[Caja] [google-caja] r5593 committed - Add JS globals to guest-created iframes....

[google-caja]

Revision: 5593
Author:   kpr...@switchb.org
Date:     Mon Sep  9 18:40:16 2013 UTC
Log:      Add JS globals to guest-created iframes.
https://codereview.appspot.com/13544043
For guests with DOM access, the copyToImports is done in a function
passed to Domado rather than separately in the frame group. This
refactoring allows virtual documents for iframes to also obtain their
imports.

Note that host-provided extra imports will _not_ be added to iframes;
There is no especially strong reason for this behavior, but it was
simpler and fits with (in browsers in general) iframes being a way to
create a "fresh" environment with no application-specific global state.

R=feli...@gmail.com

http://code.google.com/p/google-caja/source/detail?r=5593

Modified:
 /trunk/src/com/google/caja/plugin/domado.js
 /trunk/src/com/google/caja/plugin/es53-frame-group.js
 /trunk/src/com/google/caja/plugin/ses-frame-group.js
 /trunk/tests/com/google/caja/plugin/test-domado-iframe-guest.html

=======================================
--- /trunk/src/com/google/caja/plugin/domado.js Wed Aug 28 16:54:33 2013 UTC
+++ /trunk/src/com/google/caja/plugin/domado.js Mon Sep  9 18:40:16 2013 UTC
@@ -1774,13 +1774,15 @@
      * @param {Object} optTargetAttributePresets a record containing the  
presets
      *     (default and whitelist) for the HTML "target" attribute.
      * @param {Object} taming. An interface to a taming membrane.
+     * @param {function} addImports. A function which adds any additional
+     *     imports/global variables which should exist on Window instances.
      * @return {Object} A collection of privileged access tools, plus the  
tamed
      *     {@code document} and {@code window} objects under those names.  
This
      *     object is known as a "domicile".
      */
     function attachDocument(
       idSuffix, naiveUriPolicy, outerContainerNode,  
optTargetAttributePresets,
-        taming) {
+        taming, addImports) {

       if (arguments.length < 3) {
         throw new Error(
@@ -5531,7 +5533,7 @@

             var subDomicile = privates.contentDomicile = attachDocument(
                 '-caja-iframe___', naiveUriPolicy, frameFeralDoc,
-                optTargetAttributePresets, taming);
+                optTargetAttributePresets, taming, addImports);
             privates.seenContentDocument = frameFeralDoc;

             // Replace document structure with virtualized forms
@@ -6945,6 +6947,9 @@
           Object.preventExtensions(privates);
         });

+        // JS globals
+        addImports(this);
+
         // These descriptors were chosen to resemble actual ES5-supporting  
browser
         // behavior.
         // The document property is defined below.
=======================================
--- /trunk/src/com/google/caja/plugin/es53-frame-group.js	Wed Jul 24  
22:19:27 2013 UTC
+++ /trunk/src/com/google/caja/plugin/es53-frame-group.js	Mon Sep  9  
18:40:16 2013 UTC
@@ -296,12 +296,13 @@
         'hasTameTwin', frameTamingMembrane.hasTameTwin,
         'hasFeralTwin', frameTamingMembrane.hasFeralTwin,
         'tameException', frameTamingMembrane.tameException,
-        'untameException', frameTamingMembrane.untameException));
+        'untameException', frameTamingMembrane.untameException),
+      ___.markConstFunc(function(imports) {
+        // Add JavaScript globals to the DOM window object.
+        ___.copyToImports(imports, guestWin.___.sharedImports);
+      }));
     var imports = domicile.window;

-    // Add JavaScript globals to the DOM window object.
-    ___.copyToImports(imports, guestWin.___.sharedImports);
-
     var htmlEmitter = new HtmlEmitter(makeDOMAccessible,
         domicile.htmlEmitterTarget,
         undefined /* cajoling proxy unused in es53 */, domicile, imports);
@@ -368,6 +369,11 @@
       }
     }

+    // Note that if the guest creates inner iframes, then moreImports will  
not
+    // be added to them. There is no especially strong reason for this  
behavior,
+    // but it was simpler and fits with (in browsers in general) iframes  
being a
+    // way to create a "fresh" environment with no application-specific
+    // global state.
     if (!moreImports.onerror) {
       moreImports.onerror = ___.markFunc(onerror);
     }
=======================================
--- /trunk/src/com/google/caja/plugin/ses-frame-group.js	Mon Aug 26  
20:59:09 2013 UTC
+++ /trunk/src/com/google/caja/plugin/ses-frame-group.js	Mon Sep  9  
18:40:16 2013 UTC
@@ -286,10 +286,10 @@
         hasFeralTwin: frameTamingMembrane.hasFeralTwin,
         tameException: frameTamingMembrane.tameException,
         untameException: frameTamingMembrane.untameException
+      }),
+      cajaVM.constFunc(function(imports) {
+        cajaVM.copyToImports(imports, cajaVM.sharedImports);
       }));
-    var imports = domicile.window;
-
-    cajaVM.copyToImports(imports, cajaVM.sharedImports);

     var htmlEmitter = new tamingWin.HtmlEmitter(
       identity, domicile.htmlEmitterTarget, uriPolicy.mitigate, domicile,
@@ -315,6 +315,12 @@
       moreImports.onerror = onerror;
     }

+    // Note that if the guest creates inner iframes, then moreImports will  
not
+    // be added to them. There is no especially strong reason for this  
behavior,
+    // but it was simpler and fits with (in browsers in general) iframes  
being a
+    // way to create a "fresh" environment with no application-specific
+    // global state.
+    //
     // TODO(kpreid): right enumerable/own behavior?
     var imports = gman.imports;
     Object.getOwnPropertyNames(moreImports).forEach(
=======================================
--- /trunk/tests/com/google/caja/plugin/test-domado-iframe-guest.html	Wed  
Aug 14 04:56:12 2013 UTC
+++ /trunk/tests/com/google/caja/plugin/test-domado-iframe-guest.html	Mon  
Sep  9 18:40:16 2013 UTC
@@ -14,6 +14,10 @@
  - limitations under the License.
 -->

+<style type="text/css">
+  iframe { height: 4em; vertical-align: top; } /* smaller than usual */
+</style>
+
 <div id="testShim" class="testcontainer">Test Iframe Shim</div>
 <script type="text/javascript">
   jsunitRegister('testShim',
@@ -77,6 +81,20 @@

 <!-- Tests for detailed functionality *in* iframes -->

+<div id="testGlobals" class="testcontainer">testGlobals</div>
+<script type="text/javascript">
+  jsunitRegisterIf(inES5Mode, 'testGlobals', function() {
+    var i = document.getElementById('testGlobals').appendChild(
+        document.createElement('iframe')).contentWindow;
+
+    assertTrue('Object exists', !!i.Object);
+    assertTrue('Object is frozen', Object.isFrozen(i.Object.prototype));
+    assertTrue('cajaVM exists', !!i.cajaVM);
+
+    pass();
+  });
+</script>
+
 <div id="testMutation" class="testcontainer">testMutation</div>
 <script type="text/javascript">
   jsunitRegister('testMutation',

--

--- 
You received this message because you are subscribed to the Google Groups "Google Caja Discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to google-caja-discuss+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.