Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(349)

Side by Side Diff: third_party/WebKit/Source/core/dom/Document.cpp

Issue 1383483007: Add scheme exceptions for isSecureContext (Closed) Base URL: https://chromium.googlesource.com/chromium/src@master
Patch Set: Fixes Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 /* 1 /*
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org)
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) 3 * (C) 1999 Antti Koivisto (koivisto@kde.org)
4 * (C) 2001 Dirk Mueller (mueller@kde.org) 4 * (C) 2001 Dirk Mueller (mueller@kde.org)
5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org)
6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r ights reserved. 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r ights reserved.
7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/) 7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/)
8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. 8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved.
9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) 9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies)
10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved. 10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved.
(...skipping 5638 matching lines...) Expand 10 before | Expand all | Expand 10 after
5649 { 5649 {
5650 wrapper = V8DOMWrapper::associateObjectWithWrapper(isolate, this, wrapperTyp e, wrapper); 5650 wrapper = V8DOMWrapper::associateObjectWithWrapper(isolate, this, wrapperTyp e, wrapper);
5651 DOMWrapperWorld& world = DOMWrapperWorld::current(isolate); 5651 DOMWrapperWorld& world = DOMWrapperWorld::current(isolate);
5652 if (world.isMainWorld() && frame()) 5652 if (world.isMainWorld() && frame())
5653 frame()->script().windowProxy(world)->updateDocumentWrapper(wrapper); 5653 frame()->script().windowProxy(world)->updateDocumentWrapper(wrapper);
5654 return wrapper; 5654 return wrapper;
5655 } 5655 }
5656 5656
5657 bool Document::isSecureContext(String& errorMessage, const SecureContextCheck pr ivilegeContextCheck) const 5657 bool Document::isSecureContext(String& errorMessage, const SecureContextCheck pr ivilegeContextCheck) const
5658 { 5658 {
5659 // There may be exceptions for the secure context check defined for certain
5660 // origins. The exceptions are applied only to the origin themselves and to
5661 // sandboxed URLs from those origins, but *not* to any children.
5662 //
5663 // For example:
5664 // <iframe src="http://host">
5665 // <iframe src="scheme-has-exception://host"></iframe>
5666 // <iframe sandbox src="scheme-has-exception://host"></iframe>
5667 // </iframe>
5668 // both inner iframes pass this check, assuming that the scheme
5669 // "scheme-has-exception:" is granted an exception.
5670 //
5671 // However,
5672 // <iframe src="http://host">
5673 // <iframe sandbox src="http://host"></iframe>
5674 // </iframe>
5675 // would fail the check (that is, sandbox does not grant an exception itself ).
5676 //
5677 // Additionally, with
5678 // <iframe src="scheme-has-exception://host">
5679 // <iframe src="http://host"></iframe>
5680 // <iframe sandbox src="http://host"></iframe>
5681 // </iframe>
5682 // both inner iframes would fail the check, even though the outermost iframe
5683 // passes.
5684 //
5685 // In all cases, a frame must be potentially trustworthy in addition to
5686 // having an exception listed in order for the exception to be granted.
5659 if (SecurityContext::isSandboxed(SandboxOrigin)) { 5687 if (SecurityContext::isSandboxed(SandboxOrigin)) {
5660 if (!SecurityOrigin::create(url())->isPotentiallyTrustworthy(errorMessag e)) 5688 RefPtr<SecurityOrigin> origin = SecurityOrigin::create(url());
5689 if (!origin->isPotentiallyTrustworthy(errorMessage))
5661 return false; 5690 return false;
5691 if (SchemeRegistry::schemeShouldBypassSecureContextCheck(origin->protoco l()))
5692 return true;
5662 } else { 5693 } else {
5663 if (!securityOrigin()->isPotentiallyTrustworthy(errorMessage)) 5694 if (!securityOrigin()->isPotentiallyTrustworthy(errorMessage))
5664 return false; 5695 return false;
5696 if (SchemeRegistry::schemeShouldBypassSecureContextCheck(securityOrigin( )->protocol()))
5697 return true;
5665 } 5698 }
5666 5699
5667 if (privilegeContextCheck == StandardSecureContextCheck) { 5700 if (privilegeContextCheck == StandardSecureContextCheck) {
5668 Document* context = parentDocument(); 5701 Document* context = parentDocument();
5669 while (context) { 5702 while (context) {
5670 // Skip to the next ancestor if it's a srcdoc. 5703 // Skip to the next ancestor if it's a srcdoc.
5671 if (!context->isSrcdocDocument()) { 5704 if (!context->isSrcdocDocument()) {
5672 if (context->securityContext().isSandboxed(SandboxOrigin)) { 5705 if (context->securityContext().isSandboxed(SandboxOrigin)) {
5673 // For a sandboxed origin, use the document's URL. 5706 // For a sandboxed origin, use the document's URL.
5674 RefPtr<SecurityOrigin> origin = SecurityOrigin::create(conte xt->url()); 5707 RefPtr<SecurityOrigin> origin = SecurityOrigin::create(conte xt->url());
(...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after
5757 #ifndef NDEBUG 5790 #ifndef NDEBUG
5758 using namespace blink; 5791 using namespace blink;
5759 void showLiveDocumentInstances() 5792 void showLiveDocumentInstances()
5760 { 5793 {
5761 Document::WeakDocumentSet& set = Document::liveDocumentSet(); 5794 Document::WeakDocumentSet& set = Document::liveDocumentSet();
5762 fprintf(stderr, "There are %u documents currently alive:\n", set.size()); 5795 fprintf(stderr, "There are %u documents currently alive:\n", set.size());
5763 for (Document* document : set) 5796 for (Document* document : set)
5764 fprintf(stderr, "- Document %p URL: %s\n", document, document->url().str ing().utf8().data()); 5797 fprintf(stderr, "- Document %p URL: %s\n", document, document->url().str ing().utf8().data());
5765 } 5798 }
5766 #endif 5799 #endif
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698