1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7 // Microsoft's API Name hackery sucks
8 #undef CreateEvent
9
10 #include "mozilla/BasicEvents.h"
11 #include "mozilla/CycleCollectedJSRuntime.h"
12 #include "mozilla/DOMEventTargetHelper.h"
13 #include "mozilla/EventDispatcher.h"
14 #include "mozilla/EventListenerManager.h"
15 #include "mozilla/HalSensor.h"
16 #include "mozilla/InternalMutationEvent.h"
17 #include "mozilla/JSEventHandler.h"
18 #include "mozilla/Maybe.h"
19 #include "mozilla/MemoryReporting.h"
20 #include "mozilla/Preferences.h"
21 #include "mozilla/PresShell.h"
22 #include "mozilla/dom/BindingUtils.h"
23 #include "mozilla/dom/EventCallbackDebuggerNotification.h"
24 #include "mozilla/dom/Element.h"
25 #include "mozilla/dom/Event.h"
26 #include "mozilla/dom/EventTargetBinding.h"
27 #include "mozilla/dom/LoadedScript.h"
28 #include "mozilla/dom/PopupBlocker.h"
29 #include "mozilla/dom/ScriptLoader.h"
30 #include "mozilla/dom/ScriptSettings.h"
31 #include "mozilla/dom/TouchEvent.h"
32 #include "mozilla/dom/UserActivation.h"
33 #include "mozilla/TimelineConsumers.h"
34 #include "mozilla/EventTimelineMarker.h"
35 #include "mozilla/TimeStamp.h"
36
37 #include "EventListenerService.h"
38 #include "nsCOMPtr.h"
39 #include "nsContentUtils.h"
40 #include "nsDOMCID.h"
41 #include "nsError.h"
42 #include "nsGkAtoms.h"
43 #include "nsIContent.h"
44 #include "nsIContentSecurityPolicy.h"
45 #include "mozilla/dom/Document.h"
46 #include "nsIScriptGlobalObject.h"
47 #include "nsISupports.h"
48 #include "nsJSUtils.h"
49 #include "nsNameSpaceManager.h"
50 #include "nsPIDOMWindow.h"
51 #include "nsSandboxFlags.h"
52 #include "xpcpublic.h"
53 #include "nsIFrame.h"
54 #include "nsDisplayList.h"
55
56 namespace mozilla {
57
58 using namespace dom;
59 using namespace hal;
60
61 #define EVENT_TYPE_EQUALS(ls, message, userType, allEvents) \
62 ((ls->mEventMessage == message && \
63 (ls->mEventMessage != eUnidentifiedEvent || ls->mTypeAtom == userType)) || \
64 (allEvents && ls->mAllEvents))
65
66 static const uint32_t kAllMutationBits =
67 NS_EVENT_BITS_MUTATION_SUBTREEMODIFIED |
68 NS_EVENT_BITS_MUTATION_NODEINSERTED | NS_EVENT_BITS_MUTATION_NODEREMOVED |
69 NS_EVENT_BITS_MUTATION_NODEREMOVEDFROMDOCUMENT |
70 NS_EVENT_BITS_MUTATION_NODEINSERTEDINTODOCUMENT |
71 NS_EVENT_BITS_MUTATION_ATTRMODIFIED |
72 NS_EVENT_BITS_MUTATION_CHARACTERDATAMODIFIED;
73
MutationBitForEventType(EventMessage aEventType)74 static uint32_t MutationBitForEventType(EventMessage aEventType) {
75 switch (aEventType) {
76 case eLegacySubtreeModified:
77 return NS_EVENT_BITS_MUTATION_SUBTREEMODIFIED;
78 case eLegacyNodeInserted:
79 return NS_EVENT_BITS_MUTATION_NODEINSERTED;
80 case eLegacyNodeRemoved:
81 return NS_EVENT_BITS_MUTATION_NODEREMOVED;
82 case eLegacyNodeRemovedFromDocument:
83 return NS_EVENT_BITS_MUTATION_NODEREMOVEDFROMDOCUMENT;
84 case eLegacyNodeInsertedIntoDocument:
85 return NS_EVENT_BITS_MUTATION_NODEINSERTEDINTODOCUMENT;
86 case eLegacyAttrModified:
87 return NS_EVENT_BITS_MUTATION_ATTRMODIFIED;
88 case eLegacyCharacterDataModified:
89 return NS_EVENT_BITS_MUTATION_CHARACTERDATAMODIFIED;
90 default:
91 break;
92 }
93 return 0;
94 }
95
96 uint32_t EventListenerManager::sMainThreadCreatedCount = 0;
97
EventListenerManagerBase()98 EventListenerManagerBase::EventListenerManagerBase()
99 : mNoListenerForEvent(eVoidEvent),
100 mMayHavePaintEventListener(false),
101 mMayHaveMutationListeners(false),
102 mMayHaveCapturingListeners(false),
103 mMayHaveSystemGroupListeners(false),
104 mMayHaveTouchEventListener(false),
105 mMayHaveMouseEnterLeaveEventListener(false),
106 mMayHavePointerEnterLeaveEventListener(false),
107 mMayHaveKeyEventListener(false),
108 mMayHaveInputOrCompositionEventListener(false),
109 mMayHaveSelectionChangeEventListener(false),
110 mClearingListeners(false),
111 mIsMainThreadELM(NS_IsMainThread()),
112 mHasNonPrivilegedClickListeners(false),
113 mUnknownNonPrivilegedClickListeners(false) {
114 static_assert(sizeof(EventListenerManagerBase) == sizeof(uint32_t),
115 "Keep the size of EventListenerManagerBase size compact!");
116 }
117
EventListenerManager(EventTarget * aTarget)118 EventListenerManager::EventListenerManager(EventTarget* aTarget)
119 : EventListenerManagerBase(), mTarget(aTarget) {
120 NS_ASSERTION(aTarget, "unexpected null pointer");
121
122 if (mIsMainThreadELM) {
123 ++sMainThreadCreatedCount;
124 }
125 }
126
~EventListenerManager()127 EventListenerManager::~EventListenerManager() {
128 // If your code fails this assertion, a possible reason is that
129 // a class did not call our Disconnect() manually. Note that
130 // this class can have Disconnect called in one of two ways:
131 // if it is part of a cycle, then in Unlink() (such a cycle
132 // would be with one of the listeners, not mTarget which is weak).
133 // If not part of a cycle, then Disconnect must be called manually,
134 // typically from the destructor of the owner class (mTarget).
135 // XXX azakai: Is there any reason to not just call Disconnect
136 // from right here, if not previously called?
137 NS_ASSERTION(!mTarget, "didn't call Disconnect");
138 RemoveAllListenersSilently();
139 }
140
RemoveAllListenersSilently()141 void EventListenerManager::RemoveAllListenersSilently() {
142 if (mClearingListeners) {
143 return;
144 }
145 mClearingListeners = true;
146 mListeners.Clear();
147 mClearingListeners = false;
148 }
149
NS_IMPL_CYCLE_COLLECTION_ROOT_NATIVE(EventListenerManager,AddRef)150 NS_IMPL_CYCLE_COLLECTION_ROOT_NATIVE(EventListenerManager, AddRef)
151 NS_IMPL_CYCLE_COLLECTION_UNROOT_NATIVE(EventListenerManager, Release)
152
153 inline void ImplCycleCollectionTraverse(
154 nsCycleCollectionTraversalCallback& aCallback,
155 EventListenerManager::Listener& aField, const char* aName,
156 unsigned aFlags) {
157 if (MOZ_UNLIKELY(aCallback.WantDebugInfo())) {
158 nsAutoCString name;
159 name.AppendASCII(aName);
160 if (aField.mTypeAtom) {
161 name.AppendLiteral(" event=");
162 name.Append(nsAtomCString(aField.mTypeAtom));
163 name.AppendLiteral(" listenerType=");
164 name.AppendInt(aField.mListenerType);
165 name.AppendLiteral(" ");
166 }
167 CycleCollectionNoteChild(aCallback, aField.mListener.GetISupports(),
168 name.get(), aFlags);
169 } else {
170 CycleCollectionNoteChild(aCallback, aField.mListener.GetISupports(), aName,
171 aFlags);
172 }
173 }
174
175 NS_IMPL_CYCLE_COLLECTION_CLASS(EventListenerManager)
176
177 NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN(EventListenerManager)
178 NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mListeners)
179 NS_IMPL_CYCLE_COLLECTION_TRAVERSE_END
180
181 NS_IMPL_CYCLE_COLLECTION_UNLINK_BEGIN(EventListenerManager)
182 tmp->Disconnect();
183 NS_IMPL_CYCLE_COLLECTION_UNLINK_END
184
GetInnerWindowForTarget()185 nsPIDOMWindowInner* EventListenerManager::GetInnerWindowForTarget() {
186 nsCOMPtr<nsINode> node = do_QueryInterface(mTarget);
187 if (node) {
188 // XXX sXBL/XBL2 issue -- do we really want the owner here? What
189 // if that's the XBL document?
190 return node->OwnerDoc()->GetInnerWindow();
191 }
192
193 nsCOMPtr<nsPIDOMWindowInner> window = GetTargetAsInnerWindow();
194 return window;
195 }
196
197 already_AddRefed<nsPIDOMWindowInner>
GetTargetAsInnerWindow() const198 EventListenerManager::GetTargetAsInnerWindow() const {
199 nsCOMPtr<nsPIDOMWindowInner> window = do_QueryInterface(mTarget);
200 return window.forget();
201 }
202
AddEventListenerInternal(EventListenerHolder aListenerHolder,EventMessage aEventMessage,nsAtom * aTypeAtom,const EventListenerFlags & aFlags,bool aHandler,bool aAllEvents)203 void EventListenerManager::AddEventListenerInternal(
204 EventListenerHolder aListenerHolder, EventMessage aEventMessage,
205 nsAtom* aTypeAtom, const EventListenerFlags& aFlags, bool aHandler,
206 bool aAllEvents) {
207 MOZ_ASSERT((aEventMessage && aTypeAtom) || aAllEvents, // all-events listener
208 "Missing type");
209
210 if (!aListenerHolder || mClearingListeners) {
211 return;
212 }
213
214 // Since there is no public API to call us with an EventListenerHolder, we
215 // know that there's an EventListenerHolder on the stack holding a strong ref
216 // to the listener.
217
218 Listener* listener;
219 uint32_t count = mListeners.Length();
220 for (uint32_t i = 0; i < count; i++) {
221 listener = &mListeners.ElementAt(i);
222 // mListener == aListenerHolder is the last one, since it can be a bit slow.
