Revision: 5351
Author: [email protected]
Date: Thu Apr 11 19:45:31 2013
Log: Eliminate SES guest frames and execute guest code in taming frame.
https://codereview.appspot.com/8622044
* In ES5 mode, use the taming frame instead of the guest frame for
evaluating guest code.
* Don't create a guest frame.
* Rename ses-taming-frame.js to ses-single-frame.js.
This improves performance by loading fewer frames, especially when there
are multiple guests. It also makes way for being able to operate in the
presence of the 'Firefox 15 cross-frame freeze bug', since the objects
exposed to the guest are no longer from a different frame.
This also removes the possibility of implementing "CES" (guest frames
with unfrozen primordial objects); we will have to revert these changes
if that becomes needed).
Caveats:
* guestManager.iframe is now always the combined frame, and if clients
depended on it being distinct they are now wrong. We should deprecate
that access and give it a more clearly for-internal-testing-only name.
* mitigateGotchas is no longer excluded from the taming frame because
that distinction does not exist.
[email protected]
http://code.google.com/p/google-caja/source/detail?r=5351
Modified:
/trunk/build.xml
/trunk/src/com/google/caja/plugin/caja.js
/trunk/src/com/google/caja/plugin/guest-manager.js
/trunk/src/com/google/caja/plugin/ses-frame-group.js
=======================================
--- /trunk/build.xml Tue Apr 9 19:24:18 2013
+++ /trunk/build.xml Thu Apr 11 19:45:31 2013
@@ -1030,17 +1030,17 @@
<input file="${src.caja}/plugin/caja-iframe-done.js"/>
</transform>
<transform>
- <!-- ses-taming-frame: Used by caja.js when the browser is
SES-capable.
+ <!-- ses-single-frame: Used by caja.js when the browser is
SES-capable.
-->
- <output file="${lib}/ses-taming-frame.jslint.stamp"
+ <output file="${lib}/ses-single-frame.jslint.stamp"
language="jslint"/>
<!-- TODO(felix8a): closure cleanup
- <output file="${lib.caja}/plugin/ses-taming-frame.clo.js"
+ <output file="${lib.caja}/plugin/ses-single-frame.clo.js"
language="closure"/>
-->
- <output file="${lib.caja}/plugin/ses-taming-frame.opt.js"
+ <output file="${lib.caja}/plugin/ses-single-frame.opt.js"
language="javascript" renderer="minify"/>
- <output file="${lib.caja}/plugin/ses-taming-frame.js"
+ <output file="${lib.caja}/plugin/ses-single-frame.js"
language="javascript" renderer="concat"/>
<input file="${src.caja}/plugin/caja-iframe-build-version.js"/>
<input file="${third_party}/js/json_sans_eval/json_sans_eval.js"/>
@@ -1071,24 +1071,6 @@
<input file="${src.caja}/plugin/caja-iframe-done.js"/>
</transform>
<transform>
- <!-- ses-guest-frame: Used by caja.js when the browser is
SES-capable.
