Bug 60384 - Wire up CSP's eval blocking to V8's new API
Summary: Wire up CSP's eval blocking to V8's new API
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Adam Barth
URL:
Keywords:
Depends on:
Blocks: 53572
  Show dependency treegraph
 
Reported: 2011-05-06 10:45 PDT by Adam Barth
Modified: 2011-05-06 13:14 PDT (History)
2 users (show)

See Also:


Attachments
Patch (3.51 KB, patch)
2011-05-06 10:47 PDT, Adam Barth
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Adam Barth 2011-05-06 10:45:44 PDT
Wire up CSP's eval blocking to V8's new API
Comment 1 Adam Barth 2011-05-06 10:47:58 PDT
Created attachment 92605 [details]
Patch
Comment 2 Eric Seidel (no email) 2011-05-06 12:05:17 PDT
Comment on attachment 92605 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=92605&action=review

Does this need a DEPs update?

> Source/WebCore/bindings/v8/ScriptController.cpp:310
> +    m_proxy->windowShell()->initContextIfNeeded();

I wonder how many places might be missing this call. :)

> Source/WebCore/bindings/v8/ScriptController.cpp:317
> +    v8Context->AllowCodeGenerationFromStrings(false);

I wonder how many other things this may unintentionally break?  Doesn't chrome/v8 execute js strings internally all over the place?
Comment 3 Adam Barth 2011-05-06 12:13:39 PDT
(In reply to comment #2)
> (From update of attachment 92605 [details])
> View in context: https://bugs.webkit.org/attachment.cgi?id=92605&action=review
> 
> Does this need a DEPs update?

Nope.  That already happened.

> > Source/WebCore/bindings/v8/ScriptController.cpp:310
> > +    m_proxy->windowShell()->initContextIfNeeded();
> 
> I wonder how many places might be missing this call. :)

Good question.  Much of this code is crap and needs a re-working.

> > Source/WebCore/bindings/v8/ScriptController.cpp:317
> > +    v8Context->AllowCodeGenerationFromStrings(false);
> 
> I wonder how many other things this may unintentionally break?  Doesn't chrome/v8 execute js strings internally all over the place?

This API was created expressly for our needs.  It's supposed to do exactly what we want.
Comment 4 WebKit Commit Bot 2011-05-06 13:13:55 PDT
Comment on attachment 92605 [details]
Patch

Clearing flags on attachment: 92605

Committed r85972: <http://trac.webkit.org/changeset/85972>
Comment 5 WebKit Commit Bot 2011-05-06 13:14:00 PDT
All reviewed patches have been landed.  Closing bug.