mirror of
https://github.com/roytam1/palemoon27.git
synced 2026-05-26 14:30:27 +00:00
roytam1
049b3235ac
- Bug 1207494 - Part 8: Remove use of expression closure from dom/identity/. r=ferjm (34fac889f8) - minor crash thing (13fe2827c2) - Bug 1243359 - initialize mScrollSeriesNumber in all ScrollWheelInput constructors. r=roc (94163d8eca) - fix misspatch (b380a7bbe4) - Bug 1207412 - Make SystemTimeConverter use TimeStamp::Now() when converting times; r=karlt (f408549605) - Bug 1212102 - Drop unnecessary assertion comparing timestamps in SystemTimeConverter; r=karlt (1efaa04b3f) - Bug 1241302 - Slightly modernize this code. r=jst (c1e97bc069) - bug 1216916 clean up when InvokeDragSessionWithImage/Selection() fails r=roc (9cdf71b717) - Bug 1231329 - run ConvertToUnscaledDevPixels if *aPresContext is valid. r=roc (d10f23633b) - Bug 1245927: Innerize before creating DOM files from the file picker. r=baku (8754128362) - Bug 1155214 - Mark nsIBidiKeyboard as builtinclass; r=mrbkap (2d00326d2b) - reorder (c3c1ba92c9) - Bug 1236566 - add override declarations for widget/windows/GfxInfo.h; r=roc (940b40ed91) - Bug 1242659: Part 1. More information on the mismatches. r=jrmuizel (78331ddad2) - Block some Radeon drivers that crash on D3D9. (bug 1213107, r=jrmuizel) (482b66d313) - Bug 1203199 - Blacklist DXVA on some older intel drivers for causing crashes. r=jrmuizel (f1827d4498) - Bug 1203199 - Fix driver range with blacklist to avoid blacklisting other OSes. (2c2d547296) - Bug 1203199 - Bustage fix. CLOSED TREE (3233d407f3) - Bug 1178385. Enable DXVA on the G45 r=ajones (3c59a58a15) - Bug 1188442 IMMHandler::GetSelection() should use static Selection instance when IME doesn't have focus and return its or mSelection's reference r=emk (5cc4b30433) - Bug 1238899 Create hidden native caret for ATOK at composing in windowless plugin r=m_kato (40ef5bb4aa) - Bug 1257919 part 1. Kill off nsIXSLTException. r=khuey (11f37643f2) - Bug 1242072 - Change implementation of BaseProxyHandler::get() to follow ES6 [[Get]] specification. r=jorendorff (094a67f284) - Bug 489636 - Add a GC u-bench test for property tree splitting via deletion; r=sfink (9282fec25f) - Bug 1257919 part 2. Make nsIException and nsIStackFrame builtinclass, so we can start using [implicit_jscontext] on them. r=khuey (0e65fb8554) - Bug 1257919 part 3. Make the various toString methods on exceptions take an explicit JSContext. r=khuey (b342fb4930) - Bug 1257919 part 4. Stop returning StackFrame instances from exceptions::CreateStack. C++ callers of GetCurrentJSStack or exceptions::CreateStack always check for null anyway, and none of them seem to want this non-JS thing. r=khuey (d34036ccf9) - Bug 1257919 part 5. Get rid of the now-unused StackFrame class. r=khuey (aa13af0dfe) - Bug 1141222 - Create ScriptError with stack from Cu.reportError. r=bholley (b83ad26aa0) - Bug 1208641 - Extract stack from DOM/XPC exception. r=bholley (e382b5f48c) - Bug 1254380 part 1. Find the relevant window when the compartment we've got is an addon sandbox compartment in AutoJSAPI exception/warning reporting code. r=bholley (4b1f6c64a9) - Bug 1250630 - remove PBackgroundTest and ifdef ENABLE_TEST blocks. r=khuey (d7b36860a3) - Bug 1250963 part 1. Change NotifyRunnable::Dispatch to not require a JSContext. r=khuey (48e03c2fc2) - Bug 1250963 part 2. Remove the unused JSContext argument of WorkerPrivate::ModifyBusyCount. r=khuey (0f5ca42be1) - Bug 1250291 part 1. Stop pretending to report exceptions in MainThreadStopSyncLoopRunnable::PostDispatch. r=khuey (6e1c81cc06) - Bug 1250291 part 2. Stop pretending to report exceptions in MainThreadWorkerSyncRunnable::PostDispatch. r=khuey (f3d846ea31) - Bug 1250291 part 3. Stop pretending to report exceptions in WorkerDebuggerRunnable::PostDispatch. r=khuey (10bc1710d1) - Bug 1250975. Stop passing a JSContext argument to WorkerRunnable::PreDispatch and its overrides. r=khuey (71ab9046f0) - Bug 1255298. Just pass through the JSContext when passing through the NotificationOptions in notification code. r=wchen (552ae8e33e) - Bug 1250185 part 2. Remove some JSContext stuff that's no longer needed in Notification code. r=khuey (20b99ef28b) - Bug 1251045 part 8. Remove the JSContext argument from some nsINotificationStorageCallback methods. r=khuey (170c4afabc) - Bug 1227015 P7 Supress unused ErrorResult exception if the worker runnable failed to dispatch. r=catalinb (23a3cc6f45) - Bug 1251045 part 3. Remove the JSContext argument of WorkerRunnable::PostDispatch and its overrides. r=khuey (6a666d1a4a) - Bug 1251045 part 2. Remove the JSContext argument of ModifyBusyCountFromWorker. r=khuey (105bc4f59e) - Bug 1252130. Remove unnecessary JSContext argument from NotificationWorkerRunnable::WorkerRunInternal. r=khuey (642727f6f6) - Bug 1252127. Remove unnecessary JSContext argument from PromiseWorkerProxy::CleanUp. r=khuey (339e1157d1) - Bug 1251045 part 1. Make it possible to dispatch a ModifyBusyCountRunnable without a JSContext. r=khuey (665c1f81b4) - Bug 1251045 part 4. Remove the JSContext argument of WorkerRunnable::Dispatch. r=khuey (6c5cdab2b7) - Bug 1250185 part 1. nsIStructuredCloneContainer.initFromBase64 doesn't need a JSContext argument. r=khuey (d63a219209) - fix (773c0393aa) - Bug 1251045 part 5. Remove the JSContext argument from WorkerPrivateParent::Freeze/Thaw. r=khuey (cd419bfd2c) - Bug 1251045 part 6. Remove the JSContext argument from some worker debugger methods that no longer need it. r=khuey (abcc437cb9) - Bug 1251045 part 7. Remove the JSContext argument from some worker methods that no longer need it. r=khuey (3ddcbca08c) - Bug 1249652 part 1. Add a method on ErrorResult to steal an exception, if any, from a JSContext. r=khuey (9c07f5044b) - Bug 1229071 - importScripts should throw the correct error result in case the loading of one of scripts fails, r=bz (cd37645d76) - Bug 1229970 Abort script loading start requests if a load has been canceled. r=khuey (a44d9128ca) - Bug 1233171 Cancel channel when ScriptLoader is aborted during service worker script load. r=khuey (3b6ceafec7) - Bug 1249351 part 1. When doing importScripts of multiple scripts in a service worker, make sure to track the cache streams per-loadinfo, instead of trying to make them all wait on the same stream. r=bkelly (e1ccea9685) - Bug 1157544 - Fix a typo in the test; r=baku (8c0bf8f504) - Bug 1249351 part 2. Clean up test_importscript.html and add multiple-url importScript() case. r=bz (52b0a31032) - Bug 1249652 part 2. ScriptExecutorRunnable::WorkerRun should immediately move JS exceptions to its ErrorResult instead of allowing them to linger on the JSContext. r=baku,khuey (f628d3c8ba) - Bug 1249652 part 3. Simplify way we handle canceling when ScriptLoaderRunnable::RunInternal fails by canceling things with its actual failure code, so we don't have to guess which failed loads are actual failures and which are just canceled via this mechanism. r=baku,khuey (388543fbc3) - Bug 1251369. Use an AutoJSAPI that reports its own exceptions around the main runloop in workers. r=khuey (28b33287cd) - Bug 1251518. Fix js::ErrorReportToString to make a bit more sense, and change worker code to not use it anyway, so it matches the mainthread code. r=bholley,terrence (a48a40de90) - Bug 1254380 part 2. Go ahead and log the stack from our exception in AutoJSAPI::ReportException even if we don't have a window. r=bholley (64532b6017) - Bug 1212328 - Clean up some JSErrorReport-related code. r=Waldo,bz (d5aa611edc) - Bug 1255192 part 1. Remove the JSContext argument of JS::ExceptionStackOrNull. r=bholley (39b631d5ad) - bug 1252687 - make the ctor for CycleCollectorStats constexpr r=mccr8 (9e8168d8ac) - Bug 1254380 part 3. Skip firing error events for mainthread out of memory exceptions via AutoJSAPI::ReportException. r=bholley (d5e4e7dc29) - Bug 1254230 kinda-fix. Make sure to never send script errors with stacks attached to the console service if the associated windows have already had FreeInnerObjects called on them. r=bholley (8c379fe0e0) - Bug 1255192 part 2. Clean up the JSContext usage around xpc::FindExceptionStackForConsoleReport now that it just needs a JSContext for rooting. r=bholley (cade862491) - Bug 1255201. Improve the stack handling in nsXPCComponents_Utils::ReportError for the DOMException case to include the stack from the DOMException. r=bholley (fc6c065284) - Bug 1257919 part 6. Make the filename getter on JSStackFrame take an explicit JSContext. r=khuey (cde115b789) - Bug 1257919 part 7. Make the name getter on JSStackFrame take an explicit JSContext. r=khuey (d7466e9eab) - Bug 1257919 part 8. Make the line/column number getters on JSStackFrame take an explicit JSContext. r=khuey (b8766b98b2) - Bug 1257919 part 9. Make the asyncCause/asyncCaller getters on JSStackFrame take an explicit JSContext. r=khuey (b776ff9c6d) - Bug 1257919 part 10. Make the caller and formattedStack getters on JSStackFrame take an explicit JSContext. r=khuey (dc4d3d9091) - Bug 1252091. Add/RemoveFeature don't need a JSContext argument. r=khuey (5be6253a67) - Bug 1252123. Remove some unnecessary JSContext arguments from worker ScriptLoader methods. r=khuey (1657a35268) - Bug 1255181. Remove AutoJSAPI::InitWithLegacyErrorReporting. r=bholley (5ee7ac506e) - Bug 1254847 part 1. Take ownership of error reporting on the AutoEntryScript in nsXPCWrappedJSClass::DelegatedQueryInterface. r=bholley (62d987b030) - make style wrong again.... (fa4e6cfbc1) - Bug 1254847 part 2. Change