImpl::~WebPluginContainerImpl()
         m_element->document().didRemoveTouchEventHandler(m_element);
 #endif
 
+    ScriptForbiddenScope::AllowSuperUnsafeScript thisShouldBeRemoved;
+
     for (size_t i = 0; i < m_pluginLoadObservers.size(); ++i)
         m_pluginLoadObservers[i]->clearPluginContainer();
     m_webPlugin->destroy();