223 if (listener->mListenerIsHandler == aHandler &&
224 listener->mFlags.EqualsForAddition(aFlags) &&
225 EVENT_TYPE_EQUALS(listener, aEventMessage, aTypeAtom, aAllEvents) &&
226 listener->mListener == aListenerHolder) {
227 return;
228 }
229 }
230
231 mNoListenerForEvent = eVoidEvent;
232 mNoListenerForEventAtom = nullptr;
233
234 listener =
235 aAllEvents ? mListeners.InsertElementAt(0) : mListeners.AppendElement();
236 listener->mEventMessage = aEventMessage;
237 listener->mTypeAtom = aTypeAtom;
238 listener->mFlags = aFlags;
239 listener->mListenerIsHandler = aHandler;
240 listener->mHandlerIsString = false;
241 listener->mAllEvents = aAllEvents;
242 listener->mIsChrome =
243 mIsMainThreadELM && nsContentUtils::LegacyIsCallerChromeOrNativeCode();
244
245 // Detect the type of event listener.
246 if (aFlags.mListenerIsJSListener) {
247 MOZ_ASSERT(!aListenerHolder.HasWebIDLCallback());
248 listener->mListenerType = Listener::eJSEventListener;
249 } else if (aListenerHolder.HasWebIDLCallback()) {
250 listener->mListenerType = Listener::eWebIDLListener;
251 } else {
252 listener->mListenerType = Listener::eNativeListener;
253 }
254 listener->mListener = std::move(aListenerHolder);
255
256 if (aFlags.mInSystemGroup) {
257 mMayHaveSystemGroupListeners = true;
258 }
259 if (aFlags.mCapture) {
260 mMayHaveCapturingListeners = true;
261 }
262
263 if (aEventMessage == eAfterPaint) {
264 mMayHavePaintEventListener = true;
265 if (nsPIDOMWindowInner* window = GetInnerWindowForTarget()) {
266 window->SetHasPaintEventListeners();
267 }
268 } else if (aEventMessage >= eLegacyMutationEventFirst &&
269 aEventMessage <= eLegacyMutationEventLast) {
270 // For mutation listeners, we need to update the global bit on the DOM
271 // window. Otherwise we won't actually fire the mutation event.
272 mMayHaveMutationListeners = true;
273 // Go from our target to the nearest enclosing DOM window.
274 if (nsPIDOMWindowInner* window = GetInnerWindowForTarget()) {
275 nsCOMPtr<Document> doc = window->GetExtantDoc();
276 if (doc &&
277 !(aFlags.mInSystemGroup &&
278 doc->DontWarnAboutMutationEventsAndAllowSlowDOMMutations())) {
279 doc->WarnOnceAbout(Document::eMutationEvent);
280 }
281 // If aEventMessage is eLegacySubtreeModified, we need to listen all
282 // mutations. nsContentUtils::HasMutationListeners relies on this.
283 window->SetMutationListeners(
284 (aEventMessage == eLegacySubtreeModified)
285 ? kAllMutationBits
286 : MutationBitForEventType(aEventMessage));
287 }
288 } else if (aTypeAtom == nsGkAtoms::ondeviceorientation) {
289 EnableDevice(eDeviceOrientation);
290 } else if (aTypeAtom == nsGkAtoms::onabsolutedeviceorientation) {
291 EnableDevice(eAbsoluteDeviceOrientation);
292 } else if (aTypeAtom == nsGkAtoms::ondeviceproximity ||
293 aTypeAtom == nsGkAtoms::onuserproximity) {
294 EnableDevice(eDeviceProximity);
295 } else if (aTypeAtom == nsGkAtoms::ondevicelight) {
296 EnableDevice(eDeviceLight);
297 } else if (aTypeAtom == nsGkAtoms::ondevicemotion) {
298 EnableDevice(eDeviceMotion);
299 #if defined(MOZ_WIDGET_ANDROID)
300 } else if (aTypeAtom == nsGkAtoms::onorientationchange) {
301 EnableDevice(eOrientationChange);
302 #endif
303 } else if (aTypeAtom == nsGkAtoms::ontouchstart ||
304 aTypeAtom == nsGkAtoms::ontouchend ||
305 aTypeAtom == nsGkAtoms::ontouchmove ||
306 aTypeAtom == nsGkAtoms::ontouchcancel) {
307 mMayHaveTouchEventListener = true;
308 nsPIDOMWindowInner* window = GetInnerWindowForTarget();
309 // we don't want touchevent listeners added by scrollbars to flip this flag
310 // so we ignore listeners created with system event flag
311 if (window && !aFlags.mInSystemGroup) {
312 window->SetHasTouchEventListeners();
313 }
314 } else if (aEventMessage >= ePointerEventFirst &&
315 aEventMessage <= ePointerEventLast) {
316 nsPIDOMWindowInner* window = GetInnerWindowForTarget();
317 if (aTypeAtom == nsGkAtoms::onpointerenter ||
318 aTypeAtom == nsGkAtoms::onpointerleave) {
319 mMayHavePointerEnterLeaveEventListener = true;
320 if (window) {
321 #ifdef DEBUG
322 nsCOMPtr<Document> d = window->GetExtantDoc();
323 NS_WARNING_ASSERTION(
324 !nsContentUtils::IsChromeDoc(d),
325 "Please do not use pointerenter/leave events in chrome. "
326 "They are slower than pointerover/out!");
327 #endif
328 window->SetHasPointerEnterLeaveEventListeners();
329 }
330 }
331 } else if (aTypeAtom == nsGkAtoms::onmouseenter ||
332 aTypeAtom == nsGkAtoms::onmouseleave) {
333 mMayHaveMouseEnterLeaveEventListener = true;
334 if (nsPIDOMWindowInner* window = GetInnerWindowForTarget()) {
335 #ifdef DEBUG
336 nsCOMPtr<Document> d = window->GetExtantDoc();
337 NS_WARNING_ASSERTION(
338 !nsContentUtils::IsChromeDoc(d),
339 "Please do not use mouseenter/leave events in chrome. "
340 "They are slower than mouseover/out!");
341 #endif
342 window->SetHasMouseEnterLeaveEventListeners();
343 }
344 } else if (aEventMessage >= eGamepadEventFirst &&
345 aEventMessage <= eGamepadEventLast) {
346 if (nsPIDOMWindowInner* window = GetInnerWindowForTarget()) {
347 window->SetHasGamepadEventListener();
348 }
349 } else if (aTypeAtom == nsGkAtoms::onkeydown ||
350 aTypeAtom == nsGkAtoms::onkeypress ||
351 aTypeAtom == nsGkAtoms::onkeyup) {
352 if (!aFlags.mInSystemGroup) {
353 mMayHaveKeyEventListener = true;
354 }
355 } else if (aTypeAtom == nsGkAtoms::oncompositionend ||
356 aTypeAtom == nsGkAtoms::oncompositionstart ||
357 aTypeAtom == nsGkAtoms::oncompositionupdate ||
358 aTypeAtom == nsGkAtoms::oninput) {
359 if (!aFlags.mInSystemGroup) {
360 mMayHaveInputOrCompositionEventListener = true;
361 }
362 } else if (aEventMessage == eSelectionChange) {
363 mMayHaveSelectionChangeEventListener = true;
364 if (nsPIDOMWindowInner* window = GetInnerWindowForTarget()) {
365 window->SetHasSelectionChangeEventListeners();
366 }
367 } else if (aTypeAtom == nsGkAtoms::onstart) {
368 if (nsPIDOMWindowInner* window = GetInnerWindowForTarget()) {
369 if (Document* doc = window->GetExtantDoc()) {
370 doc->SetUseCounter(eUseCounter_custom_onstart);
371 }
372 }
373 } else if (aTypeAtom == nsGkAtoms::onbounce) {
374 if (nsPIDOMWindowInner* window = GetInnerWindowForTarget()) {
375 if (Document* doc = window->GetExtantDoc()) {
376 doc->SetUseCounter(eUseCounter_custom_onbounce);
377 }
378 }
379 } else if (aTypeAtom == nsGkAtoms::onfinish) {
380 if (nsPIDOMWindowInner* window = GetInnerWindowForTarget()) {
381 if (Document* doc = window->GetExtantDoc()) {
382 doc->SetUseCounter(eUseCounter_custom_onfinish);
383 }
384 }
385 } else if (aTypeAtom == nsGkAtoms::ontext) {
386 // Ignore event listeners in the system group since editor needs to
387 // listen "text" events in the system group.
388 if (!aFlags.mInSystemGroup) {
389 if (nsPIDOMWindowInner* window = GetInnerWindowForTarget()) {
390 window->SetHasTextEventListenerInDefaultGroup();
391 }
392 }
393 }
394
395 if (IsApzAwareListener(listener)) {
396 ProcessApzAwareEventListenerAdd();
397 }
398
399 if (mTarget) {
400 mTarget->EventListenerAdded(aTypeAtom);
401 }
402
403 if (mIsMainThreadELM && mTarget) {
404 EventListenerService::NotifyAboutMainThreadListenerChange(mTarget,
405 aTypeAtom);
406 }
407
408 if (!mHasNonPrivilegedClickListeners || mUnknownNonPrivilegedClickListeners) {
409 if (IsNonChromeClickListener(listener)) {
410 mHasNonPrivilegedClickListeners = true;
411 mUnknownNonPrivilegedClickListeners = false;
412 }
413 }
414 }
415
ProcessApzAwareEventListenerAdd()416 void EventListenerManager::ProcessApzAwareEventListenerAdd() {
417 // Mark the node as having apz aware listeners
418 nsCOMPtr<nsINode> node = do_QueryInterface(mTarget);
419 if (node) {
420 node->SetMayBeApzAware();
421 }
422
423 // Schedule a paint so event regions on the layer tree gets updated
424 Document* doc = nullptr;
425 if (node) {
426 doc = node->OwnerDoc();
427 }
428 if (!doc) {
429 if (nsCOMPtr<nsPIDOMWindowInner> window = GetTargetAsInnerWindow()) {
430 doc = window->GetExtantDoc();
431 }
432 }
433 if (!doc) {
434 if (nsCOMPtr<DOMEventTargetHelper> helper = do_QueryInterface(mTarget)) {
435 if (nsPIDOMWindowInner* window = helper->GetOwner()) {
436 doc = window->GetExtantDoc();
437 }
438 }
439 }
440
441 if (doc && gfxPlatform::AsyncPanZoomEnabled()) {
442 PresShell* presShell = doc->GetPresShell();
443 if (presShell) {
444 nsIFrame* f = presShell->GetRootFrame();
445 if (f) {
446 f->SchedulePaint();
447 }
448 }
449 }
450 }
451
IsDeviceType(EventMessage aEventMessage)452 bool EventListenerManager::IsDeviceType(EventMessage aEventMessage) {
453 switch (aEventMessage) {
454 case eDeviceOrientation:
455 case eAbsoluteDeviceOrientation:
456 case eDeviceMotion:
457 case eDeviceLight:
458 case eDeviceProximity:
459 case eUserProximity:
460 #if defined(MOZ_WIDGET_ANDROID)
461 case eOrientationChange:
462 #endif
463 return true;
464 default:
465 break;
466 }
467 return false;
468 }
469
EnableDevice(EventMessage aEventMessage)470 void EventListenerManager::EnableDevice(EventMessage aEventMessage) {
471 nsCOMPtr<nsPIDOMWindowInner> window = GetTargetAsInnerWindow();
472 if (!window) {
473 return;
474 }
475
476 switch (aEventMessage) {
477 case eDeviceOrientation:
478 #ifdef MOZ_WIDGET_ANDROID
479 // Falls back to SENSOR_ROTATION_VECTOR and SENSOR_ORIENTATION if
480 // unavailable on device.
