chromium/src
0
Fork 0
Code Activity

Emphasize checking WebUI handler arguments.

Browse Source 
Improve the examples in the WebUI documentation to check all the
arguments, and not just the number of arguments. Also align the examples
to do the checks consistently.

Change-Id: I352b55299eba479efea2820366ae4e6c92890267
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3283531
Reviewed-by: dpapad <dpapad@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
Cr-Commit-Position: refs/heads/main@{#942192}
This commit is contained in:
Lei Zhang
2021-11-16 16:40:02 +00:00
committed by Chromium LUCI CQ
parent 6b01c7cbbb
commit 72347ebdd2
2 changed files with 12 additions and 9 deletions

7
docs/webui_explainer.md

@ -267,10 +267,11 @@ void OvenHandler::RegisterMessages() {
void OvenHandler::HandleBakeDonuts(base::Value::ConstListView args) {
AllowJavascript();
// IMPORTANT: Fully validate `args`.
CHECK_EQ(1u, args.size());
// JavaScript numbers are doubles.
double num_donuts = args[0].GetDouble();
GetOven()->BakeDonuts(static_cast<int>(num_donuts));
int num_donuts = args[0].GetInt();
CHECK_GT(num_donuts, 0);
GetOven()->BakeDonuts(num_donuts);
}
```

14
docs/webui_in_components.md

@ -245,7 +245,7 @@ You probably want your new WebUI page to be able to do something or get informat
+
+ // Register callback handler.
+ RegisterMessageCallback("addNumbers",
+ base::BindRepeating(&HelloWorldUI::AddNumbers,
+ base::BindRepeating(&HelloWorldUI::AddPositiveNumbers,
+ base::Unretained(this)));
// Localized strings.
@ -253,8 +253,8 @@ You probably want your new WebUI page to be able to do something or get informat
virtual ~HelloWorldUI();
+
+ private:
+ // Add two numbers together using integer arithmetic.
+ void AddNumbers(base::Value::ConstListView args);
+ // Add two positive numbers together using integer arithmetic.
+ void AddPositiveNumbers(base::Value::ConstListView args);
};
```
@ -268,11 +268,13 @@ You probably want your new WebUI page to be able to do something or get informat
HelloWorldUI::~HelloWorldUI() {
}
+
+ void HelloWorldUI::AddNumbers(base::Value::ConstListView args) {
+ if (args.size() != 3)
+ return;
+ void HelloWorldUI::AddPositiveNumbers(base::Value::ConstListView args) {
+ // IMPORTANT: Fully validate `args`.
+ CHECK_EQ(3u, args.size());
+ int term1 = args[1].GetInt();
+ CHECK_GT(term1, 0);
+ int term2 = args[2].GetInt();
+ CHECK_GT(term2, 0);
+ base::FundamentalValue result(term1 + term2);
+ AllowJavascript();
+ std::string callback_id = args[0].GetString();