OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/tab_contents/navigation_controller.h" | 5 #include "content/browser/tab_contents/navigation_controller.h" |
6 | 6 |
7 #include "base/file_util.h" | 7 #include "base/file_util.h" |
8 #include "base/logging.h" | 8 #include "base/logging.h" |
9 #include "base/string_util.h" | 9 #include "base/string_util.h" |
10 #include "base/time.h" | 10 #include "base/time.h" |
(...skipping 204 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
215 } | 215 } |
216 } | 216 } |
217 | 217 |
218 bool NavigationController::IsInitialNavigation() { | 218 bool NavigationController::IsInitialNavigation() { |
219 return last_document_loaded_.is_null(); | 219 return last_document_loaded_.is_null(); |
220 } | 220 } |
221 | 221 |
222 // static | 222 // static |
223 NavigationEntry* NavigationController::CreateNavigationEntry( | 223 NavigationEntry* NavigationController::CreateNavigationEntry( |
224 const GURL& url, const GURL& referrer, content::PageTransition transition, | 224 const GURL& url, const GURL& referrer, content::PageTransition transition, |
225 const std::string& extra_headers, | 225 bool is_renderer_initiated, const std::string& extra_headers, |
226 content::BrowserContext* browser_context) { | 226 content::BrowserContext* browser_context) { |
227 // Allow the browser URL handler to rewrite the URL. This will, for example, | 227 // Allow the browser URL handler to rewrite the URL. This will, for example, |
228 // remove "view-source:" from the beginning of the URL to get the URL that | 228 // remove "view-source:" from the beginning of the URL to get the URL that |
229 // will actually be loaded. This real URL won't be shown to the user, just | 229 // will actually be loaded. This real URL won't be shown to the user, just |
230 // used internally. | 230 // used internally. |
231 GURL loaded_url(url); | 231 GURL loaded_url(url); |
232 bool reverse_on_redirect = false; | 232 bool reverse_on_redirect = false; |
233 BrowserURLHandler::GetInstance()->RewriteURLIfNecessary( | 233 BrowserURLHandler::GetInstance()->RewriteURLIfNecessary( |
234 &loaded_url, browser_context, &reverse_on_redirect); | 234 &loaded_url, browser_context, &reverse_on_redirect); |
235 | 235 |
236 NavigationEntry* entry = new NavigationEntry( | 236 NavigationEntry* entry = new NavigationEntry( |
237 NULL, // The site instance for tabs is sent on navigation | 237 NULL, // The site instance for tabs is sent on navigation |
238 // (TabContents::GetSiteInstance). | 238 // (TabContents::GetSiteInstance). |
239 -1, | 239 -1, |
240 loaded_url, | 240 loaded_url, |
241 referrer, | 241 referrer, |
242 string16(), | 242 string16(), |
243 transition); | 243 transition, |
| 244 is_renderer_initiated); |
244 entry->set_virtual_url(url); | 245 entry->set_virtual_url(url); |
245 entry->set_user_typed_url(url); | 246 entry->set_user_typed_url(url); |
246 entry->set_update_virtual_url_with_url(reverse_on_redirect); | 247 entry->set_update_virtual_url_with_url(reverse_on_redirect); |
247 entry->set_extra_headers(extra_headers); | 248 entry->set_extra_headers(extra_headers); |
248 return entry; | 249 return entry; |
249 } | 250 } |
250 | 251 |
251 NavigationEntry* NavigationController::GetEntryWithPageID( | 252 NavigationEntry* NavigationController::GetEntryWithPageID( |
252 SiteInstance* instance, int32 page_id) const { | 253 SiteInstance* instance, int32 page_id) const { |
253 int index = GetEntryIndexWithPageID(instance, page_id); | 254 int index = GetEntryIndexWithPageID(instance, page_id); |
(...skipping 30 matching lines...) Expand all Loading... |
284 if (transient_entry_index_ != -1) | 285 if (transient_entry_index_ != -1) |
285 return entries_[transient_entry_index_].get(); | 286 return entries_[transient_entry_index_].get(); |
286 if (pending_entry_) | 287 if (pending_entry_) |
287 return pending_entry_; | 288 return pending_entry_; |
288 return GetLastCommittedEntry(); | 289 return GetLastCommittedEntry(); |
289 } | 290 } |
290 | 291 |
291 NavigationEntry* NavigationController::GetVisibleEntry() const { | 292 NavigationEntry* NavigationController::GetVisibleEntry() const { |
292 if (transient_entry_index_ != -1) | 293 if (transient_entry_index_ != -1) |
293 return entries_[transient_entry_index_].get(); | 294 return entries_[transient_entry_index_].get(); |
294 // Only return pending_entry for new navigations. | 295 // Only return the pending_entry for new (non-history), browser-initiated |
295 if (pending_entry_ && pending_entry_->page_id() == -1) | 296 // navigations, in order to prevent URL spoof attacks. |
| 297 // Ideally we would also show the pending entry's URL for new renderer- |
| 298 // initiated navigations with no last committed entry (e.g., a link opening |
| 299 // in a new tab), but an attacker can insert content into the about:blank |
| 300 // page while the pending URL loads in that case. |
| 301 if (pending_entry_ && |
| 302 pending_entry_->page_id() == -1 && |
| 303 !pending_entry_->is_renderer_initiated()) |
296 return pending_entry_; | 304 return pending_entry_; |
297 return GetLastCommittedEntry(); | 305 return GetLastCommittedEntry(); |
298 } | 306 } |
299 | 307 |
300 int NavigationController::GetCurrentEntryIndex() const { | 308 int NavigationController::GetCurrentEntryIndex() const { |