481 window->EnableDeviceSensor(SENSOR_GAME_ROTATION_VECTOR);
482 window->EnableDeviceSensor(SENSOR_ROTATION_VECTOR);
483 #else
484 window->EnableDeviceSensor(SENSOR_ORIENTATION);
485 #endif
486 break;
487 case eAbsoluteDeviceOrientation:
488 #ifdef MOZ_WIDGET_ANDROID
489 // Falls back to SENSOR_ORIENTATION if unavailable on device.
490 window->EnableDeviceSensor(SENSOR_ROTATION_VECTOR);
491 #else
492 window->EnableDeviceSensor(SENSOR_ORIENTATION);
493 #endif
494 break;
495 case eDeviceProximity:
496 case eUserProximity:
497 window->EnableDeviceSensor(SENSOR_PROXIMITY);
498 break;
499 case eDeviceLight:
500 window->EnableDeviceSensor(SENSOR_LIGHT);
501 break;
502 case eDeviceMotion:
503 window->EnableDeviceSensor(SENSOR_ACCELERATION);
504 window->EnableDeviceSensor(SENSOR_LINEAR_ACCELERATION);
505 window->EnableDeviceSensor(SENSOR_GYROSCOPE);
506 break;
507 #if defined(MOZ_WIDGET_ANDROID)
508 case eOrientationChange:
509 window->EnableOrientationChangeListener();
510 break;
511 #endif
512 default:
513 NS_WARNING("Enabling an unknown device sensor.");
514 break;
515 }
516 }
517
DisableDevice(EventMessage aEventMessage)518 void EventListenerManager::DisableDevice(EventMessage aEventMessage) {
519 nsCOMPtr<nsPIDOMWindowInner> window = GetTargetAsInnerWindow();
520 if (!window) {
521 return;
522 }
523
524 switch (aEventMessage) {
525 case eDeviceOrientation:
526 #ifdef MOZ_WIDGET_ANDROID
527 // Disable all potential fallback sensors.
528 window->DisableDeviceSensor(SENSOR_GAME_ROTATION_VECTOR);
529 window->DisableDeviceSensor(SENSOR_ROTATION_VECTOR);
530 #endif
531 window->DisableDeviceSensor(SENSOR_ORIENTATION);
532 break;
533 case eAbsoluteDeviceOrientation:
534 #ifdef MOZ_WIDGET_ANDROID
535 window->DisableDeviceSensor(SENSOR_ROTATION_VECTOR);
536 #endif
537 window->DisableDeviceSensor(SENSOR_ORIENTATION);
538 break;
539 case eDeviceMotion:
540 window->DisableDeviceSensor(SENSOR_ACCELERATION);
541 window->DisableDeviceSensor(SENSOR_LINEAR_ACCELERATION);
542 window->DisableDeviceSensor(SENSOR_GYROSCOPE);
543 break;
544 case eDeviceProximity:
545 case eUserProximity:
546 window->DisableDeviceSensor(SENSOR_PROXIMITY);
547 break;
548 case eDeviceLight:
549 window->DisableDeviceSensor(SENSOR_LIGHT);
550 break;
551 #if defined(MOZ_WIDGET_ANDROID)
552 case eOrientationChange:
553 window->DisableOrientationChangeListener();
554 break;
555 #endif
556 default:
557 NS_WARNING("Disabling an unknown device sensor.");
558 break;
559 }
560 }
561
NotifyEventListenerRemoved(nsAtom * aUserType)562 void EventListenerManager::NotifyEventListenerRemoved(nsAtom* aUserType) {
563 // If the following code is changed, other callsites of EventListenerRemoved
564 // and NotifyAboutMainThreadListenerChange should be changed too.
565 mNoListenerForEvent = eVoidEvent;
566 mNoListenerForEventAtom = nullptr;
567 if (mTarget) {
568 mTarget->EventListenerRemoved(aUserType);
569 }
570 if (mIsMainThreadELM && mTarget) {
571 EventListenerService::NotifyAboutMainThreadListenerChange(mTarget,
572 aUserType);
573 }
574 }
575
RemoveEventListenerInternal(EventListenerHolder aListenerHolder,EventMessage aEventMessage,nsAtom * aUserType,const EventListenerFlags & aFlags,bool aAllEvents)576 void EventListenerManager::RemoveEventListenerInternal(
577 EventListenerHolder aListenerHolder, EventMessage aEventMessage,
578 nsAtom* aUserType, const EventListenerFlags& aFlags, bool aAllEvents) {
579 if (!aListenerHolder || !aEventMessage || mClearingListeners) {
580 return;
581 }
582
583 Listener* listener;
584
585 uint32_t count = mListeners.Length();
586 bool deviceType = IsDeviceType(aEventMessage);
587
588 RefPtr<EventListenerManager> kungFuDeathGrip(this);
589
590 for (uint32_t i = 0; i < count; ++i) {
591 listener = &mListeners.ElementAt(i);
592 if (EVENT_TYPE_EQUALS(listener, aEventMessage, aUserType, aAllEvents)) {
593 if (listener->mListener == aListenerHolder &&
594 listener->mFlags.EqualsForRemoval(aFlags)) {
595 if (IsNonChromeClickListener(listener)) {
596 mUnknownNonPrivilegedClickListeners = true;
597 }
598 mListeners.RemoveElementAt(i);
599 NotifyEventListenerRemoved(aUserType);
600 if (!aAllEvents && deviceType) {
601 DisableDevice(aEventMessage);
602 }
603 return;
604 }
605 }
606 }
607 }
608
HasNonPrivilegedClickListeners()609 bool EventListenerManager::HasNonPrivilegedClickListeners() {
610 if (mUnknownNonPrivilegedClickListeners) {
611 Listener* listener;
612
613 mUnknownNonPrivilegedClickListeners = false;
614 for (uint32_t i = 0; i < mListeners.Length(); ++i) {
615 listener = &mListeners.ElementAt(i);
616 if (IsNonChromeClickListener(listener)) {
617 mHasNonPrivilegedClickListeners = true;
618 return mHasNonPrivilegedClickListeners;
619 }
620 }
621 mHasNonPrivilegedClickListeners = false;
622 }
623 return mHasNonPrivilegedClickListeners;
624 }
625
ListenerCanHandle(const Listener * aListener,const WidgetEvent * aEvent,EventMessage aEventMessage) const626 bool EventListenerManager::ListenerCanHandle(const Listener* aListener,
627 const WidgetEvent* aEvent,
628 EventMessage aEventMessage) const
629
630 {
631 MOZ_ASSERT(aEventMessage == aEvent->mMessage ||
632 aEventMessage == GetLegacyEventMessage(aEvent->mMessage),
633 "aEvent and aEventMessage should agree, modulo legacyness");
634
635 // The listener has been removed, it cannot handle anything.