- -->
- <output file="${lib}/ses-guest-frame.jslint.stamp"
- language="jslint"/>
- <!-- TODO(felix8a): closure cleanup
- <output file="${lib.caja}/plugin/ses-guest-frame.clo.js"
- language="closure"/>
- -->
- <output file="${lib.caja}/plugin/ses-guest-frame.opt.js"
- language="javascript" renderer="minify"/>
- <output file="${lib.caja}/plugin/ses-guest-frame.js"
- language="javascript" renderer="concat"/>
- <input file="${src.caja}/plugin/caja-iframe-build-version.js"/>
- <input file="${src.caja}/plugin/ses-iframe-init.js"/>
- <input file="${lib.caja}/ses/initSESPlus.js" jslint="false"/>
- <input file="${src.caja}/plugin/caja-iframe-done.js"/>
- </transform>
- <transform>
<output
file="${lib}/com/google/caja/apitaming/cajaTamingGoogleLoader.jslint.tstamp"
language="jslint"/>
<output
file="${lib}/com/google/caja/apitaming/cajaTamingGoogleLoader.opt.js"
language="javascript" renderer="minify"/>
<input
file="${src}/com/google/caja/apitaming/cajaTamingGoogleLoader.js"/>
@@ -1129,10 +1111,8 @@
<include name="es53-taming-frame.js" />
<include name="es53-guest-frame.opt.js" />
<include name="es53-guest-frame.js" />
- <include name="ses-guest-frame.opt.js" />
- <include name="ses-guest-frame.js" />
- <include name="ses-taming-frame.opt.js" />
- <include name="ses-taming-frame.js" />
+ <include name="ses-single-frame.opt.js" />
+ <include name="ses-single-frame.js" />
<include name="utility-frame.opt.js" />
<include name="utility-frame.js" />
</replace>
@@ -1483,10 +1463,8 @@
<include name="es53-guest-frame.opt.js"/>
<include name="es53-taming-frame.js"/>
<include name="es53-taming-frame.opt.js"/>
- <include name="ses-taming-frame.js"/>
- <include name="ses-taming-frame.opt.js"/>
- <include name="ses-guest-frame.js"/>
- <include name="ses-guest-frame.opt.js"/>
+ <include name="ses-single-frame.js"/>
+ <include name="ses-single-frame.opt.js"/>
<include name="utility-frame.js"/>
<include name="utility-frame.opt.js"/>
</fileset>
=======================================
--- /trunk/src/com/google/caja/plugin/caja.js Thu Feb 28 09:33:35 2013
+++ /trunk/src/com/google/caja/plugin/caja.js Thu Apr 11 19:45:31 2013
@@ -422,16 +422,15 @@
}
function trySES(config, frameGroupReady, onFailure) {
- var guestMaker = makeFrameMaker(config, 'ses-guest-frame');
- var sesMaker = makeFrameMaker(config, 'ses-taming-frame');
-
+ var sesMaker = makeFrameMaker(config, 'ses-single-frame');
+
loadCajaFrame(config, 'utility-frame', function (mitigateWin) {
var mitigateGotchas = mitigateWin['ses']['mitigateGotchas'];
sesMaker['make'](function (tamingWin) {
var mustSES = config['es5Mode'] === true;
if (canSES(tamingWin['ses'], config['maxAcceptableSeverity'])) {
var fg = tamingWin['SESFrameGroup'](
- cajaInt, config, tamingWin, window, guestMaker,
+ cajaInt, config, tamingWin, window,
{ 'mitigateGotchas': mitigateGotchas });
frameGroupReady(fg, true /* es5Mode */);
} else if (!mustSES) {
=======================================
--- /trunk/src/com/google/caja/plugin/guest-manager.js Mon Oct 8 08:59:39
2012
+++ /trunk/src/com/google/caja/plugin/guest-manager.js Thu Apr 11 19:45:31
2013
@@ -74,7 +74,10 @@
// idClass property instead.
idSuffix: divs.idClass,
+ // TODO(kpreid): rename/move to make sure this is used only for testing
+ // as SES now doesn't have a distinct guestWin which could cause
confusion.
