| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/renderer_host/render_view_host_impl.h" | 5 #include "content/browser/renderer_host/render_view_host_impl.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <utility> | 9 #include <utility> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 147 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 158 bool swapped_out, | 158 bool swapped_out, |
| 159 SessionStorageNamespace* session_storage) | 159 SessionStorageNamespace* session_storage) |
| 160 : RenderWidgetHostImpl(widget_delegate, instance->GetProcess(), routing_id), | 160 : RenderWidgetHostImpl(widget_delegate, instance->GetProcess(), routing_id), |
| 161 delegate_(delegate), | 161 delegate_(delegate), |
| 162 instance_(static_cast<SiteInstanceImpl*>(instance)), | 162 instance_(static_cast<SiteInstanceImpl*>(instance)), |
| 163 waiting_for_drag_context_response_(false), | 163 waiting_for_drag_context_response_(false), |
| 164 enabled_bindings_(0), | 164 enabled_bindings_(0), |
| 165 pending_request_id_(-1), | 165 pending_request_id_(-1), |
| 166 navigations_suspended_(false), | 166 navigations_suspended_(false), |
| 167 suspended_nav_message_(NULL), | 167 suspended_nav_message_(NULL), |
| 168 has_accessed_initial_document_(false), |
| 168 is_swapped_out_(swapped_out), | 169 is_swapped_out_(swapped_out), |
| 169 is_subframe_(false), | 170 is_subframe_(false), |
| 170 run_modal_reply_msg_(NULL), | 171 run_modal_reply_msg_(NULL), |
| 171 run_modal_opener_id_(MSG_ROUTING_NONE), | 172 run_modal_opener_id_(MSG_ROUTING_NONE), |
| 172 is_waiting_for_beforeunload_ack_(false), | 173 is_waiting_for_beforeunload_ack_(false), |
| 173 is_waiting_for_unload_ack_(false), | 174 is_waiting_for_unload_ack_(false), |
| 174 has_timed_out_on_unload_(false), | 175 has_timed_out_on_unload_(false), |
| 175 unload_ack_is_for_cross_site_transition_(false), | 176 unload_ack_is_for_cross_site_transition_(false), |
| 176 are_javascript_messages_suppressed_(false), | 177 are_javascript_messages_suppressed_(false), |
| 177 accessibility_layout_callback_(base::Bind(&base::DoNothing)), | 178 accessibility_layout_callback_(base::Bind(&base::DoNothing)), |
| (...skipping 806 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 984 IPC_MESSAGE_HANDLER(DesktopNotificationHostMsg_RequestPermission, | 985 IPC_MESSAGE_HANDLER(DesktopNotificationHostMsg_RequestPermission, |
| 985 OnRequestDesktopNotificationPermission) | 986 OnRequestDesktopNotificationPermission) |
| 986 IPC_MESSAGE_HANDLER(DesktopNotificationHostMsg_Show, | 987 IPC_MESSAGE_HANDLER(DesktopNotificationHostMsg_Show, |
| 987 OnShowDesktopNotification) | 988 OnShowDesktopNotification) |
| 988 IPC_MESSAGE_HANDLER(DesktopNotificationHostMsg_Cancel, | 989 IPC_MESSAGE_HANDLER(DesktopNotificationHostMsg_Cancel, |
| 989 OnCancelDesktopNotification) | 990 OnCancelDesktopNotification) |
| 990 #if defined(OS_MACOSX) || defined(OS_ANDROID) | 991 #if defined(OS_MACOSX) || defined(OS_ANDROID) |
| 991 IPC_MESSAGE_HANDLER(ViewHostMsg_ShowPopup, OnShowPopup) | 992 IPC_MESSAGE_HANDLER(ViewHostMsg_ShowPopup, OnShowPopup) |
| 992 #endif | 993 #endif |
| 993 IPC_MESSAGE_HANDLER(ViewHostMsg_RunFileChooser, OnRunFileChooser) | 994 IPC_MESSAGE_HANDLER(ViewHostMsg_RunFileChooser, OnRunFileChooser) |
| 995 IPC_MESSAGE_HANDLER(ViewHostMsg_DidAccessInitialDocument, |
| 996 OnDidAccessInitialDocument) |
| 994 IPC_MESSAGE_HANDLER(ViewHostMsg_DomOperationResponse, | 997 IPC_MESSAGE_HANDLER(ViewHostMsg_DomOperationResponse, |
| 995 OnDomOperationResponse) | 998 OnDomOperationResponse) |
| 996 IPC_MESSAGE_HANDLER(AccessibilityHostMsg_Notifications, | 999 IPC_MESSAGE_HANDLER(AccessibilityHostMsg_Notifications, |
| 997 OnAccessibilityNotifications) | 1000 OnAccessibilityNotifications) |
| 998 IPC_MESSAGE_HANDLER(ViewHostMsg_FrameTreeUpdated, OnFrameTreeUpdated) | 1001 IPC_MESSAGE_HANDLER(ViewHostMsg_FrameTreeUpdated, OnFrameTreeUpdated) |
| 999 // Have the super handle all other messages. | 1002 // Have the super handle all other messages. |
| 1000 IPC_MESSAGE_UNHANDLED( | 1003 IPC_MESSAGE_UNHANDLED( |
| 1001 handled = RenderWidgetHostImpl::OnMessageReceived(msg)) | 1004 handled = RenderWidgetHostImpl::OnMessageReceived(msg)) |
| 1002 IPC_END_MESSAGE_MAP_EX() | 1005 IPC_END_MESSAGE_MAP_EX() |
| 1003 | 1006 |
| (...skipping 197 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1201 if (!SiteInstance::IsSameWebSite(GetSiteInstance()->GetBrowserContext(), | 1204 if (!SiteInstance::IsSameWebSite(GetSiteInstance()->GetBrowserContext(), |
| 1202 GetSiteInstance()->GetSiteURL(), | 1205 GetSiteInstance()->GetSiteURL(), |
| 1203 validated_params.url) || | 1206 validated_params.url) || |