636 if (aListener->mListenerType == Listener::eNoListener) {
637 return false;
638 }
639 // This is slightly different from EVENT_TYPE_EQUALS in that it returns
640 // true even when aEvent->mMessage == eUnidentifiedEvent and
641 // aListener=>mEventMessage != eUnidentifiedEvent as long as the atoms are
642 // the same
643 if (MOZ_UNLIKELY(aListener->mAllEvents)) {
644 return true;
645 }
646 if (aEvent->mMessage == eUnidentifiedEvent) {
647 return aListener->mTypeAtom == aEvent->mSpecifiedEventType;
648 }
649 MOZ_ASSERT(mIsMainThreadELM);
650 return aListener->mEventMessage == aEventMessage;
651 }
652
IsDefaultPassiveWhenOnRoot(EventMessage aMessage)653 static bool IsDefaultPassiveWhenOnRoot(EventMessage aMessage) {
654 if (aMessage == eTouchStart || aMessage == eTouchMove) {
655 return StaticPrefs::dom_event_default_to_passive_touch_listeners();
656 }
657 if (aMessage == eWheel || aMessage == eLegacyMouseLineOrPageScroll ||
658 aMessage == eLegacyMousePixelScroll) {
659 return StaticPrefs::dom_event_default_to_passive_wheel_listeners();
660 }
661 return false;
662 }
663
IsRootEventTaget(EventTarget * aTarget)664 static bool IsRootEventTaget(EventTarget* aTarget) {
665 if (nsCOMPtr<nsPIDOMWindowInner> win = do_QueryInterface(aTarget)) {
666 return true;
667 }
668 nsCOMPtr<nsINode> node = do_QueryInterface(aTarget);
669 if (!node) {
670 return false;
671 }
672 Document* doc = node->OwnerDoc();
673 return node == doc || node == doc->GetRootElement() || node == doc->GetBody();
674 }
675
MaybeMarkPassive(EventMessage aMessage,EventListenerFlags & aFlags)676 void EventListenerManager::MaybeMarkPassive(EventMessage aMessage,
677 EventListenerFlags& aFlags) {
678 if (!mIsMainThreadELM) {
679 return;
680 }
681 if (!IsDefaultPassiveWhenOnRoot(aMessage)) {
682 return;
683 }
684 if (!IsRootEventTaget(mTarget)) {
685 return;
686 }
687 aFlags.mPassive = true;
688 }
689
AddEventListenerByType(EventListenerHolder aListenerHolder,const nsAString & aType,const EventListenerFlags & aFlags,const Optional<bool> & aPassive)690 void EventListenerManager::AddEventListenerByType(
691 EventListenerHolder aListenerHolder, const nsAString& aType,
692 const EventListenerFlags& aFlags, const Optional<bool>& aPassive) {
693 RefPtr<nsAtom> atom;
694 EventMessage message =
695 GetEventMessageAndAtomForListener(aType, getter_AddRefs(atom));
696
697 EventListenerFlags flags = aFlags;
698 if (aPassive.WasPassed()) {
699 flags.mPassive = aPassive.Value();
700 } else {
701 MaybeMarkPassive(message, flags);
702 }
703
704 AddEventListenerInternal(std::move(aListenerHolder), message, atom, flags);
705 }
706
RemoveEventListenerByType(EventListenerHolder aListenerHolder,const nsAString & aType,const EventListenerFlags & aFlags)707 void EventListenerManager::RemoveEventListenerByType(
708 EventListenerHolder aListenerHolder, const nsAString& aType,
709 const EventListenerFlags& aFlags) {
710 RefPtr<nsAtom> atom;
711 EventMessage message =
712 GetEventMessageAndAtomForListener(aType, getter_AddRefs(atom));
713 RemoveEventListenerInternal(std::move(aListenerHolder), message, atom,
714 aFlags);
715 }
716
FindEventHandler(EventMessage aEventMessage,nsAtom * aTypeAtom)717 EventListenerManager::Listener* EventListenerManager::FindEventHandler(
718 EventMessage aEventMessage, nsAtom* aTypeAtom) {
719 // Run through the listeners for this type and see if a script
720 // listener is registered
721 Listener* listener;
722 uint32_t count = mListeners.Length();
723 for (uint32_t i = 0; i < count; ++i) {
724 listener = &mListeners.ElementAt(i);
725 if (listener->mListenerIsHandler &&
726 EVENT_TYPE_EQUALS(listener, aEventMessage, aTypeAtom, false)) {
727 return listener;
728 }
729 }
730 return nullptr;
731 }
732
SetEventHandlerInternal(nsAtom * aName,const TypedEventHandler & aTypedHandler,bool aPermitUntrustedEvents)733 EventListenerManager::Listener* EventListenerManager::SetEventHandlerInternal(
734 nsAtom* aName, const TypedEventHandler& aTypedHandler,
735 bool aPermitUntrustedEvents) {
736 MOZ_ASSERT(aName);
737
738 EventMessage eventMessage = GetEventMessage(aName);
739 Listener* listener = FindEventHandler(eventMessage, aName);
740
741 if (!listener) {
742 // If we didn't find a script listener or no listeners existed
743 // create and add a new one.
744 EventListenerFlags flags;
745 flags.mListenerIsJSListener = true;
746 MaybeMarkPassive(eventMessage, flags);
747
748 nsCOMPtr<JSEventHandler> jsEventHandler;
749 NS_NewJSEventHandler(mTarget, aName, aTypedHandler,
750 getter_AddRefs(jsEventHandler));
751 AddEventListenerInternal(EventListenerHolder(jsEventHandler), eventMessage,
752 aName, flags, true);
753
754 listener = FindEventHandler(eventMessage, aName);
755 } else {
756 JSEventHandler* jsEventHandler = listener->GetJSEventHandler();
757 MOZ_ASSERT(jsEventHandler,
758 "How can we have an event handler with no JSEventHandler?");
759
760 bool same = jsEventHandler->GetTypedEventHandler() == aTypedHandler;
761 // Possibly the same listener, but update still the context and scope.
762 jsEventHandler->SetHandler(aTypedHandler);
763 if (mTarget && !same) {
764 mTarget->EventListenerRemoved(aName);
765 mTarget->EventListenerAdded(aName);
766 }
767 if (mIsMainThreadELM && mTarget) {
768 EventListenerService::NotifyAboutMainThreadListenerChange(mTarget, aName);
769 }
770 }
771
772 // Set flag to indicate possible need for compilation later
773 listener->mHandlerIsString = !aTypedHandler.HasEventHandler();
774 if (aPermitUntrustedEvents) {
775 listener->mFlags.mAllowUntrustedEvents = true;
776 }
777
778 return listener;
779 }
780
SetEventHandler(nsAtom * aName,const nsAString & aBody,bool aDeferCompilation,bool aPermitUntrustedEvents,Element * aElement)781 nsresult EventListenerManager::SetEventHandler(nsAtom* aName,
782 const nsAString& aBody,
783 bool aDeferCompilation,
784 bool aPermitUntrustedEvents,
785 Element* aElement) {
786 nsCOMPtr<Document> doc;
787 nsCOMPtr<nsIScriptGlobalObject> global =
788 GetScriptGlobalAndDocument(getter_AddRefs(doc));
789
790 if (!global) {
791 // This can happen; for example this document might have been
792 // loaded as data.
793 return NS_OK;
794 }
795
796 nsresult rv = NS_OK;
797 // return early preventing the event listener from being added
798 // 'doc' is fetched above
799 if (doc) {
800 // Don't allow adding an event listener if the document is sandboxed
801 // without 'allow-scripts'.
802 if (doc->HasScriptsBlockedBySandbox()) {
803 return NS_ERROR_DOM_SECURITY_ERR;
804 }
805
806 // Perform CSP check
807 nsCOMPtr<nsIContentSecurityPolicy> csp = doc->GetCsp();
808 unsigned lineNum = 0;
809 unsigned columnNum = 0;
810
811 JSContext* cx = nsContentUtils::GetCurrentJSContext();
812 if (cx && !JS::DescribeScriptedCaller(cx, nullptr, &lineNum, &columnNum)) {
813 JS_ClearPendingException(cx);
814 }
815
816 if (csp) {
817 bool allowsInlineScript = true;
818 rv = csp->GetAllowsInline(
819 nsIContentPolicy::TYPE_SCRIPT,
820 EmptyString(), // aNonce
821 true, // aParserCreated (true because attribute event handler)
822 aElement,
823 nullptr, // nsICSPEventListener
824 aBody, lineNum, columnNum, &allowsInlineScript);
825 NS_ENSURE_SUCCESS(rv, rv);
826
827 // return early if CSP wants us to block inline scripts
828 if (!allowsInlineScript) {
829 return NS_OK;
830 }
831 }
832 }
833
834 // This might be the first reference to this language in the global
835 // We must init the language before we attempt to fetch its context.
836 if (NS_FAILED(global->EnsureScriptEnvironment())) {
837 NS_WARNING("Failed to setup script environment for this language");
838 // but fall through and let the inevitable failure below handle it.
839 }
840
841 nsIScriptContext* context = global->GetScriptContext();
842 NS_ENSURE_TRUE(context, NS_ERROR_FAILURE);
843 NS_ENSURE_STATE(global->HasJSGlobal());
844
845 Listener* listener = SetEventHandlerInternal(aName, TypedEventHandler(),
846 aPermitUntrustedEvents);
847
848 if (!aDeferCompilation) {
849 return CompileEventHandlerInternal(listener, &aBody, aElement);
850 }
851
852 return NS_OK;
853 }
854
RemoveEventHandler(nsAtom * aName)855 void EventListenerManager::RemoveEventHandler(nsAtom* aName) {
856 if (mClearingListeners) {
857 return;
858 }
859
860 EventMessage eventMessage = GetEventMessage(aName);
861 Listener* listener = FindEventHandler(eventMessage, aName);
862
863 if (listener) {
864 if (IsNonChromeClickListener(listener)) {
865 mUnknownNonPrivilegedClickListeners = true;
866 }
867 mListeners.RemoveElementAt(uint32_t(listener - &mListeners.ElementAt(0)));
868 NotifyEventListenerRemoved(aName);
869 if (IsDeviceType(eventMessage)) {
870 DisableDevice(eventMessage);
871 }
872 }
873 }
874
IsNonChromeClickListener(Listener * aListener)875 bool EventListenerManager::IsNonChromeClickListener(Listener* aListener) {
876 return !aListener->mFlags.mInSystemGroup && !aListener->mIsChrome &&
877 aListener->mEventMessage == eMouseClick &&
878 (aListener->GetJSEventHandler() ||
879 aListener->mListener.HasWebIDLCallback());
880 }
881
CompileEventHandlerInternal(Listener * aListener,const nsAString * aBody,Element * aElement)882 nsresult EventListenerManager::CompileEventHandlerInternal(
883 Listener* aListener, const nsAString* aBody, Element* aElement) {
884 MOZ_ASSERT(aListener->GetJSEventHandler());
885 MOZ_ASSERT(aListener->mHandlerIsString,
886 "Why are we compiling a non-string JS listener?");
887 JSEventHandler* jsEventHandler = aListener->GetJSEventHandler();
888 MOZ_ASSERT(!jsEventHandler->GetTypedEventHandler().HasEventHandler(),
889 "What is there to compile?");
890
891 nsresult result = NS_OK;
892 nsCOMPtr<Document> doc;
893 nsCOMPtr<nsIScriptGlobalObject> global =
894 GetScriptGlobalAndDocument(getter_AddRefs(doc));
895 NS_ENSURE_STATE(global);
896
897 // Activate JSAPI, and make sure that exceptions are reported on the right
898 // Window.
899 AutoJSAPI jsapi;
900 if (NS_WARN_IF(!jsapi.Init(global))) {
901 return NS_ERROR_UNEXPECTED;
902 }
903 JSContext* cx = jsapi.cx();
904
905 RefPtr<nsAtom> typeAtom = aListener->mTypeAtom;
906 nsAtom* attrName = typeAtom;
907
908 // Flag us as not a string so we don't keep trying to compile strings which
909 // can't be compiled.
910 aListener->mHandlerIsString = false;
911
912 // mTarget may not be an Element if it's a window and we're
913 // getting an inline event listener forwarded from <html:body> or
914 // <html:frameset> or <xul:window> or the like.
915 // XXX I don't like that we have to reference content from
916 // here. The alternative is to store the event handler string on
917 // the JSEventHandler itself, and that still doesn't address
918 // the arg names issue.