iframe: guestWin.frameElement,
+
imports: (domicile
? domicile.window
: (guestWin.___
=======================================
--- /trunk/src/com/google/caja/plugin/ses-frame-group.js Thu Apr 11
19:23:09 2013
+++ /trunk/src/com/google/caja/plugin/ses-frame-group.js Thu Apr 11
19:45:31 2013
@@ -14,6 +14,7 @@
/**
* @provides SESFrameGroup
+ * @requires cajaVM
* @requires cajaFrameTracker
* @requires Domado
* @requires GuestManager
@@ -25,11 +26,14 @@
* @overrides window
*/
-function SESFrameGroup(cajaInt, config, tamingWin, feralWin, guestMaker,
+function SESFrameGroup(cajaInt, config, tamingWin, feralWin,
additionalParams) {
if (tamingWin !== window) {
throw new Error('wrong frame');
}
+
+ // TODO(kpreid): make sure mitigator is applied to guest code only
+ tamingWin.ses.mitigateGotchas = additionalParams.mitigateGotchas;
var USELESS = Object.freeze({ USELESS: 'USELESS' });
var BASE_OBJECT_CONSTRUCTOR = Object.freeze({});
@@ -179,28 +183,24 @@
function makeES5Frame(div, uriPolicy, es5ready, domOpts) {
var divs = cajaInt.prepareContainerDiv(div, feralWin, domOpts);
- guestMaker.make(function (guestWin) {
- cajaFrameTracker.addGuestWindow(guestWin);
- var frameTamingSchema = TamingSchema(tamingHelper);
- var frameTamingMembrane =
- TamingMembrane(tamingHelper, frameTamingSchema.control);
- var domicileAndEmitter = makeDomicileAndEmitter(
- frameTamingMembrane, divs, uriPolicy, guestWin);
- var domicile = domicileAndEmitter && domicileAndEmitter[0];
- var htmlEmitter = domicileAndEmitter && domicileAndEmitter[1];
- var gman = GuestManager(frameTamingSchema, frameTamingMembrane, divs,
- cajaInt.documentBaseUrl(), domicile, htmlEmitter, guestWin,
USELESS,
- uriPolicy, sesRun);
- guestWin.ses.DISABLE_SECURITY_FOR_DEBUGGER = unsafe;
- guestWin.ses.mitigateGotchas = additionalParams.mitigateGotchas;
- es5ready(gman);
- });
+
+ var frameTamingSchema = TamingSchema(tamingHelper);
+ var frameTamingMembrane =
+ TamingMembrane(tamingHelper, frameTamingSchema.control);
+ var domicileAndEmitter = makeDomicileAndEmitter(
+ frameTamingMembrane, divs, uriPolicy);
+ var domicile = domicileAndEmitter && domicileAndEmitter[0];
+ var htmlEmitter = domicileAndEmitter && domicileAndEmitter[1];
+ var gman = GuestManager(frameTamingSchema, frameTamingMembrane, divs,
+ cajaInt.documentBaseUrl(), domicile, htmlEmitter, window, USELESS,
+ uriPolicy, sesRun);
+ es5ready(gman);
}
//----------------
function makeDomicileAndEmitter(
- frameTamingMembrane, divs, uriPolicy, guestWin) {
+ frameTamingMembrane, divs, uriPolicy) {
if (!divs.inner) { return null; }
function FeralTwinStub() {}
@@ -262,10 +262,10 @@
}));
var imports = domicile.window;
- guestWin.cajaVM.copyToImports(imports, guestWin.cajaVM.sharedImports);
+ cajaVM.copyToImports(imports, cajaVM.sharedImports);
var htmlEmitter = new tamingWin.HtmlEmitter(
- identity, domicile.htmlEmitterTarget, domicile, guestWin);
+ identity, domicile.htmlEmitterTarget, domicile, window);
if (!feralWin.___.tamingWindows) {
feralWin.___.tamingWindows = {};
@@ -337,8 +337,6 @@
* for its Caja interpretation, a function of (extraImports).
*/
function loadContent(gman, contentPromise, opt_expectedContentType) {
- var guestWin = gman.iframe.contentWindow;
-
return Q.when(contentPromise, function (xhrRecord) {
// TODO(kpreid): Is this safe? Does this match the cajoling
// service's behavior? Should we reject if these two do not
@@ -365,7 +363,7 @@
// TODO(kpreid): needs to return completion value unless we
// deprecate that feature.
- return Q.ref(guestWin.cajaVM.compileExpr(
+ return Q.ref(cajaVM.compileExpr(
// End of line required to ensure linecomments in theContent
// do not escape away the closing curlies in the expression
'(function () {' + theContent + '\n})()'));
--
---
You received this message because you are subscribed to the Google Groups "Google Caja Discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