nsJSNPRuntime to always use AutoEntryScript and always take ownership of error reporting. r=bholley (d24cb80622) - Bug 1251655 - Remove support for JavaScript-global-constructor-prototype-alias. r=bz. (2b354ea423) - Bug 1251655 - Remove support for JavaScript-DOM-class and JavaScript-DOM-interface. r=bz. (dd6786ea57) - Bug 1251275. Switch to using an AutoEntryScript in WorkerPrivate::RunExpiredTimeouts. r=khuey (f10d1b0dec) - Bug 1072144 part 1. Just release-assert that Promise::Resolve does not fail in service worker code. It can only do that on OOM or overrecursion anyway, and overrecursion is not likely if we're coming right off a runnable. r=khuey (ba4c89a3bc) - Bug 1072144 part 2. When UnregisterWorker tries to ScheduleWorker and that throws, just suppress the exception: there is no good place to report it anyway. r=khuey (ca563ec5cd) - Bug 1072144 part 3. Hoist the exception reporting out of WorkerRunnable::PostRun into WorkerRunnable::Run and make it unconditional. r=khuey (9914acd4a6) - Bug 1252221. When GetOrCreateGlobalScope fails while trying to run a ScriptExecutorRunnable::WorkerRun, just suppress the exception, because there is no way to report it without a compartment to work with. r=khuey (abcc9df148) - Bug 1072144 part 4. Add a WorkerRunnable::PreRun so that we can move worker global creation to it and always have an AutoEntryScript by the time we're evaluating the main worker script. r=khuey (007b528868) - Bug 1251276 part 1. Change WorkerPrivate::CancelAllTimeouts to no longer call RunExpiredTimeouts. r=khuey (6b937370a1) - Bug 1251276 part 2. Remove the JSContext argument of WorkerPrivate::CancelAllTimeouts. r=khuey (336b788e03) - Bug 1251380. Change things so that WorkerPrivate::NotifyInternal (hopefully) never throws. r=khuey (1d4863f83a) - Bug 1254846. Add an AutoEntryScript constructor that takes a JSObject instead of an nsIGlobalObject, for convenience. r=bholley (693857f9b0) - Bug 1255706 part 1. Remove JSContext argument from WorkerPrivate constructor. r=khuey (0486bdb01c) - Bug 1255706 part 2. Remove JSContext argument from WorkerPrivate::Terminate. r=khuey (f0b62de092) - Bug 1257568. Remove the JSContext argument of WorkerPrivate::Kill. r=khuey (ebe7d247b5) - Bug 1252189. Remove the unnecessary JSContext argument from WorkerPrivate::FreezeInternal/ThawInternal. r=khuey (22b137b05e) - Bug 1119490 - Expose the URL constructor to WorkerDebuggerGlobalScope;r=khuey (6f4fc13e1e) - Bug 1241841 - Clear the worker's debugger event queue before destroying its context;r=khuey (a1e8dd4b2d) - Bug 1249950 - Add Performance Markers for MessagePort - patch 1 - remove non-useful 'explicit', r=smaug (8a014b53e6) - Bug 1249950 - Add Performance Markers for MessagePort - patch 2, r=smaug, r=vporof (560caf0ae1) - bug 1250486 - make the ComponentsSH ctor constexpr r=bz (1c441dbb0f) - Bug 1257032: Make files in dom/workers actually build without unification. r=baku (6ab4ae0b65) - Bug 1241522 - handle OOM in nsExpatDriver::HandleCharacterData; r=hsivonen (b652220cdc) - Bug 1219482: Replace PRLogModuleInfo with LazyLogModule in various files.r=benjamin (5fd5e8dbc8) - Bug 1238545 - Remove nsISimpleUnicharStreamFactory; r=froydnj (f0018c5b16) - Bug 1257335. Replace some AutoSafeJSContext uses with AutoJSAPI or AutoJSContext uses. r=bholley (7baf79deb7) - Bug 1247635 - Unify PostMessageRunnable and DispatchEventRunnable in MessagePort.cpp, r=smaug (df2765c215) - Bug 1250572 - Force a parent object in MessagePort/Channel and in StructuredCloneHolder, r=smaug (2a929d59d1) - Bug 1255375 - MessagePort should not leak if DispatchMessage() fails, r=smaug (0a5cdebfb0) - Bug 1251272. Remove the dead code in ReportErrorRunnable::ReportError that could fail, and make it infallible. r=khuey (89e80694d0) - Bug 1072144 part 5. Stop fiddling with compartments on the JSContext before calling PostRun in WorkerRunnable::Run. Add some documentation explaining what's going on. r=khuey (91f4bb6a7c) - Bug 1072144 part 6. Switch WorkerRunnable::Run to calling TakeOwnershipOfErrorReporting on its AutoJSAPI/AutoEntryScript and remove the remaining JS_ReportPendingException callers in worker code. r=khuey (405d9e0282) - Bug 1179548 - Close the windows opened in private browsing worker tests; r=baku (acf3430b69) - Bug 1179753 - Use pushPrefEnv more in worker tests; r=baku (4bfd949c72) - Bug 1134224 - More test for test_bug1132395.html, r=ehsan (626eb100cd) - Bug 1134224 - onerror for test_bug1132395.html, r=ehsan (147195f57e) - Bug 1207635 - get rid of dom.workers.sharedWorkers.enabled pref, r=khuey (22fe2965c6) - Bug 1252592. JS warnings should not trigger error events on shared workers. r=khuey (7f05c2c00d) - Bug 1251308; r=luke (3cbec95738) - Bug 1246838 - Handle const