919 nsCOMPtr<Element> element = do_QueryInterface(mTarget);
920 MOZ_ASSERT(element || aBody, "Where will we get our body?");
921 nsAutoString handlerBody;
922 const nsAString* body = aBody;
923 if (!aBody) {
924 if (aListener->mTypeAtom == nsGkAtoms::onSVGLoad) {
925 attrName = nsGkAtoms::onload;
926 } else if (aListener->mTypeAtom == nsGkAtoms::onSVGUnload) {
927 attrName = nsGkAtoms::onunload;
928 } else if (aListener->mTypeAtom == nsGkAtoms::onSVGResize) {
929 attrName = nsGkAtoms::onresize;
930 } else if (aListener->mTypeAtom == nsGkAtoms::onSVGScroll) {
931 attrName = nsGkAtoms::onscroll;
932 } else if (aListener->mTypeAtom == nsGkAtoms::onSVGZoom) {
933 attrName = nsGkAtoms::onzoom;
934 } else if (aListener->mTypeAtom == nsGkAtoms::onbeginEvent) {
935 attrName = nsGkAtoms::onbegin;
936 } else if (aListener->mTypeAtom == nsGkAtoms::onrepeatEvent) {
937 attrName = nsGkAtoms::onrepeat;
938 } else if (aListener->mTypeAtom == nsGkAtoms::onendEvent) {
939 attrName = nsGkAtoms::onend;
940 } else if (aListener->mTypeAtom == nsGkAtoms::onwebkitAnimationEnd) {
941 attrName = nsGkAtoms::onwebkitanimationend;
942 } else if (aListener->mTypeAtom == nsGkAtoms::onwebkitAnimationIteration) {
943 attrName = nsGkAtoms::onwebkitanimationiteration;
944 } else if (aListener->mTypeAtom == nsGkAtoms::onwebkitAnimationStart) {
945 attrName = nsGkAtoms::onwebkitanimationstart;
946 } else if (aListener->mTypeAtom == nsGkAtoms::onwebkitTransitionEnd) {
947 attrName = nsGkAtoms::onwebkittransitionend;
948 }
949
950 element->GetAttr(kNameSpaceID_None, attrName, handlerBody);
951 body = &handlerBody;
952 aElement = element;
953 }
954 aListener = nullptr;
955
956 nsAutoCString url(NS_LITERAL_CSTRING("-moz-evil:lying-event-listener"));
957 MOZ_ASSERT(body);
958 MOZ_ASSERT(aElement);
959 nsIURI* uri = aElement->OwnerDoc()->GetDocumentURI();
960 if (uri) {
961 uri->GetSpec(url);
962 }
963
964 nsCOMPtr<nsPIDOMWindowInner> win = do_QueryInterface(mTarget);
965 uint32_t argCount;
966 const char** argNames;
967 nsContentUtils::GetEventArgNames(aElement->GetNameSpaceID(), typeAtom, win,
968 &argCount, &argNames);
969
970 // Wrap the event target, so that we can use it as the scope for the event
971 // handler. Note that mTarget is different from aElement in the <body> case,
972 // where mTarget is a Window.
973 //
974 // The wrapScope doesn't really matter here, because the target will create
975 // its reflector in the proper scope, and then we'll enter that realm.
976 JS::Rooted<JSObject*> wrapScope(cx, global->GetGlobalJSObject());
977 JS::Rooted<JS::Value> v(cx);
978 {
979 JSAutoRealm ar(cx, wrapScope);
980 nsresult rv = nsContentUtils::WrapNative(cx, mTarget, &v,
981 /* aAllowWrapping = */ false);
982 if (NS_WARN_IF(NS_FAILED(rv))) {
983 return rv;
984 }
985 }
986
987 JS::Rooted<JSObject*> target(cx, &v.toObject());
988 JSAutoRealm ar(cx, target);
989
990 // Now that we've entered the realm we actually care about, create our
991 // scope chain. Note that we start with |element|, not aElement, because
992 // mTarget is different from aElement in the <body> case, where mTarget is a
993 // Window, and in that case we do not want the scope chain to include the body
994 // or the document.
995 JS::RootedVector<JSObject*> scopeChain(cx);
996 if (!nsJSUtils::GetScopeChainForElement(cx, element, &scopeChain)) {
997 return NS_ERROR_OUT_OF_MEMORY;
998 }
999
1000 nsDependentAtomString str(attrName);
1001 // Most of our names are short enough that we don't even have to malloc
1002 // the JS string stuff, so don't worry about playing games with
1003 // refcounting XPCOM stringbuffers.
1004 JS::Rooted<JSString*> jsStr(
1005 cx, JS_NewUCStringCopyN(cx, str.BeginReading(), str.Length()));
1006 NS_ENSURE_TRUE(jsStr, NS_ERROR_OUT_OF_MEMORY);
1007
1008 // Get the reflector for |aElement|, so that we can pass to setElement.
1009 if (NS_WARN_IF(!GetOrCreateDOMReflector(cx, aElement, &v))) {
1010 return NS_ERROR_FAILURE;
1011 }
1012
1013 RefPtr<ScriptFetchOptions> fetchOptions = new ScriptFetchOptions(
1014 CORS_NONE, aElement->OwnerDoc()->GetReferrerPolicy(), aElement,
1015 aElement->OwnerDoc()->NodePrincipal());
1016 NS_ENSURE_TRUE(fetchOptions, NS_ERROR_OUT_OF_MEMORY);
1017
1018 RefPtr<EventScript> eventScript = new EventScript(fetchOptions, uri);
1019 NS_ENSURE_TRUE(eventScript, NS_ERROR_OUT_OF_MEMORY);
1020
1021 JS::CompileOptions options(cx);
1022 // Use line 0 to make the function body starts from line 1.
1023 options.setIntroductionType("eventHandler")
1024 .setFileAndLine(url.get(), 0)
1025 .setElementAttributeName(jsStr)
1026 .setPrivateValue(JS::PrivateValue(eventScript));
1027
1028 JS::Rooted<JSObject*> handler(cx);
1029 result = nsJSUtils::CompileFunction(jsapi, scopeChain, options,
1030 nsAtomCString(typeAtom), argCount,
1031 argNames, *body, handler.address());
1032 NS_ENSURE_SUCCESS(result, result);
1033 NS_ENSURE_TRUE(handler, NS_ERROR_FAILURE);
1034
1035 MOZ_ASSERT(js::IsObjectInContextCompartment(handler, cx));
1036 JS::Rooted<JSObject*> handlerGlobal(cx, JS::CurrentGlobalOrNull(cx));
1037
1038 if (jsEventHandler->EventName() == nsGkAtoms::onerror && win) {
1039 RefPtr<OnErrorEventHandlerNonNull> handlerCallback =
1040 new OnErrorEventHandlerNonNull(static_cast<JSContext*>(nullptr),
1041 handler, handlerGlobal,
1042 /* aIncumbentGlobal = */ nullptr);
1043 jsEventHandler->SetHandler(handlerCallback);
1044 } else if (jsEventHandler->EventName() == nsGkAtoms::onbeforeunload && win) {
1045 RefPtr<OnBeforeUnloadEventHandlerNonNull> handlerCallback =
1046 new OnBeforeUnloadEventHandlerNonNull(static_cast<JSContext*>(nullptr),
1047 handler, handlerGlobal,
1048 /* aIncumbentGlobal = */ nullptr);
1049 jsEventHandler->SetHandler(handlerCallback);
1050 } else {
1051 RefPtr<EventHandlerNonNull> handlerCallback = new EventHandlerNonNull(
1052 static_cast<JSContext*>(nullptr), handler, handlerGlobal,
1053 /* aIncumbentGlobal = */ nullptr);
1054 jsEventHandler->SetHandler(handlerCallback);
1055 }
1056
1057 return result;
1058 }
1059
HandleEventSubType(Listener * aListener,Event * aDOMEvent,EventTarget * aCurrentTarget)1060 nsresult EventListenerManager::HandleEventSubType(Listener* aListener,
1061 Event* aDOMEvent,
1062 EventTarget* aCurrentTarget) {
1063 nsresult result = NS_OK;
1064 // strong ref
1065 EventListenerHolder listenerHolder(aListener->mListener.Clone());
1066
1067 // If this is a script handler and we haven't yet
1068 // compiled the event handler itself
1069 if ((aListener->mListenerType == Listener::eJSEventListener) &&
1070 aListener->mHandlerIsString) {
1071 result = CompileEventHandlerInternal(aListener, nullptr, nullptr);
1072 aListener = nullptr;
1073 }
1074
1075 if (NS_SUCCEEDED(result)) {
1076 EventCallbackDebuggerNotificationGuard dbgGuard(aCurrentTarget, aDOMEvent);
1077 nsAutoMicroTask mt;
1078
1079 // Event::currentTarget is set in EventDispatcher.
1080 if (listenerHolder.HasWebIDLCallback()) {
1081 ErrorResult rv;
1082 listenerHolder.GetWebIDLCallback()->HandleEvent(aCurrentTarget,
1083 *aDOMEvent, rv);
1084 result = rv.StealNSResult();
1085 } else {
1086 // listenerHolder is holding a stack ref here.
1087 result = MOZ_KnownLive(listenerHolder.GetXPCOMCallback())
1088 ->HandleEvent(aDOMEvent);
1089 }
1090 }
1091
1092 return result;
1093 }
1094
GetLegacyEventMessage(EventMessage aEventMessage) const1095 EventMessage EventListenerManager::GetLegacyEventMessage(
1096 EventMessage aEventMessage) const {
1097 // webkit-prefixed legacy events:
1098 if (aEventMessage == eTransitionEnd) {
1099 return eWebkitTransitionEnd;
1100 }
1101 if (aEventMessage == eAnimationStart) {
1102 return eWebkitAnimationStart;
1103 }
1104 if (aEventMessage == eAnimationEnd) {
1105 return eWebkitAnimationEnd;
1106 }
1107 if (aEventMessage == eAnimationIteration) {
1108 return eWebkitAnimationIteration;
1109 }
1110
1111 switch (aEventMessage) {
1112 case eFullscreenChange:
1113 return eMozFullscreenChange;
1114 case eFullscreenError:
1115 return eMozFullscreenError;
1116 default:
1117 return aEventMessage;
1118 }
1119 }
1120
GetEventMessage(nsAtom * aEventName) const1121 EventMessage EventListenerManager::GetEventMessage(nsAtom* aEventName) const {
1122 if (mIsMainThreadELM) {
1123 return nsContentUtils::GetEventMessage(aEventName);
1124 }
1125
1126 // The nsContentUtils event message hashtables aren't threadsafe, so just fall
1127 // back to eUnidentifiedEvent.