| 1204 static_cast<SiteInstanceImpl*>(GetSiteInstance())-> | 1207 static_cast<SiteInstanceImpl*>(GetSiteInstance())-> |
| 1205 HasWrongProcessForURL(validated_params.url)) { | 1208 HasWrongProcessForURL(validated_params.url)) { |
| 1206 // TODO(nasko): Removed the actual kill process call until out-of-process | 1209 // TODO(nasko): Removed the actual kill process call until out-of-process |
| 1207 // iframes is ready to go. | 1210 // iframes is ready to go. |
| 1208 } | 1211 } |
| 1209 } | 1212 } |
| 1210 | 1213 |
| 1214 // Now that something has committed, we don't need to track whether the |
| 1215 // initial page has been accessed. |
| 1216 has_accessed_initial_document_ = false; |
| 1217 |
| 1211 ChildProcessSecurityPolicyImpl* policy = | 1218 ChildProcessSecurityPolicyImpl* policy = |
| 1212 ChildProcessSecurityPolicyImpl::GetInstance(); | 1219 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 1213 // Without this check, an evil renderer can trick the browser into creating | 1220 // Without this check, an evil renderer can trick the browser into creating |
| 1214 // a navigation entry for a banned URL. If the user clicks the back button | 1221 // a navigation entry for a banned URL. If the user clicks the back button |
| 1215 // followed by the forward button (or clicks reload, or round-trips through | 1222 // followed by the forward button (or clicks reload, or round-trips through |
| 1216 // session restore, etc), we'll think that the browser commanded the | 1223 // session restore, etc), we'll think that the browser commanded the |
| 1217 // renderer to load the URL and grant the renderer the privileges to request | 1224 // renderer to load the URL and grant the renderer the privileges to request |
| 1218 // the URL. To prevent this attack, we block the renderer from inserting | 1225 // the URL. To prevent this attack, we block the renderer from inserting |
| 1219 // banned URLs into the navigation controller in the first place. | 1226 // banned URLs into the navigation controller in the first place. |
| 1220 FilterURL(policy, process, false, &validated_params.url); | 1227 FilterURL(policy, process, false, &validated_params.url); |
| (...skipping 775 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1996 params.right_aligned, | 2003 params.right_aligned, |
| 1997 params.allow_multiple_selection); | 2004 params.allow_multiple_selection); |
| 1998 } | 2005 } |
| 1999 } | 2006 } |
| 2000 #endif | 2007 #endif |
| 2001 | 2008 |
| 2002 void RenderViewHostImpl::OnRunFileChooser(const FileChooserParams& params) { | 2009 void RenderViewHostImpl::OnRunFileChooser(const FileChooserParams& params) { |
| 2003 delegate_->RunFileChooser(this, params); | 2010 delegate_->RunFileChooser(this, params); |
| 2004 } | 2011 } |
| 2005 | 2012 |
| 2013 void RenderViewHostImpl::OnDidAccessInitialDocument() { |
| 2014 has_accessed_initial_document_ = true; |
| 2015 delegate_->DidAccessInitialDocument(); |
| 2016 } |
| 2017 |
| 2006 void RenderViewHostImpl::OnDomOperationResponse( | 2018 void RenderViewHostImpl::OnDomOperationResponse( |
| 2007 const std::string& json_string, int automation_id) { | 2019 const std::string& json_string, int automation_id) { |
| 2008 DomOperationNotificationDetails details(json_string, automation_id); | 2020 DomOperationNotificationDetails details(json_string, automation_id); |
| 2009 NotificationService::current()->Notify( | 2021 NotificationService::current()->Notify( |
| 2010 NOTIFICATION_DOM_OPERATION_RESPONSE, | 2022 NOTIFICATION_DOM_OPERATION_RESPONSE, |
| 2011 Source<RenderViewHost>(this), | 2023 Source<RenderViewHost>(this), |
| 2012 Details<DomOperationNotificationDetails>(&details)); | 2024 Details<DomOperationNotificationDetails>(&details)); |
| 2013 } | 2025 } |
| 2014 | 2026 |
| 2015 void RenderViewHostImpl::OnFrameTreeUpdated(const std::string& frame_tree) { | 2027 void RenderViewHostImpl::OnFrameTreeUpdated(const std::string& frame_tree) { |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2051 GetRoutingID(), snapshot_id, snapshot_size, png)); | 2063 GetRoutingID(), snapshot_id, snapshot_size, png)); |
| 2052 return; | 2064 return; |
| 2053 } | 2065 } |
| 2054 } | 2066 } |
| 2055 | 2067 |
| 2056 Send(new ViewMsg_WindowSnapshotCompleted( | 2068 Send(new ViewMsg_WindowSnapshotCompleted( |
| 2057 GetRoutingID(), snapshot_id, gfx::Size(), png)); | 2069 GetRoutingID(), snapshot_id, gfx::Size(), png)); |
| 2058 } | 2070 } |
| 2059 | 2071 |
| 2060 } // namespace content | 2072 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12541018:
Allow showing pending URL for new tab navigations, but only if safe. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src