Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(566)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/WebCore/page/DOMWindow.cpp

Issue 7499005: Merge 91611 (Closed) Base URL: http://svn.webkit.org/repository/webkit/branches/chromium/782/
Patch Set: Created 9 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « LayoutTests/http/tests/security/xss-DENIED-document-baseURI-javascript-expected.txt ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2006, 2007, 2008, 2010 Apple Inc. All rights reserved. 2 * Copyright (C) 2006, 2007, 2008, 2010 Apple Inc. All rights reserved.
3 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) 3 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies)
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
7 * are met: 7 * are met:
8 * 1. Redistributions of source code must retain the above copyright 8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright 10 * 2. Redistributions in binary form must reproduce the above copyright
(...skipping 1653 matching lines...) Expand 10 before | Expand all | Expand 10 after
1664 return; 1664 return;
1665 1665
1666 Frame* firstFrame = firstWindow->frame(); 1666 Frame* firstFrame = firstWindow->frame();
1667 if (!firstFrame) 1667 if (!firstFrame)
1668 return; 1668 return;
1669 1669
1670 KURL completedURL = firstFrame->document()->completeURL(urlString); 1670 KURL completedURL = firstFrame->document()->completeURL(urlString);
1671 if (completedURL.isNull()) 1671 if (completedURL.isNull())
1672 return; 1672 return;
1673 1673
1674 if (isInsecureScriptAccess(activeWindow, urlString)) 1674 if (isInsecureScriptAccess(activeWindow, completedURL))
1675 return; 1675 return;
1676 1676
1677 // We want a new history item if we are processing a user gesture. 1677 // We want a new history item if we are processing a user gesture.
1678 m_frame->navigationScheduler()->scheduleLocationChange(activeFrame->document ()->securityOrigin(), 1678 m_frame->navigationScheduler()->scheduleLocationChange(activeFrame->document ()->securityOrigin(),
1679 completedURL, activeFrame->loader()->outgoingReferrer(), 1679 completedURL, activeFrame->loader()->outgoingReferrer(),
1680 locking != LockHistoryBasedOnGestureState || !activeFrame->script()->any PageIsProcessingUserGesture(), 1680 locking != LockHistoryBasedOnGestureState || !activeFrame->script()->any PageIsProcessingUserGesture(),
1681 locking != LockHistoryBasedOnGestureState); 1681 locking != LockHistoryBasedOnGestureState);
1682 } 1682 }
1683 1683
1684 void DOMWindow::printErrorMessage(const String& message) 1684 void DOMWindow::printErrorMessage(const String& message)
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after
1749 // We pass the opener frame for the lookupFrame in case the active frame is different from 1749 // We pass the opener frame for the lookupFrame in case the active frame is different from
1750 // the opener frame, and the name references a frame relative to the opener frame. 1750 // the opener frame, and the name references a frame relative to the opener frame.
1751 bool created; 1751 bool created;
1752 Frame* newFrame = WebCore::createWindow(activeFrame, openerFrame, frameReque st, windowFeatures, created); 1752 Frame* newFrame = WebCore::createWindow(activeFrame, openerFrame, frameReque st, windowFeatures, created);
1753 if (!newFrame) 1753 if (!newFrame)
1754 return 0; 1754 return 0;
1755 1755
1756 newFrame->loader()->setOpener(openerFrame); 1756 newFrame->loader()->setOpener(openerFrame);
1757 newFrame->page()->setOpenedByDOM(); 1757 newFrame->page()->setOpenedByDOM();
1758 1758
1759 if (newFrame->domWindow()->isInsecureScriptAccess(activeWindow, urlString)) 1759 if (newFrame->domWindow()->isInsecureScriptAccess(activeWindow, completedURL ))
1760 return newFrame; 1760 return newFrame;
1761 1761
1762 if (function) 1762 if (function)
1763 function(newFrame->domWindow(), functionContext); 1763 function(newFrame->domWindow(), functionContext);
1764 1764
1765 if (created) 1765 if (created)