qualifiers and references better in Variant. r=waldo (30da6e3ebf) - Bug 1254565 - Allow passing matchers as rvalues to Variant::match. r=froydnj (1dd799fb0a) - Bug 1246841 - Allow construction of Variant values using type inference. r=waldo (6ba3e6704c) - Bug 1250666 - Forward Variant's move constructor argument correctly to the underlying variant type. r=waldo (7353a53bf0) - Bug 1252185. Remove the dead "target" variable from CloseEventRunnable::WorkerRun. r=khuey (be172da10b) - Bug 1253059: Use fallible allocation in the worker error reporter. r=baku (963222bdd4) - Bug 1253199 - MessagePort should handle the dispatching a message when the parent window is gone, r=smaug (d552e3cd9e) - Bug 1252839 - Remove some if stmt after allocation with 'new' - patch 2, r=bz (3c7eb959bc) - Bug 1252839 - Remove some if stmt after allocation with 'new' - patch 1, r=bz (85067dbfb6) - Bug 1254855. Switch AutoEntryScripts in nsDirectoryViewer to take ownership of error reporting. r=bholley (8c10532323) - Bug 1252565 part 1. Push the script environment preparer bits up from XPCJSRuntime to CycleCollectedJSRuntime, because we need them on workers to do ctypes on workers properly. r=bholley (aecf2595dd) - Bug 1252565 part 2. Make dom::WarningOnlyErrorReporter handle workers. r=bholley (f415b8868b) - Bug 1244222 - Check for function interfaces in DelegatedQueryInterface. r=bz (d213eec83c) - Bug 1254393. Take ownership of error reporting on the AutoEntryScript in nsXPCWrappedJSClass::CallMethod. r=bholley (4765b501c0) - Bug 1251769 - Remove remaining references to MOZILLA_XPCOMRT_API from mfbt. r=froydnj (236adc1d4c) - Bug 1247835 (part 0) - Minor comment and style tweaks in BinarySearch.h. r=luke. (db04793721) - Bug 1244074 - Part 1: Move SheetParsingMode to a separate file. r=dholbert (290adaadea) - Bug 1244074 - Part 2: Add HandleRefPtr for refcounting StyleSheetHandles. r=dholbert r=waldo (8549b24392) - Bug 1244068 - Part 1: Add enum to represent the style system backend type. r=dholbert (c2e53feaf2) - Bug 1244068 - Part 2: Add skeleton ServoStyleSet and a StyleSetHandle smart pointer. r=dholbert (71a5c28629) - Bug 1244068 - Part 3: Factor out nsStyleSet getting in RestyleManager/ElementRestyler. r=dholbert (9e9f4f2e80) - Bug 1245406: In ReflowBlockFrame, use Maybe<> to destroy & reconstruct a stack-allocated object, instead of an explicit call to destructor & placement 'new'. r=dbaron (d36858b818) - Bug 1244068 - Part 4: Use StyleSetHandle instead of concrete style set class in most places. r=dholbert (93f9bcf799) - Bug 1244074 - Part 3: Add skeleton ServoStyleSheet and a StyleSheetHandle smart pointer. r=dholbert (5b4fbdce38) - Bug 1195173 - Apply CSP to preloaded styles within layout/style/Loader.cpp (r=bz) (d1ba920fd3) - Bug 1245681 - Fix addOverrideStyleSheet. r=bz (64099eac73) - Bug 1244074 - Part 4: Use StyleSheetHandle instead of concrete style sheet class in most places. r=dholberti (867470ac83) - Bug 1246013 (part 1) - Store a copy of the ETLDEntry directly in DomainEntry instead of a pointer to it. r=jduell. (587b3a9fb7) - Bug 1246013 (part 2) - Change "explicit/xpcom/effective-TLD-service" path to the more sensible "explicit/network/effective-TLD-service". r=jduell. (2e0df6f28f) - Bug 1247835 (part 1) - Use binary search instead of a hash table in nsEffectiveTLDService. r=jduell. (685dae01c0) - Bug 1257121 part 1 - Use struct for passing some params of font metrics. r=jfkthame (1dfd7a7429) - Bug 1257121 part 2 - Merge nsFontMetrics::Init to the constructor and remove unused failure handling code. r=jfkthame (0cdc441511) - Bug 1257121 part 3 - Add GetInflatedFontMetricsForFrame function to simplify a common use pattern. r=jfkthame (d9630ebd1b) - Bug 1257121 part 4 - Use return value rather than out param to retur font metrics. r=jfkthame (c9a5b1d1dd) - Bug 1257121 part 5 - Make nsDeviceContext::mFontCache a RefPtr. r=jfkthame (9c53238a6a)
502 lines
18 KiB
C++
502 lines
18 KiB
C++
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
/* Utilities for managing the script settings object stack defined in webapps */
|
|
|
|
#ifndef mozilla_dom_ScriptSettings_h
|
|
#define mozilla_dom_ScriptSettings_h
|
|
|
|
#include "MainThreadUtils.h"
|
|
#include "nsIGlobalObject.h"
|
|
#include "nsIPrincipal.h"
|
|
|
|
#include "mozilla/Maybe.h"
|
|
|
|
#include "jsapi.h"
|
|
#include "js/Debug.h"
|
|
|
|
class nsPIDOMWindow;
|
|
class nsGlobalWindow;
|
|
class nsIScriptContext;
|
|
class nsIDocument;
|
|
class nsIDocShell;
|
|
|
|
namespace mozilla {
|
|
namespace dom {
|
|
|
|
// For internal use only - use AutoJSAPI instead.
|
|
namespace danger {
|
|
|
|
/**
|
|
* Fundamental cx pushing class. All other cx pushing classes are implemented
|
|
* in terms of this class.