301 if (transient_entry_index_ != -1) | 309 if (transient_entry_index_ != -1) |
302 return transient_entry_index_; | 310 return transient_entry_index_; |
303 if (pending_entry_index_ != -1) | 311 if (pending_entry_index_ != -1) |
304 return pending_entry_index_; | 312 return pending_entry_index_; |
305 return last_committed_entry_index_; | 313 return last_committed_entry_index_; |
(...skipping 183 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
489 | 497 |
490 void NavigationController::LoadURL( | 498 void NavigationController::LoadURL( |
491 const GURL& url, | 499 const GURL& url, |
492 const GURL& referrer, | 500 const GURL& referrer, |
493 content::PageTransition transition, | 501 content::PageTransition transition, |
494 const std::string& extra_headers) { | 502 const std::string& extra_headers) { |
495 // The user initiated a load, we don't need to reload anymore. | 503 // The user initiated a load, we don't need to reload anymore. |
496 needs_reload_ = false; | 504 needs_reload_ = false; |
497 | 505 |
498 NavigationEntry* entry = CreateNavigationEntry(url, referrer, transition, | 506 NavigationEntry* entry = CreateNavigationEntry(url, referrer, transition, |
| 507 false, |
499 extra_headers, | 508 extra_headers, |
500 browser_context_); | 509 browser_context_); |
501 | 510 |
| 511 LoadEntry(entry); |
| 512 } |
| 513 |
| 514 void NavigationController::LoadURLFromRenderer( |
| 515 const GURL& url, |
| 516 const GURL& referrer, |
| 517 content::PageTransition transition, |
| 518 const std::string& extra_headers) { |
| 519 // The user initiated a load, we don't need to reload anymore. |
| 520 needs_reload_ = false; |
| 521 |
| 522 NavigationEntry* entry = CreateNavigationEntry(url, referrer, transition, |
| 523 true, |
| 524 extra_headers, |
| 525 browser_context_); |
| 526 |
502 LoadEntry(entry); | 527 LoadEntry(entry); |
503 } | 528 } |
504 | 529 |
505 void NavigationController::DocumentLoadedInFrame() { | 530 void NavigationController::DocumentLoadedInFrame() { |
506 last_document_loaded_ = base::TimeTicks::Now(); | 531 last_document_loaded_ = base::TimeTicks::Now(); |
507 } | 532 } |
508 | 533 |
509 bool NavigationController::RendererDidNavigate( | 534 bool NavigationController::RendererDidNavigate( |
510 const ViewHostMsg_FrameNavigate_Params& params, | 535 const ViewHostMsg_FrameNavigate_Params& params, |
511 content::LoadCommittedDetails* details) { | 536 content::LoadCommittedDetails* details) { |
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
564 default: | 589 default: |
565 NOTREACHED(); | 590 NOTREACHED(); |
566 } | 591 } |
567 | 592 |
568 // All committed entries should have nonempty content state so WebKit doesn't | 593 // All committed entries should have nonempty content state so WebKit doesn't |
569 // get confused when we go back to them (see the function for details). | 594 // get confused when we go back to them (see the function for details). |
570 DCHECK(!params.content_state.empty()); | 595 DCHECK(!params.content_state.empty()); |
571 NavigationEntry* active_entry = GetActiveEntry(); | 596 NavigationEntry* active_entry = GetActiveEntry(); |
572 active_entry->set_content_state(params.content_state); | 597 active_entry->set_content_state(params.content_state); |
573 | 598 |
| 599 // Once committed, we do not need to track if the entry was initiated by |
| 600 // the renderer. |
| 601 active_entry->set_is_renderer_initiated(false); |
| 602 |
574 // The active entry's SiteInstance should match our SiteInstance. | 603 // The active entry's SiteInstance should match our SiteInstance. |
575 DCHECK(active_entry->site_instance() == tab_contents_->GetSiteInstance()); | 604 DCHECK(active_entry->site_instance() == tab_contents_->GetSiteInstance()); |
576 | 605 |
577 // Now prep the rest of the details for the notification and broadcast. | 606 // Now prep the rest of the details for the notification and broadcast. |
578 details->entry = active_entry; | 607 details->entry = active_entry; |
579 details->is_main_frame = | 608 details->is_main_frame = |
580 content::PageTransitionIsMainFrame(params.transition); | 609 content::PageTransitionIsMainFrame(params.transition); |
581 details->serialized_security_info = params.security_info; | 610 details->serialized_security_info = params.security_info; |
582 details->http_status_code = params.http_status_code; | 611 details->http_status_code = params.http_status_code; |
583 NotifyNavigationEntryCommitted(details); | 612 NotifyNavigationEntryCommitted(details); |
(...skipping 615 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1199 size_t insert_index = 0; | 1228 size_t insert_index = 0; |
1200 for (int i = 0; i < max_index; i++) { | 1229 for (int i = 0; i < max_index; i++) { |
1201 // When cloning a tab, copy all entries except interstitial pages | 1230 // When cloning a tab, copy all entries except interstitial pages |
1202 if (source.entries_[i].get()->page_type() != INTERSTITIAL_PAGE) { | 1231 if (source.entries_[i].get()->page_type() != INTERSTITIAL_PAGE) { |
1203 entries_.insert(entries_.begin() + insert_index++, | 1232 entries_.insert(entries_.begin() + insert_index++, |
1204 linked_ptr<NavigationEntry>( | 1233 linked_ptr<NavigationEntry>( |
1205 new NavigationEntry(*source.entries_[i]))); | 1234 new NavigationEntry(*source.entries_[i]))); |
1206 } | 1235 } |
1207 } | 1236 } |
1208 } | 1237 } |
OLD | NEW |