1766 newFrame->loader()->changeLocation(activeWindow->securityOrigin(), compl etedURL, referrer, false, false); 1766 newFrame->loader()->changeLocation(activeWindow->securityOrigin(), compl etedURL, referrer, false, false);
1767 else if (!urlString.isEmpty()) { 1767 else if (!urlString.isEmpty()) {
1768 newFrame->navigationScheduler()->scheduleLocationChange(activeWindow->se curityOrigin(), completedURL.string(), referrer, 1768 newFrame->navigationScheduler()->scheduleLocationChange(activeWindow->se curityOrigin(), completedURL.string(), referrer,
1769 !activeFrame->script()->anyPageIsProcessingUserGesture(), false); 1769 !activeFrame->script()->anyPageIsProcessingUserGesture(), false);
(...skipping 29 matching lines...) Expand all
1799 else if (frameName == "_parent") { 1799 else if (frameName == "_parent") {
1800 if (Frame* parent = m_frame->tree()->parent()) 1800 if (Frame* parent = m_frame->tree()->parent())
1801 targetFrame = parent; 1801 targetFrame = parent;
1802 else 1802 else
1803 targetFrame = m_frame; 1803 targetFrame = m_frame;
1804 } 1804 }
1805 if (targetFrame) { 1805 if (targetFrame) {
1806 if (!activeFrame->loader()->shouldAllowNavigation(targetFrame)) 1806 if (!activeFrame->loader()->shouldAllowNavigation(targetFrame))
1807 return 0; 1807 return 0;
1808 1808
1809 if (targetFrame->domWindow()->isInsecureScriptAccess(activeWindow, urlSt ring)) 1809 KURL completedURL = firstFrame->document()->completeURL(urlString);
1810
1811 if (targetFrame->domWindow()->isInsecureScriptAccess(activeWindow, compl etedURL))
1810 return targetFrame->domWindow(); 1812 return targetFrame->domWindow();
1811 1813
1812 if (urlString.isEmpty()) 1814 if (urlString.isEmpty())
1813 return targetFrame->domWindow(); 1815 return targetFrame->domWindow();
1814 1816
1815 // For whatever reason, Firefox uses the first window rather than the ac tive window to 1817 // For whatever reason, Firefox uses the first window rather than the ac tive window to
1816 // determine the outgoing referrer. We replicate that behavior here. 1818 // determine the outgoing referrer. We replicate that behavior here.
1817 targetFrame->navigationScheduler()->scheduleLocationChange(activeFrame-> document()->securityOrigin(), 1819 targetFrame->navigationScheduler()->scheduleLocationChange(activeFrame-> document()->securityOrigin(),
1818 firstFrame->document()->completeURL(urlString).string(), 1820 completedURL,
1819 firstFrame->loader()->outgoingReferrer(), 1821 firstFrame->loader()->outgoingReferrer(),
1820 !activeFrame->script()->anyPageIsProcessingUserGesture(), false); 1822 !activeFrame->script()->anyPageIsProcessingUserGesture(), false);
1821 1823
1822 return targetFrame->domWindow(); 1824 return targetFrame->domWindow();
1823 } 1825 }
1824 1826
1825 WindowFeatures windowFeatures(windowFeaturesString); 1827 WindowFeatures windowFeatures(windowFeaturesString);
1826 FloatRect windowRect(windowFeatures.xSet ? windowFeatures.x : 0, windowFeatu res.ySet ? windowFeatures.y : 0, 1828 FloatRect windowRect(windowFeatures.xSet ? windowFeatures.x : 0, windowFeatu res.ySet ? windowFeatures.y : 0,
1827 windowFeatures.widthSet ? windowFeatures.width : 0, windowFeatures.heigh tSet ? windowFeatures.height : 0); 1829 windowFeatures.widthSet ? windowFeatures.width : 0, windowFeatures.heigh tSet ? windowFeatures.height : 0);
1828 Page* page = m_frame->page(); 1830 Page* page = m_frame->page();
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after
1874 #if ENABLE(QUOTA) 1876 #if ENABLE(QUOTA)
1875 StorageInfo* DOMWindow::webkitStorageInfo() const 1877 StorageInfo* DOMWindow::webkitStorageInfo() const
1876 { 1878 {
1877 if (!m_storageInfo) 1879 if (!m_storageInfo)
1878 m_storageInfo = StorageInfo::create(); 1880 m_storageInfo = StorageInfo::create();
1879 return m_storageInfo.get(); 1881 return m_storageInfo.get();
1880 } 1882 }
1881 #endif 1883 #endif
1882 1884
1883 } // namespace WebCore 1885 } // namespace WebCore
OLDNEW
« no previous file with comments | « LayoutTests/http/tests/security/xss-DENIED-document-baseURI-javascript-expected.txt ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698