|
|
*/
|
|
class MOZ_STACK_CLASS AutoCxPusher
|
|
{
|
|
public:
|
|
explicit AutoCxPusher(JSContext *aCx, bool aAllowNull = false);
|
|
~AutoCxPusher();
|
|
|
|
nsIScriptContext* GetScriptContext() { return mScx; }
|
|
|
|
// Returns true if this AutoCxPusher performed the push that is currently at
|
|
// the top of the cx stack.
|
|
bool IsStackTop() const;
|
|
|
|
private:
|
|
mozilla::Maybe<JSAutoRequest> mAutoRequest;
|
|
nsCOMPtr<nsIScriptContext> mScx;
|
|
uint32_t mStackDepthAfterPush;
|
|
#ifdef DEBUG
|
|
JSContext* mPushedContext;
|
|
unsigned mCompartmentDepthOnEntry;
|
|
#endif
|
|
};
|
|
|
|
} /* namespace danger */
|
|
|
|
/*
|
|
* System-wide setup/teardown routines. Init and Destroy should be invoked
|
|
* once each, at startup and shutdown (respectively).
|
|
*/
|
|
void InitScriptSettings();
|
|
void DestroyScriptSettings();
|
|
bool ScriptSettingsInitialized();
|
|
|
|
/*
|
|
* Static helpers in ScriptSettings which track the number of listeners
|
|
* of Javascript RunToCompletion events. These should be used by the code in
|
|
* nsDocShell::SetRecordProfileTimelineMarkers to indicate to script
|
|
* settings that script run-to-completion needs to be monitored.
|
|
* SHOULD BE CALLED ONLY BY MAIN THREAD.
|
|
*/
|
|
void UseEntryScriptProfiling();
|
|
void UnuseEntryScriptProfiling();
|
|
|
|
// To implement a web-compatible browser, it is often necessary to obtain the
|
|
// global object that is "associated" with the currently-running code. This
|
|
// process is made more complicated by the fact that, historically, different
|
|
// algorithms have operated with different definitions of the "associated"
|
|
// global.
|
|
//
|
|
// HTML5 formalizes this into two concepts: the "incumbent global" and the
|
|
// "entry global". The incumbent global corresponds to the global of the
|
|
// current script being executed, whereas the entry global corresponds to the
|
|
// global of the script where the current JS execution began.
|
|
//
|
|
// There is also a potentially-distinct third global that is determined by the
|
|
// current compartment. This roughly corresponds with the notion of Realms in
|
|
// ECMAScript.
|
|
//
|
|
// Suppose some event triggers an event listener in window |A|, which invokes a
|
|
// scripted function in window |B|, which invokes the |window.location.href|
|
|
// setter in window |C|. The entry global would be |A|, the incumbent global
|
|
// would be |B|, and the current compartment would be that of |C|.
|
|
//
|
|
// In general, it's best to use to use the most-closely-associated global
|
|
// unless the spec says to do otherwise. In 95% of the cases, the global of
|
|
// the current compartment (GetCurrentGlobal()) is the right thing. For
|
|
// example, WebIDL constructors (new C.XMLHttpRequest()) are initialized with
|
|
// the global of the current compartment (i.e. |C|).
|
|
//
|
|
// The incumbent global is very similar, but differs in a few edge cases. For
|
|
// example, if window |B| does |C.location.href = "..."|, the incumbent global
|
|
// used for the navigation algorithm is B, because no script from |C| was ever run.
|
|
//
|
|
// The entry global is used for various things like computing base URIs, mostly
|
|
// for historical reasons.
|
|
//
|
|
// Note that all of these functions return bonafide global objects. This means
|
|
// that, for Windows, they always return the inner.
|
|
|
|
// Returns the global associated with the top-most Candidate Entry Point on
|
|
// the Script Settings Stack. See the HTML spec. This may be null.
|
|
nsIGlobalObject* GetEntryGlobal();
|
|
|
|
// If the entry global is a window, returns its extant document. Otherwise,
|
|
// returns null.
|
|
nsIDocument* GetEntryDocument();
|
|
|
|
// Returns the global associated with the top-most entry of the the Script
|
|
// Settings Stack. See the HTML spec. This may be null.
|
|
nsIGlobalObject* GetIncumbentGlobal();
|
|
|
|
// Returns the global associated with the current compartment. This may be null.
|
|
nsIGlobalObject* GetCurrentGlobal();
|
|
|
|
// JS-implemented WebIDL presents an interesting situation with respect to the
|
|
// subject principal. A regular C++-implemented API can simply examine the
|
|
// compartment of the most-recently-executed script, and use that to infer the
|
|
// responsible party. However, JS-implemented APIs are run with system
|
|
// principal, and thus clobber the subject principal of the script that
|
|
// invoked the API. So we have to do some extra work to keep track of this
|
|
// information.
|
|
//
|
|
// We therefore implement the following behavior:
|
|
// * Each Script Settings Object has an optional WebIDL Caller Principal field.
|
|
// This defaults to null.
|
|
// * When we push an Entry Point in preparation to run a JS-implemented WebIDL
|
|
// callback, we grab the subject principal at the time of invocation, and
|
|
// store that as the WebIDL Caller Principal.
|
|
// * When non-null, callers can query this principal from script via an API on
|
|
// Components.utils.
|
|
nsIPrincipal* GetWebIDLCallerPrincipal();
|
|
|
|
// This may be used by callers that know that their incumbent global is non-
|
|
// null (i.e. they know there have been no System Caller pushes since the
|
|
// inner-most script execution).
