From ae7b96991c7c4c2918ec8a42bbedb290fadf63ff Mon Sep 17 00:00:00 2001
From: Hugo Mano <hugo@hugomano.com>
Date: Wed, 15 Nov 2017 11:14:41 +0100
Subject: [PATCH] Add webFrame.setIsolatedWorldSecurityOrigin
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Move vector to cc file

Map executed javascript in isolated world to url

Some 💅

Documentation

Use WebSource[] as argument in executeJavaScriptInIsolatedWorld

Refactor and lint with @poiru’s comments

Remove duplicate call

Typo

Lint
---
 atom/renderer/api/atom_api_web_frame.cc | 40 +++++++++++++++++++++----
 atom/renderer/api/atom_api_web_frame.h  | 19 +++++++-----
 docs/api/structures/web-source.md       |  5 ++++
 docs/api/web-frame.md                   | 31 +++++++++++++++++++
 4 files changed, 82 insertions(+), 13 deletions(-)
 create mode 100644 docs/api/structures/web-source.md

diff --git a/atom/renderer/api/atom_api_web_frame.cc b/atom/renderer/api/atom_api_web_frame.cc
index be4b5f215c75..8eed9985b074 100644
--- a/atom/renderer/api/atom_api_web_frame.cc
+++ b/atom/renderer/api/atom_api_web_frame.cc
@@ -33,7 +33,7 @@ namespace mate {
 template <>
 struct Converter<blink::WebLocalFrame::ScriptExecutionType> {
   static bool FromV8(v8::Isolate* isolate,
-                     v8::Handle<v8::Value> val,
+                     v8::Local<v8::Value> val,
                      blink::WebLocalFrame::ScriptExecutionType* out) {
     std::string execution_type;
     if (!ConvertFromV8(isolate, val, &execution_type))
@@ -51,6 +51,7 @@ struct Converter<blink::WebLocalFrame::ScriptExecutionType> {
     return true;
   }
 };
+
 }  // namespace mate
 
 namespace atom {
@@ -251,17 +252,34 @@ void WebFrame::ExecuteJavaScript(const base::string16& code,
       callback.release());
 }
 
-void WebFrame::ExecuteJavaScriptInIsolatedWorld(int world_id,
-                                                const base::string16& code,
-                                                mate::Arguments* args) {
+void WebFrame::ExecuteJavaScriptInIsolatedWorld(
+  int world_id,
+  const std::vector<mate::Dictionary>& scripts,
+  mate::Arguments* args) {
   std::vector<blink::WebScriptSource> sources;
-  sources.push_back(blink::WebScriptSource(blink::WebString::FromUTF16(code)));
+
+  for (const auto& script : scripts) {
+    base::string16 code;
+    base::string16 url;
+    int start_line = 1;
+    script.Get("url", &url);
+    script.Get("startLine", &start_line);
+
+    if (!script.Get("code", &code)) {
+      args->ThrowError("Invalid 'code'");
+      return;
+    }
+
+    sources.emplace_back(blink::WebScriptSource(
+            blink::WebString::FromUTF16(code),
+            blink::WebURL(GURL(url)), start_line));
+  }
 
   bool has_user_gesture = false;
   args->GetNext(&has_user_gesture);
 
   blink::WebLocalFrame::ScriptExecutionType scriptExecutionType =
-      blink::WebLocalFrame::kSynchronous;
+    blink::WebLocalFrame::kSynchronous;
   args->GetNext(&scriptExecutionType);
 
   ScriptExecutionCallback::CompletionCallback completion_callback;
@@ -274,6 +292,14 @@ void WebFrame::ExecuteJavaScriptInIsolatedWorld(int world_id,
       scriptExecutionType, callback.release());
 }
 