1128 return eUnidentifiedEvent;
1129 }
1130
GetEventMessageAndAtomForListener(const nsAString & aType,nsAtom ** aAtom)1131 EventMessage EventListenerManager::GetEventMessageAndAtomForListener(
1132 const nsAString& aType, nsAtom** aAtom) {
1133 if (mIsMainThreadELM) {
1134 return nsContentUtils::GetEventMessageAndAtomForListener(aType, aAtom);
1135 }
1136
1137 *aAtom = NS_Atomize(NS_LITERAL_STRING("on") + aType).take();
1138 return eUnidentifiedEvent;
1139 }
1140
WindowFromListener(Listener * aListener,bool aItemInShadowTree)1141 already_AddRefed<nsPIDOMWindowInner> EventListenerManager::WindowFromListener(
1142 Listener* aListener, bool aItemInShadowTree) {
1143 nsCOMPtr<nsPIDOMWindowInner> innerWindow;
1144 if (!aItemInShadowTree) {
1145 if (aListener->mListener.HasWebIDLCallback()) {
1146 CallbackObject* callback = aListener->mListener.GetWebIDLCallback();
1147 nsIGlobalObject* global = nullptr;
1148 if (callback) {
1149 global = callback->IncumbentGlobalOrNull();
1150 }
1151 if (global) {
1152 innerWindow = global->AsInnerWindow(); // Can be nullptr
1153 }
1154 } else {
1155 // Can't get the global from
1156 // listener->mListener.GetXPCOMCallback().
1157 // In most cases, it would be the same as for
1158 // the target, so let's do that.
1159 innerWindow = GetInnerWindowForTarget(); // Can be nullptr
1160 }
1161 }
1162 return innerWindow.forget();
1163 }
1164
1165 /**
1166 * Causes a check for event listeners and processing by them if they exist.
1167 * @param an event listener
1168 */
1169
HandleEventInternal(nsPresContext * aPresContext,WidgetEvent * aEvent,Event ** aDOMEvent,EventTarget * aCurrentTarget,nsEventStatus * aEventStatus,bool aItemInShadowTree)1170 void EventListenerManager::HandleEventInternal(nsPresContext* aPresContext,
1171 WidgetEvent* aEvent,
1172 Event** aDOMEvent,
1173 EventTarget* aCurrentTarget,
1174 nsEventStatus* aEventStatus,
1175 bool aItemInShadowTree) {
1176 // Set the value of the internal PreventDefault flag properly based on
1177 // aEventStatus
1178 if (!aEvent->DefaultPrevented() &&
1179 *aEventStatus == nsEventStatus_eConsumeNoDefault) {
1180 // Assume that if only aEventStatus claims that the event has already been
1181 // consumed, the consumer is default event handler.
1182 aEvent->PreventDefault();
1183 }
1184
1185 Maybe<AutoHandlingUserInputStatePusher> userInputStatePusher;
1186 Maybe<AutoPopupStatePusher> popupStatePusher;
1187 if (mIsMainThreadELM) {
1188 userInputStatePusher.emplace(UserActivation::IsUserInteractionEvent(aEvent),
1189 aEvent);
1190 popupStatePusher.emplace(
1191 PopupBlocker::GetEventPopupControlState(aEvent, *aDOMEvent));
1192 }
1193
1194 bool hasListener = false;
1195 bool hasListenerForCurrentGroup = false;
1196 bool usingLegacyMessage = false;
1197 bool hasRemovedListener = false;
1198 EventMessage eventMessage = aEvent->mMessage;
1199
1200 while (true) {
1201 nsAutoTObserverArray<Listener, 2>::EndLimitedIterator iter(mListeners);
1202 Maybe<EventMessageAutoOverride> legacyAutoOverride;
1203 while (iter.HasMore()) {
1204 if (aEvent->mFlags.mImmediatePropagationStopped) {
1205 break;
1206 }
1207 Listener* listener = &iter.GetNext();
1208 // Check that the phase is same in event and event listener.
1209 // Handle only trusted events, except when listener permits untrusted
1210 // events.
1211 if (ListenerCanHandle(listener, aEvent, eventMessage)) {
1212 hasListener = true;
1213 hasListenerForCurrentGroup =
1214 hasListenerForCurrentGroup ||
1215 listener->mFlags.mInSystemGroup == aEvent->mFlags.mInSystemGroup;
1216 if (listener->IsListening(aEvent) &&
1217 (aEvent->IsTrusted() || listener->mFlags.mAllowUntrustedEvents)) {
1218 if (!*aDOMEvent) {
1219 // This is tiny bit slow, but happens only once per event.
1220 // Similar code also in EventDispatcher.
1221 nsCOMPtr<EventTarget> et = aEvent->mOriginalTarget;
1222 RefPtr<Event> event = EventDispatcher::CreateEvent(
1223 et, aPresContext, aEvent, EmptyString());
1224 event.forget(aDOMEvent);
1225 }
1226 if (*aDOMEvent) {
1227 if (!aEvent->mCurrentTarget) {
1228 aEvent->mCurrentTarget = aCurrentTarget->GetTargetForDOMEvent();
1229 if (!aEvent->mCurrentTarget) {
1230 break;
1231 }
1232 }
1233 if (usingLegacyMessage && !legacyAutoOverride) {
1234 // Override the aDOMEvent's event-message (its .type) until we
1235 // finish traversing listeners (when legacyAutoOverride destructs)
1236 legacyAutoOverride.emplace(*aDOMEvent, eventMessage);
1237 }
1238
1239 // Maybe add a marker to the docshell's timeline, but only
1240 // bother with all the logic if some docshell is recording.
1241 nsCOMPtr<nsIDocShell> docShell;
1242 RefPtr<TimelineConsumers> timelines = TimelineConsumers::Get();
1243 bool needsEndEventMarker = false;
1244
1245 if (mIsMainThreadELM &&
1246 listener->mListenerType != Listener::eNativeListener) {
1247 docShell = nsContentUtils::GetDocShellForEventTarget(mTarget);
1248 if (docShell) {
1249 if (timelines && timelines->HasConsumer(docShell)) {
1250 needsEndEventMarker = true;
1251 nsAutoString typeStr;
1252 (*aDOMEvent)->GetType(typeStr);
1253 uint16_t phase = (*aDOMEvent)->EventPhase();
1254 timelines->AddMarkerForDocShell(
1255 docShell, MakeUnique<EventTimelineMarker>(
1256 typeStr, phase, MarkerTracingType::START));
1257 }
1258 }
1259 }
1260
1261 aEvent->mFlags.mInPassiveListener = listener->mFlags.mPassive;
1262 Maybe<Listener> listenerHolder;
1263 if (listener->mFlags.mOnce) {
1264 // Move the listener to the stack before handling the event.
1265 // The order is important, otherwise the listener could be
1266 // called again inside the listener.
1267 listenerHolder.emplace(std::move(*listener));
1268 listener = listenerHolder.ptr();
1269 hasRemovedListener = true;
1270 }
1271
1272 nsCOMPtr<nsPIDOMWindowInner> innerWindow =
1273 WindowFromListener(listener, aItemInShadowTree);
1274 mozilla::dom::Event* oldWindowEvent = nullptr;
1275 if (innerWindow) {
1276 oldWindowEvent = innerWindow->SetEvent(*aDOMEvent);
1277 }
1278
1279 nsresult rv =
1280 HandleEventSubType(listener, *aDOMEvent, aCurrentTarget);
1281
1282 if (innerWindow) {
1283 Unused << innerWindow->SetEvent(oldWindowEvent);
1284 }
1285
1286 if (NS_FAILED(rv)) {
1287 aEvent->mFlags.mExceptionWasRaised = true;
1288 }
1289 aEvent->mFlags.mInPassiveListener = false;
1290
1291 if (needsEndEventMarker) {
1292 timelines->AddMarkerForDocShell(docShell, "DOMEvent",
1293 MarkerTracingType::END);
1294 }
1295 }
1296 }
1297 }
1298 }
1299
1300 // If we didn't find any matching listeners, and our event has a legacy
1301 // version, we'll now switch to looking for that legacy version and we'll
1302 // recheck our listeners.
1303 if (hasListenerForCurrentGroup || usingLegacyMessage ||
1304 !aEvent->IsTrusted()) {
1305 // No need to recheck listeners, because we already found a match, we
1306 // already rechecked them, or it is not a trusted event.
1307 break;
1308 }
1309 EventMessage legacyEventMessage = GetLegacyEventMessage(eventMessage);
1310 if (legacyEventMessage == eventMessage) {
1311 break; // There's no legacy version of our event; no need to recheck.
1312 }
1313 MOZ_ASSERT(
1314 GetLegacyEventMessage(legacyEventMessage) == legacyEventMessage,
1315 "Legacy event messages should not themselves have legacy versions");
1316
1317 // Recheck our listeners, using the legacy event message we just looked up:
1318 eventMessage = legacyEventMessage;
1319 usingLegacyMessage = true;
1320 }
1321
1322 aEvent->mCurrentTarget = nullptr;
1323
1324 if (hasRemovedListener) {
1325 // If there are any once listeners replaced with a placeholder in
1326 // the loop above, we need to clean up them here. Note that, this
1327 // could clear once listeners handled in some outer level as well,
1328 // but that should not affect the result.
1329 mListeners.RemoveElementsBy([](const Listener& aListener) {
1330 return aListener.mListenerType == Listener::eNoListener;
1331 });
1332 NotifyEventListenerRemoved(aEvent->mSpecifiedEventType);
1333 if (IsDeviceType(aEvent->mMessage)) {
1334 // This is a device-type event, we need to check whether we can
1335 // disable device after removing the once listeners.
