Web Inspector: breakpoint actions should work regardless of Content Security Policy
https://bugs.webkit.org/show_bug.cgi?id=136542
Patch by Matt Baker <Matt Baker> on 2014-09-05
Reviewed by Mark Lam.
Source/JavaScriptCore:
Added JSC::DebuggerEvalEnabler, an RAII object which enables eval on a
JSGlobalObject for the duration of a scope, returning the eval enabled state to its
original value when the scope exits. Used by JSC::DebuggerCallFrame::evaluate
to allow breakpoint actions to execute JS in pages with a Content Security Policy
that would normally prohibit this (such as Inspector's Main.html).
Refactored Inspector::InjectedScriptBase to use the RAII object instead of manually
setting eval enabled and then resetting the original eval enabled state.
NOTE: The JS::DebuggerEvalEnabler constructor checks the passed in ExecState pointer
for null to be equivalent with the original code in Inspector::InjectedScriptBase.
InjectedScriptBase is getting the ExecState from ScriptObject::scriptState(), which
can currently be null.
(JSC::DebuggerCallFrame::evaluate):
- debugger/DebuggerEvalEnabler.h: Added.
(JSC::DebuggerEvalEnabler::DebuggerEvalEnabler):
(JSC::DebuggerEvalEnabler::~DebuggerEvalEnabler):
- inspector/InjectedScriptBase.cpp:
(Inspector::InjectedScriptBase::callFunctionWithEvalEnabled):
LayoutTests:
Added test for "Evaluate JavaScript" breakpoint actions for breakpoints set on
pages with a CSP that does not allow 'unsafe-eval'.
- inspector/debugger/breakpoint-action-eval-expected.txt: Added.
- inspector/debugger/breakpoint-action-eval.html: Added.
