Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(389)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/bindings/core/v8/BindingSecurity.cpp

Issue 1096173003: Print cross-domain access errors on calling window rather than target. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Add a test Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | Source/core/frame/LocalDOMWindow.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2009 Google Inc. All rights reserved. 2 * Copyright (C) 2009 Google Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are 5 * modification, are permitted provided that the following conditions are
6 * met: 6 * met:
7 * 7 *
8 * * Redistributions of source code must retain the above copyright 8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above 10 * * Redistributions in binary form must reproduce the above
(...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after
65 exceptionState.throwSecurityError(targetDocument->domWindow()->sanitized CrossDomainAccessErrorMessage(callingWindow), targetDocument->domWindow()->cross DomainAccessErrorMessage(callingWindow)); 65 exceptionState.throwSecurityError(targetDocument->domWindow()->sanitized CrossDomainAccessErrorMessage(callingWindow), targetDocument->domWindow()->cross DomainAccessErrorMessage(callingWindow));
66 return false; 66 return false;
67 } 67 }
68 68
69 static bool canAccessDocument(v8::Isolate* isolate, Document* targetDocument, Se curityReportingOption reportingOption = ReportSecurityError) 69 static bool canAccessDocument(v8::Isolate* isolate, Document* targetDocument, Se curityReportingOption reportingOption = ReportSecurityError)
70 { 70 {
71 LocalDOMWindow* callingWindow = callingDOMWindow(isolate); 71 LocalDOMWindow* callingWindow = callingDOMWindow(isolate);
72 if (isDocumentAccessibleFromDOMWindow(targetDocument, callingWindow)) 72 if (isDocumentAccessibleFromDOMWindow(targetDocument, callingWindow))
73 return true; 73 return true;
74 74
75 // FIXME: This logic looks unnecessarily convoluted. 75 if (reportingOption == ReportSecurityError && targetDocument->domWindow())
76 if (reportingOption == ReportSecurityError && targetDocument->domWindow()) { 76 callingWindow->printErrorMessage(targetDocument->domWindow()->crossDomai nAccessErrorMessage(callingWindow));
77 if (LocalFrame* frame = targetDocument->frame())
78 frame->localDOMWindow()->printErrorMessage(targetDocument->domWindow ()->crossDomainAccessErrorMessage(callingWindow));
79 }
80 77
81 return false; 78 return false;
82 } 79 }
83 80
84 bool BindingSecurity::shouldAllowAccessToFrame(v8::Isolate* isolate, Frame* targ et, SecurityReportingOption reportingOption) 81 bool BindingSecurity::shouldAllowAccessToFrame(v8::Isolate* isolate, Frame* targ et, SecurityReportingOption reportingOption)
85 { 82 {
86 if (!target || !target->isLocalFrame()) 83 if (!target || !target->isLocalFrame())
87 return false; 84 return false;
88 return canAccessDocument(isolate, toLocalFrame(target)->document(), reportin gOption); 85 return canAccessDocument(isolate, toLocalFrame(target)->document(), reportin gOption);
89 } 86 }
90 87
91 bool BindingSecurity::shouldAllowAccessToFrame(v8::Isolate* isolate, Frame* targ et, ExceptionState& exceptionState) 88 bool BindingSecurity::shouldAllowAccessToFrame(v8::Isolate* isolate, Frame* targ et, ExceptionState& exceptionState)
92 { 89 {
93 if (!target || !target->isLocalFrame()) 90 if (!target || !target->isLocalFrame())
94 return false; 91 return false;
95 return canAccessDocument(isolate, toLocalFrame(target)->document(), exceptio nState); 92 return canAccessDocument(isolate, toLocalFrame(target)->document(), exceptio nState);
96 } 93 }
97 94
98 bool BindingSecurity::shouldAllowAccessToNode(v8::Isolate* isolate, Node* target , ExceptionState& exceptionState) 95 bool BindingSecurity::shouldAllowAccessToNode(v8::Isolate* isolate, Node* target , ExceptionState& exceptionState)
99 { 96 {
100 return target && canAccessDocument(isolate, &target->document(), exceptionSt ate); 97 return target && canAccessDocument(isolate, &target->document(), exceptionSt ate);
101 } 98 }
102 99
103 } 100 }
OLDNEW
« no previous file with comments | « no previous file | Source/core/frame/LocalDOMWindow.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698