1336 bool hasAnyListener = false;
1337 nsAutoTObserverArray<Listener, 2>::ForwardIterator iter(mListeners);
1338 while (iter.HasMore()) {
1339 Listener* listener = &iter.GetNext();
1340 if (EVENT_TYPE_EQUALS(listener, aEvent->mMessage,
1341 aEvent->mSpecifiedEventType,
1342 /* all events */ false)) {
1343 hasAnyListener = true;
1344 break;
1345 }
1346 }
1347 if (!hasAnyListener) {
1348 DisableDevice(aEvent->mMessage);
1349 }
1350 }
1351 }
1352
1353 if (mIsMainThreadELM && !hasListener) {
1354 mNoListenerForEvent = aEvent->mMessage;
1355 mNoListenerForEventAtom = aEvent->mSpecifiedEventType;
1356 }
1357
1358 if (aEvent->DefaultPrevented()) {
1359 *aEventStatus = nsEventStatus_eConsumeNoDefault;
1360 }
1361 }
1362
Disconnect()1363 void EventListenerManager::Disconnect() {
1364 mTarget = nullptr;
1365 RemoveAllListenersSilently();
1366 }
1367
AddEventListener(const nsAString & aType,EventListenerHolder aListenerHolder,bool aUseCapture,bool aWantsUntrusted)1368 void EventListenerManager::AddEventListener(const nsAString& aType,
1369 EventListenerHolder aListenerHolder,
1370 bool aUseCapture,
1371 bool aWantsUntrusted) {
1372 EventListenerFlags flags;
1373 flags.mCapture = aUseCapture;
1374 flags.mAllowUntrustedEvents = aWantsUntrusted;
1375 return AddEventListenerByType(std::move(aListenerHolder), aType, flags);
1376 }
1377
AddEventListener(const nsAString & aType,EventListenerHolder aListenerHolder,const dom::AddEventListenerOptionsOrBoolean & aOptions,bool aWantsUntrusted)1378 void EventListenerManager::AddEventListener(
1379 const nsAString& aType, EventListenerHolder aListenerHolder,
1380 const dom::AddEventListenerOptionsOrBoolean& aOptions,
1381 bool aWantsUntrusted) {
1382 EventListenerFlags flags;
1383 Optional<bool> passive;
1384 if (aOptions.IsBoolean()) {
1385 flags.mCapture = aOptions.GetAsBoolean();
1386 } else {
1387 const auto& options = aOptions.GetAsAddEventListenerOptions();
1388 flags.mCapture = options.mCapture;
1389 flags.mInSystemGroup = options.mMozSystemGroup;
1390 flags.mOnce = options.mOnce;
1391 if (options.mPassive.WasPassed()) {
1392 passive.Construct(options.mPassive.Value());
1393 }
1394 }
1395 flags.mAllowUntrustedEvents = aWantsUntrusted;
1396 return AddEventListenerByType(std::move(aListenerHolder), aType, flags,
1397 passive);
1398 }
1399
RemoveEventListener(const nsAString & aType,EventListenerHolder aListenerHolder,bool aUseCapture)1400 void EventListenerManager::RemoveEventListener(
1401 const nsAString& aType, EventListenerHolder aListenerHolder,
1402 bool aUseCapture) {
1403 EventListenerFlags flags;
1404 flags.mCapture = aUseCapture;
1405 RemoveEventListenerByType(std::move(aListenerHolder), aType, flags);
1406 }
1407
RemoveEventListener(const nsAString & aType,EventListenerHolder aListenerHolder,const dom::EventListenerOptionsOrBoolean & aOptions)1408 void EventListenerManager::RemoveEventListener(
1409 const nsAString& aType, EventListenerHolder aListenerHolder,
1410 const dom::EventListenerOptionsOrBoolean& aOptions) {
1411 EventListenerFlags flags;
1412 if (aOptions.IsBoolean()) {
1413 flags.mCapture = aOptions.GetAsBoolean();
1414 } else {
1415 const auto& options = aOptions.GetAsEventListenerOptions();
1416 flags.mCapture = options.mCapture;
1417 flags.mInSystemGroup = options.mMozSystemGroup;
1418 }
1419 RemoveEventListenerByType(std::move(aListenerHolder), aType, flags);
1420 }
1421
AddListenerForAllEvents(EventListener * aDOMListener,bool aUseCapture,bool aWantsUntrusted,bool aSystemEventGroup)1422 void EventListenerManager::AddListenerForAllEvents(EventListener* aDOMListener,
1423 bool aUseCapture,
1424 bool aWantsUntrusted,
1425 bool aSystemEventGroup) {
1426 EventListenerFlags flags;
1427 flags.mCapture = aUseCapture;
1428 flags.mAllowUntrustedEvents = aWantsUntrusted;
1429 flags.mInSystemGroup = aSystemEventGroup;
1430 AddEventListenerInternal(EventListenerHolder(aDOMListener), eAllEvents,
1431 nullptr, flags, false, true);
1432 }
1433
RemoveListenerForAllEvents(EventListener * aDOMListener,bool aUseCapture,bool aSystemEventGroup)1434 void EventListenerManager::RemoveListenerForAllEvents(
1435 EventListener* aDOMListener, bool aUseCapture, bool aSystemEventGroup) {
1436 EventListenerFlags flags;
1437 flags.mCapture = aUseCapture;
1438 flags.mInSystemGroup = aSystemEventGroup;
1439 RemoveEventListenerInternal(EventListenerHolder(aDOMListener), eAllEvents,
1440 nullptr, flags, true);
1441 }
1442
HasMutationListeners()1443 bool EventListenerManager::HasMutationListeners() {
1444 if (mMayHaveMutationListeners) {
1445 uint32_t count = mListeners.Length();
1446 for (uint32_t i = 0; i < count; ++i) {
1447 Listener* listener = &mListeners.ElementAt(i);
1448 if (listener->mEventMessage >= eLegacyMutationEventFirst &&
1449 listener->mEventMessage <= eLegacyMutationEventLast) {
1450 return true;
1451 }
1452 }
1453 }
1454
1455 return false;
1456 }
1457
MutationListenerBits()1458 uint32_t EventListenerManager::MutationListenerBits() {
1459 uint32_t bits = 0;
1460 if (mMayHaveMutationListeners) {
1461 uint32_t count = mListeners.Length();
1462 for (uint32_t i = 0; i < count; ++i) {
1463 Listener* listener = &mListeners.ElementAt(i);
1464 if (listener->mEventMessage >= eLegacyMutationEventFirst &&
1465 listener->mEventMessage <= eLegacyMutationEventLast) {
1466 if (listener->mEventMessage == eLegacySubtreeModified) {
1467 return kAllMutationBits;
1468 }
1469 bits |= MutationBitForEventType(listener->mEventMessage);
1470 }
1471 }
1472 }
1473 return bits;
1474 }
1475
HasListenersFor(const nsAString & aEventName) const1476 bool EventListenerManager::HasListenersFor(const nsAString& aEventName) const {
1477 RefPtr<nsAtom> atom = NS_Atomize(NS_LITERAL_STRING("on") + aEventName);
1478 return HasListenersFor(atom);
1479 }
1480
HasListenersFor(nsAtom * aEventNameWithOn) const1481 bool EventListenerManager::HasListenersFor(nsAtom* aEventNameWithOn) const {
1482 #ifdef DEBUG
1483 nsAutoString name;
1484 aEventNameWithOn->ToString(name);
1485 #endif
1486 NS_ASSERTION(StringBeginsWith(name, NS_LITERAL_STRING("on")),
1487 "Event name does not start with 'on'");
1488 uint32_t count = mListeners.Length();
1489 for (uint32_t i = 0; i < count; ++i) {
1490 const Listener* listener = &mListeners.ElementAt(i);
1491 if (listener->mTypeAtom == aEventNameWithOn) {
1492 return true;
1493 }
1494 }
1495 return false;
1496 }
1497
HasListeners() const1498 bool EventListenerManager::HasListeners() const {
1499 return !mListeners.IsEmpty();
1500 }
1501
GetListenerInfo(nsTArray<RefPtr<nsIEventListenerInfo>> & aList)1502 nsresult EventListenerManager::GetListenerInfo(
1503 nsTArray<RefPtr<nsIEventListenerInfo>>& aList) {
1504 nsCOMPtr<EventTarget> target = mTarget;
1505 NS_ENSURE_STATE(target);
1506 aList.Clear();
1507 nsAutoTObserverArray<Listener, 2>::ForwardIterator iter(mListeners);
1508 while (iter.HasMore()) {
1509 const Listener& listener = iter.GetNext();
1510 // If this is a script handler and we haven't yet
1511 // compiled the event handler itself go ahead and compile it
1512 if (listener.mListenerType == Listener::eJSEventListener &&
1513 listener.mHandlerIsString) {
1514 CompileEventHandlerInternal(const_cast<Listener*>(&listener), nullptr,
1515 nullptr);
1516 }
1517 nsAutoString eventType;
1518 if (listener.mAllEvents) {
1519 eventType.SetIsVoid(true);
1520 } else if (listener.mListenerType == Listener::eNoListener) {
1521 continue;
1522 } else {
1523 eventType.Assign(Substring(nsDependentAtomString(listener.mTypeAtom), 2));
1524 }
1525
1526 JS::Rooted<JSObject*> callback(RootingCx());
1527 JS::Rooted<JSObject*> callbackGlobal(RootingCx());
1528 if (JSEventHandler* handler = listener.GetJSEventHandler()) {
1529 if (handler->GetTypedEventHandler().HasEventHandler()) {
1530 CallbackFunction* callbackFun = handler->GetTypedEventHandler().Ptr();
1531 callback = callbackFun->CallableOrNull();
1532 callbackGlobal = callbackFun->CallbackGlobalOrNull();
1533 if (!callback) {
1534 // This will be null for cross-compartment event listeners
1535 // which have been destroyed.
1536 continue;
1537 }
1538 }
1539 } else if (listener.mListenerType == Listener::eWebIDLListener) {
1540 EventListener* listenerCallback = listener.mListener.GetWebIDLCallback();
1541 callback = listenerCallback->CallbackOrNull();
1542 callbackGlobal = listenerCallback->CallbackGlobalOrNull();
1543 if (!callback) {
1544 // This will be null for cross-compartment event listeners
1545 // which have been destroyed.
1546 continue;
1547 }
1548 }
1549
1550 RefPtr<EventListenerInfo> info = new EventListenerInfo(
1551 eventType, callback, callbackGlobal, listener.mFlags.mCapture,
1552 listener.mFlags.mAllowUntrustedEvents, listener.mFlags.mInSystemGroup);
1553 aList.AppendElement(info.forget());
1554 }
1555 return NS_OK;
1556 }
1557
HasUnloadListeners()1558 bool EventListenerManager::HasUnloadListeners() {
1559 uint32_t count = mListeners.Length();
1560 for (uint32_t i = 0; i < count; ++i) {
1561 Listener* listener = &mListeners.ElementAt(i);
1562 if (listener->mEventMessage == eUnload ||
1563 listener->mEventMessage == eBeforeUnload) {
1564 return true;
1565 }
1566 }
1567 return false;
1568 }
1569
SetEventHandler(nsAtom * aEventName,EventHandlerNonNull * aHandler)1570 void EventListenerManager::SetEventHandler(nsAtom* aEventName,
1571 EventHandlerNonNull* aHandler) {
1572 if (!aHandler) {
1573 RemoveEventHandler(aEventName);
1574 return;
1575 }
1576
1577 // Untrusted events are always permitted for non-chrome script
1578 // handlers.
