| Index: chrome/renderer/content_settings_observer.cc
|
| diff --git a/chrome/renderer/content_settings_observer.cc b/chrome/renderer/content_settings_observer.cc
|
| index 24b0db39c33c0003016f48f1a924639a9df7302a..3d1bfacb7ed096df4b0038d4fdf90b917a3d2124 100644
|
| --- a/chrome/renderer/content_settings_observer.cc
|
| +++ b/chrome/renderer/content_settings_observer.cc
|
| @@ -59,6 +59,21 @@ GURL GetOriginOrURL(const WebFrame* frame) {
|
| return GURL(top_origin);
|
| }
|
|
|
| +ContentSetting GetContentSettingFromRules(
|
| + const ContentSettingsForOneType& rules,
|
| + const GURL& primary_url,
|
| + const GURL& secondary_url) {
|
| + ContentSettingsForOneType::const_iterator it;
|
| + for (it = rules.begin(); it != rules.end(); ++it) {
|
| + if (it->primary_pattern.Matches(primary_url) &&
|
| + it->secondary_pattern.Matches(secondary_url)) {
|
| + return it->setting;
|
| + }
|
| + }
|
| + NOTREACHED();
|
| + return CONTENT_SETTING_DEFAULT;
|
| +}
|
| +
|
| } // namespace
|
|
|
| ContentSettingsObserver::ContentSettingsObserver(
|
| @@ -66,7 +81,7 @@ ContentSettingsObserver::ContentSettingsObserver(
|
| : content::RenderViewObserver(render_view),
|
| content::RenderViewObserverTracker<ContentSettingsObserver>(render_view),
|
| default_content_settings_(NULL),
|
| - image_setting_rules_(NULL),
|
| + content_setting_rules_(NULL),
|
| plugins_temporarily_allowed_(false) {
|
| ClearBlockedContentSettings();
|
| }
|
| @@ -84,9 +99,9 @@ void ContentSettingsObserver::SetDefaultContentSettings(
|
| default_content_settings_ = settings;
|
| }
|
|
|
| -void ContentSettingsObserver::SetImageSettingRules(
|
| - const ContentSettingsForOneType* image_setting_rules) {
|
| - image_setting_rules_ = image_setting_rules;
|
| +void ContentSettingsObserver::SetContentSettingRules(
|
| + const RendererContentSettingRules* content_setting_rules) {
|
| + content_setting_rules_ = content_setting_rules;
|
| }
|
|
|
| ContentSetting ContentSettingsObserver::GetContentSetting(
|
| @@ -132,9 +147,10 @@ void ContentSettingsObserver::DidCommitProvisionalLoad(
|
| NavigationState* state = NavigationState::FromDataSource(frame->dataSource());
|
| if (!state->was_within_same_page()) {
|
| // Clear "block" flags for the new page. This needs to happen before any of
|
| - // allowScripts(), allowImage(), allowPlugins() is called for the new page
|
| - // so that these functions can correctly detect that a piece of content
|
| - // flipped from "not blocked" to "blocked".
|
| + // |AllowScript()|, |AllowScriptFromSource()|, |AllowImage()|, or
|
| + // |AllowPlugins()| is called for the new page so that these functions can
|
| + // correctly detect that a piece of content flipped from "not blocked" to
|
| + // "blocked".
|
| ClearBlockedContentSettings();
|
| plugins_temporarily_allowed_ = false;
|
| }
|
| @@ -217,19 +233,12 @@ bool ContentSettingsObserver::AllowImage(WebFrame* frame,
|
| return true;
|
|
|
| bool allow = enabled_per_settings;
|
| - const GURL& primary_url = GetOriginOrURL(frame);
|
| - GURL secondary_url(image_url);
|
| - if (image_setting_rules_ &&
|
| - enabled_per_settings) {
|
| - ContentSettingsForOneType::const_iterator it;
|
| - for (it = image_setting_rules_->begin();
|
| - it != image_setting_rules_->end(); ++it) {
|
| - if (it->primary_pattern.Matches(primary_url) &&
|
| - it->secondary_pattern.Matches(secondary_url)) {
|
| - allow = (it->setting != CONTENT_SETTING_BLOCK);
|
| - break;
|
| - }
|
| - }
|
| + if (content_setting_rules_ && enabled_per_settings) {
|
| + const GURL& primary_url = GetOriginOrURL(frame);
|
| + GURL secondary_url(image_url);
|
| + allow = GetContentSettingFromRules(
|
| + content_setting_rules_->image_rules,
|
| + primary_url, secondary_url) != CONTENT_SETTING_BLOCK;
|
| }
|
|
|
| if (!allow)
|
| @@ -259,15 +268,38 @@ bool ContentSettingsObserver::AllowPlugins(WebFrame* frame,
|
|
|
| bool ContentSettingsObserver::AllowScript(WebFrame* frame,
|
| bool enabled_per_settings) {
|
| - if (enabled_per_settings &&
|
| - AllowContentType(CONTENT_SETTINGS_TYPE_JAVASCRIPT)) {
|
| + if (!enabled_per_settings)
|
| + return false;
|
| + if (IsWhitelistedForContentSettings(frame))
|
| return true;
|
| +
|
| + if (content_setting_rules_) {
|
| + const GURL& primary_url = GetOriginOrURL(frame);
|
| + GURL secondary_url(frame->document().securityOrigin().toString());
|
| + return (GetContentSettingFromRules(
|
| + content_setting_rules_->script_rules,
|
| + primary_url, secondary_url) != CONTENT_SETTING_BLOCK);
|
| }
|
| + return true;
|
| +}
|
|
|
| +bool ContentSettingsObserver::AllowScriptFromSource(
|
| + WebFrame* frame,
|
| + bool enabled_per_settings,
|
| + const WebKit::WebURL& script_url) {
|
| + if (!enabled_per_settings)
|
| + return false;
|
| if (IsWhitelistedForContentSettings(frame))
|
| return true;
|
|
|
| - return false; // Other protocols fall through here.
|
| + if (content_setting_rules_) {
|
| + const GURL& primary_url = GetOriginOrURL(frame);
|
| + GURL secondary_url(script_url);
|
| + return (GetContentSettingFromRules(
|
| + content_setting_rules_->script_rules,
|
| + primary_url, secondary_url) != CONTENT_SETTING_BLOCK);
|
| + }
|
| + return true;
|
| }
|
|
|
| bool ContentSettingsObserver::AllowStorage(WebFrame* frame, bool local) {
|
|
|
Chromium Code Reviews
Issue 8409006:
Take script URLs into account when applying script content settings. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src