diff options
| author | fqian@google.com <fqian@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-12-06 01:09:45 +0000 |
|---|---|---|
| committer | fqian@google.com <fqian@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-12-06 01:09:45 +0000 |
| commit | fe844b527a6a8409d09dcf1960a2af1f65465f51 (patch) | |
| tree | 040653be9a5630351606c6af752cdb4c0fb379c7 /webkit/port/bindings/v8/v8_proxy.h | |
| parent | e205cbad92cbb4de9ca696078edab113c876366c (diff) | |
| download | chromium_src-fe844b527a6a8409d09dcf1960a2af1f65465f51.zip chromium_src-fe844b527a6a8409d09dcf1960a2af1f65465f51.tar.gz chromium_src-fe844b527a6a8409d09dcf1960a2af1f65465f51.tar.bz2 | |
This is a cleaned up fix of Christian's original patch in
http://codereview.chromium.org/13176
I cleaned it a bit so it does not leak memory. There is a corner case that
can crash a test, so I have to make a workaround.
Review URL: http://codereview.chromium.org/13224
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@6472 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'webkit/port/bindings/v8/v8_proxy.h')
| -rw-r--r-- | webkit/port/bindings/v8/v8_proxy.h | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/webkit/port/bindings/v8/v8_proxy.h b/webkit/port/bindings/v8/v8_proxy.h index 4450dcc..91792b3 100644 --- a/webkit/port/bindings/v8/v8_proxy.h +++ b/webkit/port/bindings/v8/v8_proxy.h @@ -238,6 +238,9 @@ class V8Proxy { int argc, v8::Handle<v8::Value> argv[]); + // Returns the dom constructor function for the given node type. + v8::Local<v8::Function> GetConstructor(V8ClassIndex::V8WrapperType type); + // Returns the window object of the currently executing context. static DOMWindow* retrieveWindow(); // Returns the window object associated with a context. @@ -432,6 +435,8 @@ class V8Proxy { void SetSecurityToken(); void ClearDocumentWrapper(); void UpdateDocumentWrapper(v8::Handle<v8::Value> wrapper); + // Dispose global handles of m_contexts and friends. + void DisposeContext(); static bool CanAccessPrivate(DOMWindow* target); @@ -512,9 +517,25 @@ class V8Proxy { } Frame* m_frame; + v8::Persistent<v8::Context> m_context; + // DOM constructors are cached per context. A DOM constructor is a function + // instance created from a DOM constructor template. There is one instance + // per context. A DOM constructor is different from a normal function in + // two ways: 1) it cannot be called as constructor (aka, used to create + // a DOM object); 2) its __proto__ points to Object.prototype rather than + // Function.prototype. The reason for 2) is that, in Safari, a DOM constructor + // is a normal JS object, but not a function. Hotmail relies on the fact + // that, in Safari, HTMLElement.__proto__ == Object.prototype. + // + // m_object_prototype is a cache of the original Object.prototype. + // + // Both handles must be disposed when the context is disposed. Otherwise, + // it can keep all objects alive. + v8::Persistent<v8::Array> m_dom_constructor_cache; + v8::Persistent<v8::Value> m_object_prototype; + v8::Persistent<v8::Object> m_global; - v8::Persistent<v8::Value> m_document; // Utility context holding JavaScript functions used internally. |