|
|
inline JSObject& IncumbentJSGlobal()
|
|
{
|
|
return *GetIncumbentGlobal()->GetGlobalJSObject();
|
|
}
|
|
|
|
class ScriptSettingsStack;
|
|
class ScriptSettingsStackEntry {
|
|
friend class ScriptSettingsStack;
|
|
|
|
public:
|
|
~ScriptSettingsStackEntry();
|
|
|
|
bool NoJSAPI() { return !mGlobalObject; }
|
|
|
|
protected:
|
|
ScriptSettingsStackEntry(nsIGlobalObject *aGlobal, bool aCandidate);
|
|
|
|
nsCOMPtr<nsIGlobalObject> mGlobalObject;
|
|
bool mIsCandidateEntryPoint;
|
|
|
|
private:
|
|
// This constructor is only for use by AutoNoJSAPI.
|
|
friend class AutoNoJSAPI;
|
|
ScriptSettingsStackEntry();
|
|
|
|
ScriptSettingsStackEntry *mOlder;
|
|
};
|
|
|
|
/*
|
|
* For any interaction with JSAPI, an AutoJSAPI (or one of its subclasses)
|
|
* must be on the stack.
|
|
*
|
|
* This base class should be instantiated as-is when the caller wants to use
|
|
* JSAPI but doesn't expect to run script. The caller must then call one of its
|
|
* Init functions before being able to access the JSContext through cx().
|
|
* Its current duties are as-follows (see individual Init comments for details):
|
|
*
|
|
* * Grabbing an appropriate JSContext, and, on the main thread, pushing it onto
|
|
* the JSContext stack.
|
|
* * Entering an initial (possibly null) compartment, to ensure that the
|
|
* previously entered compartment for that JSContext is not used by mistake.
|
|
*
|
|
* Additionally, the following duties are planned, but not yet implemented:
|
|
*
|
|
* * De-poisoning the JSRuntime to allow manipulation of JSAPI. We can't
|
|
* actually implement this poisoning until all the JSContext pushing in the
|
|
* system goes through AutoJSAPI (see bug 951991). For now, this de-poisoning
|
|
* effectively corresponds to having a non-null cx on the stack.
|
|
* * Reporting any exceptions left on the JSRuntime, unless the caller steals
|
|
* or silences them.
|
|
* * Entering a JSAutoRequest. At present, this is handled by the cx pushing
|
|
* on the main thread, and by other code on workers. Depending on the order
|
|
* in which various cleanup lands, this may never be necessary, because
|
|
* JSAutoRequests may go away.
|
|
*
|
|
* In situations where the consumer expects to run script, AutoEntryScript
|
|
* should be used, which does additional manipulation of the script settings
|
|
* stack. In bug 991758, we'll add hard invariants to SpiderMonkey, such that
|
|
* any attempt to run script without an AutoEntryScript on the stack will
|
|
* fail. This prevents system code from accidentally triggering script
|
|
* execution at inopportune moments via surreptitious getters and proxies.
|
|
*/
|
|
class MOZ_STACK_CLASS AutoJSAPI {
|
|
public:
|
|
// Trivial constructor. One of the Init functions must be called before
|
|
// accessing the JSContext through cx().
|
|
AutoJSAPI();
|
|
|
|
~AutoJSAPI();
|
|
|
|
// This uses the SafeJSContext (or worker equivalent), and enters a null
|
|
// compartment, so that the consumer is forced to select a compartment to
|
|
// enter before manipulating objects.
|
|
//
|
|
// This variant will ensure that any errors reported by this AutoJSAPI as it
|
|
// comes off the stack will not fire error events or be associated with any
|
|
// particular web-visible global.
|
|
void Init();
|
|
|
|
// This uses the SafeJSContext (or worker equivalent), and enters the
|
|
// compartment of aGlobalObject.
|
|
// If aGlobalObject or its associated JS global are null then it returns
|
|
// false and use of cx() will cause an assertion.
|
|
//
|
|
// If aGlobalObject represents a web-visible global, errors reported by this
|
|
// AutoJSAPI as it comes off the stack will fire the relevant error events and
|
|
// show up in the corresponding web console.
|
|
bool Init(nsIGlobalObject* aGlobalObject);
|
|
|
|
// This is a helper that grabs the native global associated with aObject and
|
|
// invokes the above Init() with that.
|
|
bool Init(JSObject* aObject);
|
|
|
|
// Unsurprisingly, this uses aCx and enters the compartment of aGlobalObject.
|
|
// If aGlobalObject or its associated JS global are null then it returns
|
|
// false and use of cx() will cause an assertion.
|
|
// If aCx is null it will cause an assertion.
|
|
//
|
|
// If aGlobalObject represents a web-visible global, errors reported by this
|
|
// AutoJSAPI as it comes off the stack will fire the relevant error events and
|
|
// show up in the corresponding web console.
|
|
bool Init(nsIGlobalObject* aGlobalObject, JSContext* aCx);
|
|
|
|
// Convenience functions to take an nsPIDOMWindow* or nsGlobalWindow*,
|
|
// when it is more easily available than an nsIGlobalObject.
|
|
bool Init(nsPIDOMWindow* aWindow);
|
|
bool Init(nsPIDOMWindow* aWindow, JSContext* aCx);
|
|
|
|
bool Init(nsGlobalWindow* aWindow);
|
|
bool Init(nsGlobalWindow* aWindow, JSContext* aCx);
|
|
|
|
JSContext* cx() const {
|
|
MOZ_ASSERT(mCx, "Must call Init before using an AutoJSAPI");
|
|
MOZ_ASSERT_IF(mIsMainThread, CxPusherIsStackTop());
|
|
return mCx;
|
|
}
|
|
|
|
bool CxPusherIsStackTop() const { return mCxPusher->IsStackTop(); }
|
|
|
|
// We're moving towards a world where the AutoJSAPI always handles
|
|
// exceptions that bubble up from the JS engine. In order to make this
|
|
// process incremental, we allow consumers to opt-in to the new behavior
|
|
// while keeping the old behavior as the default.