1579 SetEventHandlerInternal(
1580 aEventName, TypedEventHandler(aHandler),
1581 !mIsMainThreadELM || !nsContentUtils::IsCallerChrome());
1582 }
1583
SetEventHandler(OnErrorEventHandlerNonNull * aHandler)1584 void EventListenerManager::SetEventHandler(
1585 OnErrorEventHandlerNonNull* aHandler) {
1586 if (!aHandler) {
1587 RemoveEventHandler(nsGkAtoms::onerror);
1588 return;
1589 }
1590
1591 // Untrusted events are always permitted on workers and for non-chrome script
1592 // on the main thread.
1593 bool allowUntrusted = !mIsMainThreadELM || !nsContentUtils::IsCallerChrome();
1594
1595 SetEventHandlerInternal(nsGkAtoms::onerror, TypedEventHandler(aHandler),
1596 allowUntrusted);
1597 }
1598
SetEventHandler(OnBeforeUnloadEventHandlerNonNull * aHandler)1599 void EventListenerManager::SetEventHandler(
1600 OnBeforeUnloadEventHandlerNonNull* aHandler) {
1601 if (!aHandler) {
1602 RemoveEventHandler(nsGkAtoms::onbeforeunload);
1603 return;
1604 }
1605
1606 // Untrusted events are always permitted for non-chrome script
1607 // handlers.
1608 SetEventHandlerInternal(
1609 nsGkAtoms::onbeforeunload, TypedEventHandler(aHandler),
1610 !mIsMainThreadELM || !nsContentUtils::IsCallerChrome());
1611 }
1612
GetTypedEventHandler(nsAtom * aEventName)1613 const TypedEventHandler* EventListenerManager::GetTypedEventHandler(
1614 nsAtom* aEventName) {
1615 EventMessage eventMessage = GetEventMessage(aEventName);
1616 Listener* listener = FindEventHandler(eventMessage, aEventName);
1617
1618 if (!listener) {
1619 return nullptr;
1620 }
1621
1622 JSEventHandler* jsEventHandler = listener->GetJSEventHandler();
1623
1624 if (listener->mHandlerIsString) {
1625 CompileEventHandlerInternal(listener, nullptr, nullptr);
1626 }
1627
1628 const TypedEventHandler& typedHandler =
1629 jsEventHandler->GetTypedEventHandler();
1630 return typedHandler.HasEventHandler() ? &typedHandler : nullptr;
1631 }
1632
SizeOfIncludingThis(MallocSizeOf aMallocSizeOf) const1633 size_t EventListenerManager::SizeOfIncludingThis(
1634 MallocSizeOf aMallocSizeOf) const {
1635 size_t n = aMallocSizeOf(this);
1636 n += mListeners.ShallowSizeOfExcludingThis(aMallocSizeOf);
1637 uint32_t count = mListeners.Length();
1638 for (uint32_t i = 0; i < count; ++i) {
1639 JSEventHandler* jsEventHandler =
1640 mListeners.ElementAt(i).GetJSEventHandler();
1641 if (jsEventHandler) {
1642 n += jsEventHandler->SizeOfIncludingThis(aMallocSizeOf);
1643 }
1644 }
1645 return n;
1646 }
1647
MarkForCC()1648 void EventListenerManager::MarkForCC() {
1649 uint32_t count = mListeners.Length();
1650 for (uint32_t i = 0; i < count; ++i) {
1651 const Listener& listener = mListeners.ElementAt(i);
1652 JSEventHandler* jsEventHandler = listener.GetJSEventHandler();
1653 if (jsEventHandler) {
1654 const TypedEventHandler& typedHandler =
1655 jsEventHandler->GetTypedEventHandler();
1656 if (typedHandler.HasEventHandler()) {
1657 typedHandler.Ptr()->MarkForCC();
1658 }
1659 } else if (listener.mListenerType == Listener::eWebIDLListener) {
1660 listener.mListener.GetWebIDLCallback()->MarkForCC();
1661 }
1662 }
1663 if (mRefCnt.IsPurple()) {
1664 mRefCnt.RemovePurple();
1665 }
1666 }
1667
TraceListeners(JSTracer * aTrc)1668 void EventListenerManager::TraceListeners(JSTracer* aTrc) {
1669 uint32_t count = mListeners.Length();
1670 for (uint32_t i = 0; i < count; ++i) {
1671 const Listener& listener = mListeners.ElementAt(i);
1672 JSEventHandler* jsEventHandler = listener.GetJSEventHandler();
1673 if (jsEventHandler) {
1674 const TypedEventHandler& typedHandler =
1675 jsEventHandler->GetTypedEventHandler();
1676 if (typedHandler.HasEventHandler()) {
1677 mozilla::TraceScriptHolder(typedHandler.Ptr(), aTrc);
1678 }
1679 } else if (listener.mListenerType == Listener::eWebIDLListener) {
1680 mozilla::TraceScriptHolder(listener.mListener.GetWebIDLCallback(), aTrc);
1681 }
1682 // We might have eWrappedJSListener, but that is the legacy type for
1683 // JS implemented event listeners, and trickier to handle here.
1684 }
1685 }
1686
HasNonSystemGroupListenersForUntrustedKeyEvents()1687 bool EventListenerManager::HasNonSystemGroupListenersForUntrustedKeyEvents() {
1688 uint32_t count = mListeners.Length();
1689 for (uint32_t i = 0; i < count; ++i) {
1690 Listener* listener = &mListeners.ElementAt(i);
1691 if (!listener->mFlags.mInSystemGroup &&
1692 listener->mFlags.mAllowUntrustedEvents &&
1693 (listener->mTypeAtom == nsGkAtoms::onkeydown ||
1694 listener->mTypeAtom == nsGkAtoms::onkeypress ||
1695 listener->mTypeAtom == nsGkAtoms::onkeyup)) {
1696 return true;
1697 }
1698 }
1699 return false;
1700 }
1701
1702 bool EventListenerManager::
HasNonPassiveNonSystemGroupListenersForUntrustedKeyEvents()1703 HasNonPassiveNonSystemGroupListenersForUntrustedKeyEvents() {
1704 uint32_t count = mListeners.Length();
1705 for (uint32_t i = 0; i < count; ++i) {
1706 Listener* listener = &mListeners.ElementAt(i);
1707 if (!listener->mFlags.mPassive && !listener->mFlags.mInSystemGroup &&
1708 listener->mFlags.mAllowUntrustedEvents &&
1709 (listener->mTypeAtom == nsGkAtoms::onkeydown ||
1710 listener->mTypeAtom == nsGkAtoms::onkeypress ||
1711 listener->mTypeAtom == nsGkAtoms::onkeyup)) {
1712 return true;
1713 }
1714 }
1715 return false;
1716 }
1717
HasApzAwareListeners()1718 bool EventListenerManager::HasApzAwareListeners() {
1719 uint32_t count = mListeners.Length();
1720 for (uint32_t i = 0; i < count; ++i) {
1721 Listener* listener = &mListeners.ElementAt(i);
1722 if (IsApzAwareListener(listener)) {
1723 return true;
1724 }
1725 }
1726 return false;
1727 }
1728
IsApzAwareListener(Listener * aListener)1729 bool EventListenerManager::IsApzAwareListener(Listener* aListener) {
1730 return !aListener->mFlags.mPassive && mIsMainThreadELM &&
1731 IsApzAwareEvent(aListener->mTypeAtom);
1732 }
1733
IsApzAwareEvent(nsAtom * aEvent)1734 bool EventListenerManager::IsApzAwareEvent(nsAtom* aEvent) {
1735 if (aEvent == nsGkAtoms::onwheel || aEvent == nsGkAtoms::onDOMMouseScroll ||
1736 aEvent == nsGkAtoms::onmousewheel ||
1737 aEvent == nsGkAtoms::onMozMousePixelScroll) {
1738 return true;
1739 }
1740 // In theory we should schedule a repaint if the touch event pref changes,
1741 // because the event regions might be out of date. In practice that seems like
1742 // overkill because users generally shouldn't be flipping this pref, much
1743 // less expecting touch listeners on the page to immediately start preventing
1744 // scrolling without so much as a repaint. Tests that we write can work
1745 // around this constraint easily enough.
1746 if (aEvent == nsGkAtoms::ontouchstart || aEvent == nsGkAtoms::ontouchmove) {
1747 return TouchEvent::PrefEnabled(
1748 nsContentUtils::GetDocShellForEventTarget(mTarget));
1749 }
1750 return false;
1751 }
1752
RemoveAllListeners()1753 void EventListenerManager::RemoveAllListeners() {
1754 while (!mListeners.IsEmpty()) {
1755 size_t idx = mListeners.Length() - 1;
1756 RefPtr<nsAtom> type = mListeners.ElementAt(idx).mTypeAtom;
1757 EventMessage message = mListeners.ElementAt(idx).mEventMessage;
1758 mListeners.RemoveElementAt(idx);
1759 NotifyEventListenerRemoved(type);
1760 if (IsDeviceType(message)) {
1761 DisableDevice(message);
1762 }
1763 }
1764 }
1765
1766 already_AddRefed<nsIScriptGlobalObject>
GetScriptGlobalAndDocument(Document ** aDoc)1767 EventListenerManager::GetScriptGlobalAndDocument(Document** aDoc) {
1768 nsCOMPtr<nsINode> node(do_QueryInterface(mTarget));
1769 nsCOMPtr<Document> doc;
1770 nsCOMPtr<nsPIDOMWindowInner> win;
1771 if (node) {
1772 // Try to get context from doc
1773 doc = node->OwnerDoc();
1774 if (doc->IsLoadedAsData()) {
1775 return nullptr;
1776 }
1777
1778 win = do_QueryInterface(doc->GetScopeObject());
1779 } else if ((win = GetTargetAsInnerWindow())) {
1780 doc = win->GetExtantDoc();
1781 }
1782
1783 if (!win || !win->IsCurrentInnerWindow()) {
1784 return nullptr;
1785 }
1786
1787 doc.forget(aDoc);
1788 nsCOMPtr<nsIScriptGlobalObject> global = do_QueryInterface(win);
1789 return global.forget();
1790 }
1791
1792 } // namespace mozilla
1793