1/*
2 * Copyright (C) 2011 Google Inc. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are
6 * met:
7 *
8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above
11 * copyright notice, this list of conditions and the following disclaimer
12 * in the documentation and/or other materials provided with the
13 * distribution.
14 * * Neither the name of Google Inc. nor the names of its
15 * contributors may be used to endorse or promote products derived from
16 * this software without specific prior written permission.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 */
30
31#include "config.h"
32#include "JSPopStateEvent.h"
33
34#include "DOMWrapperWorld.h"
35#include "JSHistory.h"
36#include <JavaScriptCore/HeapInlines.h>
37#include <JavaScriptCore/JSCJSValueInlines.h>
38
39namespace WebCore {
40using namespace JSC;
41
42JSValue JSPopStateEvent::state(ExecState& state) const
43{
44 if (m_state) {
45 // We cannot use a cached object if we are in a different world than the one it was created in.
46 if (isWorldCompatible(state, m_state.get()))
47 return m_state.get();
48 ASSERT_NOT_REACHED();
49 }
50
51 // Save the state value to the m_state member of a JSPopStateEvent, and return it, for convenience.
52 auto cacheState = [&state, this] (JSC::JSValue eventState) {
53 m_state.set(state.vm(), this, eventState);
54 return eventState;
55 };
56
57 PopStateEvent& event = wrapped();
58
59 if (JSC::JSValue eventState = event.state()) {
60 // We need to make sure a PopStateEvent does not leak objects in its state property across isolated DOM worlds.
61 // Ideally, we would check that the worlds have different privileges but that's not possible yet.
62 if (!isWorldCompatible(state, eventState)) {
63 if (auto serializedValue = event.trySerializeState(state))
64 eventState = serializedValue->deserialize(state, globalObject());
65 else
66 eventState = jsNull();
67 }
68 return cacheState(eventState);
69 }
70
71 History* history = event.history();
72 if (!history || !event.serializedState())
73 return cacheState(jsNull());
74
75 // There's no cached value from a previous invocation, nor a state value was provided by the
76 // event, but there is a history object, so first we need to see if the state object has been
77 // deserialized through the history object already.
78 // The current history state object might've changed in the meantime, so we need to take care
79 // of using the correct one, and always share the same deserialization with history.state.
80
81 bool isSameState = history->isSameAsCurrentState(event.serializedState());
82 JSValue result;
83
84 if (isSameState) {
85 JSHistory* jsHistory = jsCast<JSHistory*>(toJS(&state, globalObject(), *history).asCell());
86 result = jsHistory->state(state);
87 } else
88 result = event.serializedState()->deserialize(state, globalObject());
89
90 return cacheState(result);
91}
92
93void JSPopStateEvent::visitAdditionalChildren(JSC::SlotVisitor& visitor)
94{
95 wrapped().state().visit(visitor);
96}
97
98} // namespace WebCore
99