Index: Source/modules/serviceworkers/NavigatorServiceWorker.cpp |
diff --git a/Source/modules/serviceworkers/NavigatorServiceWorker.cpp b/Source/modules/serviceworkers/NavigatorServiceWorker.cpp |
index 89d9647a012d09a0abfca5d3dadf3f32b283966d..a61470b16a3fe162624b1b3059ed366d5ac33d84 100644 |
--- a/Source/modules/serviceworkers/NavigatorServiceWorker.cpp |
+++ b/Source/modules/serviceworkers/NavigatorServiceWorker.cpp |
@@ -26,6 +26,7 @@ NavigatorServiceWorker* NavigatorServiceWorker::from(Document& document) |
{ |
if (!document.frame() || !document.frame()->domWindow()) |
return nullptr; |
+ |
Navigator& navigator = *document.frame()->domWindow()->navigator(); |
return &from(navigator); |
} |
@@ -36,8 +37,11 @@ NavigatorServiceWorker& NavigatorServiceWorker::from(Navigator& navigator) |
if (!supplement) { |
supplement = new NavigatorServiceWorker(navigator); |
provideTo(navigator, supplementName(), supplement); |
- // Initialize ServiceWorkerContainer too. |
- supplement->serviceWorker(); |
+ if (navigator.frame() && navigator.frame()->securityContext()->securityOrigin()->canAccessServiceWorkers()) { |
nhiroki
2015/06/24 02:48:17
Is this necessary? Aren't checks in NavigatorServi
horo
2015/06/24 03:39:20
We need this check.
Otherwise ASSERT_NOT_REACHED()
|
+ // Initialize ServiceWorkerContainer too. |
+ NonThrowableExceptionState exceptionState; |
+ supplement->serviceWorker(exceptionState); |
+ } |
} |
return *supplement; |
} |
@@ -52,13 +56,20 @@ const char* NavigatorServiceWorker::supplementName() |
return "NavigatorServiceWorker"; |
} |
-ServiceWorkerContainer* NavigatorServiceWorker::serviceWorker(Navigator& navigator) |
+ServiceWorkerContainer* NavigatorServiceWorker::serviceWorker(Navigator& navigator, ExceptionState& exceptionState) |
{ |
- return NavigatorServiceWorker::from(navigator).serviceWorker(); |
+ return NavigatorServiceWorker::from(navigator).serviceWorker(exceptionState); |
} |
-ServiceWorkerContainer* NavigatorServiceWorker::serviceWorker() |
+ServiceWorkerContainer* NavigatorServiceWorker::serviceWorker(ExceptionState& exceptionState) |
{ |
+ if (frame() && !frame()->securityContext()->securityOrigin()->canAccessServiceWorkers()) { |
+ if (frame()->securityContext()->isSandboxed(SandboxOrigin)) |
+ exceptionState.throwSecurityError("Service worker is disabled because the context is sandboxed and lacks the 'allow-same-origin' flag."); |
+ else |
+ exceptionState.throwSecurityError("Access to service worker is denied."); |
+ return nullptr; |
+ } |
if (!m_serviceWorker && frame()) { |
ASSERT(frame()->domWindow()); |
m_serviceWorker = ServiceWorkerContainer::create(frame()->domWindow()->executionContext()); |