OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) | 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) |
6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r
ights reserved. | 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r
ights reserved. |
7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t
orchmobile.com/) | 7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t
orchmobile.com/) |
8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. | 8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. |
9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) | 9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) |
10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved. | 10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved. |
(...skipping 5649 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
5660 { | 5660 { |
5661 wrapper = V8DOMWrapper::associateObjectWithWrapper(isolate, this, wrapperTyp
e, wrapper); | 5661 wrapper = V8DOMWrapper::associateObjectWithWrapper(isolate, this, wrapperTyp
e, wrapper); |
5662 DOMWrapperWorld& world = DOMWrapperWorld::current(isolate); | 5662 DOMWrapperWorld& world = DOMWrapperWorld::current(isolate); |
5663 if (world.isMainWorld() && frame()) | 5663 if (world.isMainWorld() && frame()) |
5664 frame()->script().windowProxy(world)->updateDocumentWrapper(wrapper); | 5664 frame()->script().windowProxy(world)->updateDocumentWrapper(wrapper); |
5665 return wrapper; | 5665 return wrapper; |
5666 } | 5666 } |
5667 | 5667 |
5668 bool Document::isSecureContext(String& errorMessage, const SecureContextCheck pr
ivilegeContextCheck) const | 5668 bool Document::isSecureContext(String& errorMessage, const SecureContextCheck pr
ivilegeContextCheck) const |
5669 { | 5669 { |
| 5670 // There may be exceptions for the secure context check defined for certain |
| 5671 // schemes. The exceptions are applied only to the special scheme and to |
| 5672 // sandboxed URLs from those origins, but *not* to any children. |
| 5673 // |
| 5674 // For example: |
| 5675 // <iframe src="http://host"> |
| 5676 // <iframe src="scheme-has-exception://host"></iframe> |
| 5677 // <iframe sandbox src="scheme-has-exception://host"></iframe> |
| 5678 // </iframe> |
| 5679 // both inner iframes pass this check, assuming that the scheme |
| 5680 // "scheme-has-exception:" is granted an exception. |
| 5681 // |
| 5682 // However, |
| 5683 // <iframe src="http://host"> |
| 5684 // <iframe sandbox src="http://host"></iframe> |
| 5685 // </iframe> |
| 5686 // would fail the check (that is, sandbox does not grant an exception itself
). |
| 5687 // |
| 5688 // Additionally, with |
| 5689 // <iframe src="scheme-has-exception://host"> |
| 5690 // <iframe src="http://host"></iframe> |
| 5691 // <iframe sandbox src="http://host"></iframe> |
| 5692 // </iframe> |
| 5693 // both inner iframes would fail the check, even though the outermost iframe |
| 5694 // passes. |
| 5695 // |
| 5696 // In all cases, a frame must be potentially trustworthy in addition to |
| 5697 // having an exception listed in order for the exception to be granted. |
5670 if (SecurityContext::isSandboxed(SandboxOrigin)) { | 5698 if (SecurityContext::isSandboxed(SandboxOrigin)) { |
5671 if (!SecurityOrigin::create(url())->isPotentiallyTrustworthy(errorMessag
e)) | 5699 RefPtr<SecurityOrigin> origin = SecurityOrigin::create(url()); |
| 5700 if (!origin->isPotentiallyTrustworthy(errorMessage)) |
5672 return false; | 5701 return false; |
| 5702 if (SchemeRegistry::schemeShouldBypassSecureContextCheck(origin->protoco
l())) |
| 5703 return true; |
5673 } else { | 5704 } else { |
5674 if (!securityOrigin()->isPotentiallyTrustworthy(errorMessage)) | 5705 if (!securityOrigin()->isPotentiallyTrustworthy(errorMessage)) |
5675 return false; | 5706 return false; |
| 5707 if (SchemeRegistry::schemeShouldBypassSecureContextCheck(securityOrigin(
)->protocol())) |
| 5708 return true; |
5676 } | 5709 } |
5677 | 5710 |
5678 if (privilegeContextCheck == StandardSecureContextCheck) { | 5711 if (privilegeContextCheck == StandardSecureContextCheck) { |
5679 Document* context = parentDocument(); | 5712 Document* context = parentDocument(); |
5680 while (context) { | 5713 while (context) { |
5681 // Skip to the next ancestor if it's a srcdoc. | 5714 // Skip to the next ancestor if it's a srcdoc. |
5682 if (!context->isSrcdocDocument()) { | 5715 if (!context->isSrcdocDocument()) { |
5683 if (context->securityContext().isSandboxed(SandboxOrigin)) { | 5716 if (context->securityContext().isSandboxed(SandboxOrigin)) { |
5684 // For a sandboxed origin, use the document's URL. | 5717 // For a sandboxed origin, use the document's URL. |
5685 RefPtr<SecurityOrigin> origin = SecurityOrigin::create(conte
xt->url()); | 5718 RefPtr<SecurityOrigin> origin = SecurityOrigin::create(conte
xt->url()); |
(...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
5775 #ifndef NDEBUG | 5808 #ifndef NDEBUG |
5776 using namespace blink; | 5809 using namespace blink; |
5777 void showLiveDocumentInstances() | 5810 void showLiveDocumentInstances() |
5778 { | 5811 { |
5779 Document::WeakDocumentSet& set = Document::liveDocumentSet(); | 5812 Document::WeakDocumentSet& set = Document::liveDocumentSet(); |
5780 fprintf(stderr, "There are %u documents currently alive:\n", set.size()); | 5813 fprintf(stderr, "There are %u documents currently alive:\n", set.size()); |
5781 for (Document* document : set) | 5814 for (Document* document : set) |
5782 fprintf(stderr, "- Document %p URL: %s\n", document, document->url().str
ing().utf8().data()); | 5815 fprintf(stderr, "- Document %p URL: %s\n", document, document->url().str
ing().utf8().data()); |
5783 } | 5816 } |
5784 #endif | 5817 #endif |
OLD | NEW |