|
|
void TakeOwnershipOfErrorReporting();
|
|
bool OwnsErrorReporting() { return mOwnErrorReporting; }
|
|
// If HasException, report it. Otherwise, a no-op. This must be
|
|
// called only if OwnsErrorReporting().
|
|
void ReportException();
|
|
|
|
bool HasException() const {
|
|
MOZ_ASSERT_IF(NS_IsMainThread(), CxPusherIsStackTop());
|
|
return JS_IsExceptionPending(cx());
|
|
};
|
|
|
|
// Transfers ownership of the current exception from the JS engine to the
|
|
// caller. Callers must ensure that HasException() is true, and that cx()
|
|
// is in a non-null compartment.
|
|
//
|
|
// Note that this fails if and only if we OOM while wrapping the exception
|
|
// into the current compartment.
|
|
bool StealException(JS::MutableHandle<JS::Value> aVal);
|
|
|
|
// Peek the current exception from the JS engine, without stealing it.
|
|
// Callers must ensure that HasException() is true, and that cx() is in a
|
|
// non-null compartment.
|
|
//
|
|
// Note that this fails if and only if we OOM while wrapping the exception
|
|
// into the current compartment.
|
|
bool PeekException(JS::MutableHandle<JS::Value> aVal);
|
|
|
|
void ClearException() {
|
|
MOZ_ASSERT_IF(NS_IsMainThread(), CxPusherIsStackTop());
|
|
JS_ClearPendingException(cx());
|
|
}
|
|
|
|
protected:
|
|
// Protected constructor, allowing subclasses to specify a particular cx to
|
|
// be used. This constructor initialises the AutoJSAPI, so Init must NOT be
|
|
// called on subclasses that use this.
|
|
// If aGlobalObject, its associated JS global or aCx are null this will cause
|
|
// an assertion, as will setting aIsMainThread incorrectly.
|
|
AutoJSAPI(nsIGlobalObject* aGlobalObject, bool aIsMainThread, JSContext* aCx);
|
|
|
|
private:
|
|
mozilla::Maybe<danger::AutoCxPusher> mCxPusher;
|
|
mozilla::Maybe<JSAutoNullableCompartment> mAutoNullableCompartment;
|
|
JSContext *mCx;
|
|
|
|
// Track state between the old and new error reporting modes.
|
|
bool mOwnErrorReporting;
|
|
bool mOldAutoJSAPIOwnsErrorReporting;
|
|
// Whether we're mainthread or not; set when we're initialized.
|
|
bool mIsMainThread;
|
|
Maybe<JSErrorReporter> mOldErrorReporter;
|
|
|
|
void InitInternal(JSObject* aGlobal, JSContext* aCx, bool aIsMainThread);
|
|
|
|
AutoJSAPI(const AutoJSAPI&) = delete;
|
|
AutoJSAPI& operator= (const AutoJSAPI&) = delete;
|
|
};
|
|
|
|
/*
|
|
* A class that represents a new script entry point.
|
|
*
|
|
* |aReason| should be a statically-allocated C string naming the reason we're
|
|
* invoking JavaScript code: "setTimeout", "event", and so on. The devtools use
|
|
* these strings to label JS execution in timeline and profiling displays.
|
|
*/
|
|
class MOZ_STACK_CLASS AutoEntryScript : public AutoJSAPI,
|
|
protected ScriptSettingsStackEntry {
|
|
public:
|
|
AutoEntryScript(nsIGlobalObject* aGlobalObject,
|
|
const char *aReason,
|
|
bool aIsMainThread = NS_IsMainThread(),
|
|
// Note: aCx is mandatory off-main-thread.
|
|
JSContext* aCx = nullptr);
|
|
|
|
AutoEntryScript(JSObject* aObject, // Any object from the relevant global
|
|
const char *aReason,
|
|
bool aIsMainThread = NS_IsMainThread(),
|
|
// Note: aCx is mandatory off-main-thread.
|
|
JSContext* aCx = nullptr);
|
|
|
|
~AutoEntryScript();
|
|
|
|
void SetWebIDLCallerPrincipal(nsIPrincipal *aPrincipal) {
|
|
mWebIDLCallerPrincipal = aPrincipal;
|
|
}
|
|
|
|
private:
|
|
// A subclass of AutoEntryMonitor that notifies the docshell.
|
|
class DocshellEntryMonitor : public JS::dbg::AutoEntryMonitor
|
|
{
|
|
public:
|
|
DocshellEntryMonitor(JSContext* aCx, const char* aReason);
|
|
|
|
void Entry(JSContext* aCx, JSFunction* aFunction,
|
|
JS::Handle<JS::Value> aAsyncStack,
|
|
JS::Handle<JSString*> aAsyncCause) override
|
|
{
|
|
Entry(aCx, aFunction, nullptr, aAsyncStack, aAsyncCause);
|
|
}
|
|
|
|
void Entry(JSContext* aCx, JSScript* aScript,
|
|
JS::Handle<JS::Value> aAsyncStack,
|
|
JS::Handle<JSString*> aAsyncCause) override
|
|
{
|
|
Entry(aCx, nullptr, aScript, aAsyncStack, aAsyncCause);
|
|
}
|
|
|
|
void Exit(JSContext* aCx) override;
|
|
|
|
private:
|
|
void Entry(JSContext* aCx, JSFunction* aFunction, JSScript* aScript,
|
|
JS::Handle<JS::Value> aAsyncStack,
|
|
JS::Handle<JSString*> aAsyncCause);
|
|
|
|
const char* mReason;
|
|
};
|
|
|
|
// It's safe to make this a weak pointer, since it's the subject principal
|
|
// when we go on the stack, so can't go away until after we're gone. In
|
|
// particular, this is only used from the CallSetup constructor, and only in
|
|
// the aIsJSImplementedWebIDL case. And in that case, the subject principal
|
|
// is the principal of the callee function that is part of the CallArgs just a
|
|
// bit up the stack, and which will outlive us. So we know the principal
|
|
// can't go away until then either.
|
|
nsIPrincipal* MOZ_NON_OWNING_REF mWebIDLCallerPrincipal;
|
|
friend nsIPrincipal* GetWebIDLCallerPrincipal();
|
|
|
|
Maybe<DocshellEntryMonitor> mDocShellEntryMonitor;
|
|
};
|
|
|
|
/*
|
|
* A class that can be used to force a particular incumbent script on the stack.
|
|
*/
|
|
class AutoIncumbentScript : protected ScriptSettingsStackEntry {
|
|
public:
|
|
explicit AutoIncumbentScript(nsIGlobalObject* aGlobalObject);
|
|
private:
|
|
JS::AutoHideScriptedCaller mCallerOverride;
|
|
};
|
|
|
|
/*
|
|
* A class to put the JS engine in an unusable state. The subject principal
|
|
* will become System, the information on the script settings stack is
|
|
* rendered inaccessible, and JSAPI may not be manipulated until the class is
|
|
* either popped or an AutoJSAPI instance is subsequently pushed.
|
|
*
|
|
* This class may not be instantiated if an exception is pending.
|
|
*/
|
|
class AutoNoJSAPI : protected ScriptSettingsStackEntry {
|
|
public:
|
|
explicit AutoNoJSAPI(bool aIsMainThread = NS_IsMainThread());
|
|
private:
|
|
mozilla::Maybe<danger::AutoCxPusher> mCxPusher;
|
|
};
|
|
|
|
} // namespace dom
|
|
|
|
/**
|
|
* Use AutoJSContext when you need a JS context on the stack but don't have one
|
|
* passed as a parameter. AutoJSContext will take care of finding the most
|
|
* appropriate JS context and release it when leaving the stack.
|
|
*/
|
|
class MOZ_RAII AutoJSContext {
|
|
public:
|
|
explicit AutoJSContext(MOZ_GUARD_OBJECT_NOTIFIER_ONLY_PARAM);
|
|
operator JSContext*() const;
|
|
|
|
protected:
|
|
explicit AutoJSContext(bool aSafe MOZ_GUARD_OBJECT_NOTIFIER_PARAM);
|
|
|
|
// We need this Init() method because we can't use delegating constructor for
|
|
// the moment. It is a C++11 feature and we do not require C++11 to be
|
|
// supported to be able to compile Gecko.
|
|
void Init(bool aSafe MOZ_GUARD_OBJECT_NOTIFIER_PARAM);
|
|
|
|
JSContext* mCx;
|
|
dom::AutoJSAPI mJSAPI;
|
|
MOZ_DECL_USE_GUARD_OBJECT_NOTIFIER
|
|
};
|
|
|
|
/**
|
|
* Use ThreadsafeAutoJSContext when you want an AutoJSContext but might be
|
|
* running on a worker thread.
|
|
*/
|
|
class MOZ_RAII ThreadsafeAutoJSContext {
|
|
public:
|
|
explicit ThreadsafeAutoJSContext(MOZ_GUARD_OBJECT_NOTIFIER_ONLY_PARAM);
|
|
operator JSContext*() const;
|
|
|
|
private:
|
|
JSContext* mCx; // Used on workers. Null means mainthread.
|
|
Maybe<JSAutoRequest> mRequest; // Used on workers.
|
|
Maybe<AutoJSContext> mAutoJSContext; // Used on main thread.
|
|
MOZ_DECL_USE_GUARD_OBJECT_NOTIFIER
|
|
};
|
|
|
|
/**
|
|
* AutoSafeJSContext is similar to AutoJSContext but will only return the safe
|
|
* JS context. That means it will never call nsContentUtils::GetCurrentJSContext().
|
|
*
|
|
* Note - This is deprecated. Please use AutoJSAPI instead.
|
|
*/
|
|
class MOZ_RAII AutoSafeJSContext : public AutoJSContext {
|
|
public:
|
|
explicit AutoSafeJSContext(MOZ_GUARD_OBJECT_NOTIFIER_ONLY_PARAM);
|
|
private:
|
|
JSAutoCompartment mAc;
|
|
};
|
|
|
|
/**
|
|
* Like AutoSafeJSContext but can be used safely on worker threads.
|
|
*/
|
|
class MOZ_RAII ThreadsafeAutoSafeJSContext {
|
|
public:
|
|
explicit ThreadsafeAutoSafeJSContext(MOZ_GUARD_OBJECT_NOTIFIER_ONLY_PARAM);
|
|
operator JSContext*() const;
|
|
|
|
private:
|
|
JSContext* mCx; // Used on workers. Null means mainthread.
|
|
Maybe<JSAutoRequest> mRequest; // Used on workers.
|
|
Maybe<AutoSafeJSContext> mAutoSafeJSContext; // Used on main thread.
|
|
MOZ_DECL_USE_GUARD_OBJECT_NOTIFIER
|
|
};
|
|
|
|
|
|
} // namespace mozilla
|
|
|
|
#endif // mozilla_dom_ScriptSettings_h
|