+void WebFrame::SetIsolatedWorldSecurityOrigin(int world_id,
+  const std::string& origin_url) {
+    web_frame_->SetIsolatedWorldSecurityOrigin(
+      world_id,
+      blink::WebSecurityOrigin::CreateFromString(
+        blink::WebString::FromUTF8(origin_url)));
+}
+
 void WebFrame::SetIsolatedWorldContentSecurityPolicy(int world_id,
   const std::string& security_policy) {
   web_frame_->SetIsolatedWorldContentSecurityPolicy(
@@ -337,6 +363,8 @@ void WebFrame::BuildPrototype(
       .SetMethod("executeJavaScript", &WebFrame::ExecuteJavaScript)
       .SetMethod("executeJavaScriptInIsolatedWorld",
                  &WebFrame::ExecuteJavaScriptInIsolatedWorld)
+      .SetMethod("setIsolatedWorldSecurityOrigin",
+                 &WebFrame::SetIsolatedWorldSecurityOrigin)
       .SetMethod("setIsolatedWorldContentSecurityPolicy",
                  &WebFrame::SetIsolatedWorldContentSecurityPolicy)
       .SetMethod("setIsolatedWorldHumanReadableName",
diff --git a/atom/renderer/api/atom_api_web_frame.h b/atom/renderer/api/atom_api_web_frame.h
index 0c3cb414cfb5..7abf870e7ae4 100644
--- a/atom/renderer/api/atom_api_web_frame.h
+++ b/atom/renderer/api/atom_api_web_frame.h
@@ -19,6 +19,7 @@ class WebLocalFrame;
 }
 
 namespace mate {
+class Dictionary;
 class Arguments;
 }
 
@@ -72,15 +73,19 @@ class WebFrame : public mate::Wrappable<WebFrame> {
   void InsertText(const std::string& text);
   void InsertCSS(const std::string& css);
 
-  // Excecuting scripts.
+  // Executing scripts.
   void ExecuteJavaScript(const base::string16& code, mate::Arguments* args);
-  void ExecuteJavaScriptInIsolatedWorld(int world_id,
-                                        const base::string16& code,
-                                        mate::Arguments* args);
-
-  void SetIsolatedWorldContentSecurityPolicy(int world_id,
-                                             const std::string& security_policy);
+  void ExecuteJavaScriptInIsolatedWorld(
+      int world_id,
+      const std::vector<mate::Dictionary>& scripts,
+      mate::Arguments* args);
 
+  // Isolated world related methods
+  void SetIsolatedWorldSecurityOrigin(int world_id,
+                                      const std::string& origin_url);
+  void SetIsolatedWorldContentSecurityPolicy(
+      int world_id,
+      const std::string& security_policy);
   void SetIsolatedWorldHumanReadableName(int world_id,
                                          const std::string& name);
 
diff --git a/docs/api/structures/web-source.md b/docs/api/structures/web-source.md
new file mode 100644
index 000000000000..240cb265acd3
--- /dev/null
+++ b/docs/api/structures/web-source.md
@@ -0,0 +1,5 @@
+# WebSource Object
+
+* `code` String
+* `url` String (optional)
+* `startLine` Integer (optional) - Default is 1.
\ No newline at end of file
diff --git a/docs/api/web-frame.md b/docs/api/web-frame.md
index 7c938ac792dd..577b45f35a60 100644
--- a/docs/api/web-frame.md
+++ b/docs/api/web-frame.md
@@ -145,6 +145,37 @@ In the browser window some HTML APIs like `requestFullScreen` can only be
 invoked by a gesture from the user. Setting `userGesture` to `true` will remove
 this limitation.
 
+### `webFrame.executeJavaScriptInIsolatedWorld(worldId, scripts[, userGesture, callback])`
+
+* `worldId` Integer
+* `scripts` [WebSource[]](structures/web-source.md)
+* `userGesture` Boolean (optional) - Default is `false`.
+* `callback` Function (optional) - Called after script has been executed.
+  * `result` Any
+
+Work like `executeJavaScript` but evaluates `scripts` in isolated context.
+
+### `webFrame.setIsolatedWorldContentSecurityPolicy(worldId, csp)`
+
+* `worldId` Integer
+* `csp` String
+
+Set the content security policy of the isolated world.
+
+### `webFrame.setIsolatedWorldHumanReadableName(worldId, name)`
+
+* `worldId` Integer
+* `name` String
+
+Set the name of the isolated world. Useful in devtools.
+
+### `webFrame.setIsolatedWorldSecurityOrigin(worldId, securityOrigin)`
+
+* `worldId` Integer
+* `securityOrigin` String
+
+Set the security origin of the isolated world.
+
 ### `webFrame.getResourceUsage()`
 
 Returns `Object`: