Chromium Code Reviews Chromium Code Reviews
Issue 1446253002:
PlzNavigate: inform the WebFrameClient that a form will be submitted (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserv ed. | 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserv ed. |
| 3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) | 3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) |
| 4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/) | 4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/) |
| 5 * Copyright (C) 2008 Alp Toker <alp@atoker.com> | 5 * Copyright (C) 2008 Alp Toker <alp@atoker.com> |
| 6 * Copyright (C) Research In Motion Limited 2009. All rights reserved. | 6 * Copyright (C) Research In Motion Limited 2009. All rights reserved. |
| 7 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> | 7 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> |
| 8 * Copyright (C) 2011 Google Inc. All rights reserved. | 8 * Copyright (C) 2011 Google Inc. All rights reserved. |
| 9 * | 9 * |
| 10 * Redistribution and use in source and binary forms, with or without | 10 * Redistribution and use in source and binary forms, with or without |
| (...skipping 1304 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1315 } | 1315 } |
| 1316 | 1316 |
| 1317 if (i == targetFrames.size()) | 1317 if (i == targetFrames.size()) |
| 1318 shouldClose = true; | 1318 shouldClose = true; |
| 1319 } | 1319 } |
| 1320 return shouldClose; | 1320 return shouldClose; |
| 1321 } | 1321 } |
| 1322 | 1322 |
| 1323 bool FrameLoader::shouldContinueForNavigationPolicy(const ResourceRequest& reque st, const SubstituteData& substituteData, | 1323 bool FrameLoader::shouldContinueForNavigationPolicy(const ResourceRequest& reque st, const SubstituteData& substituteData, |
| 1324 DocumentLoader* loader, ContentSecurityPolicyDisposition shouldCheckMainWorl dContentSecurityPolicy, | 1324 DocumentLoader* loader, ContentSecurityPolicyDisposition shouldCheckMainWorl dContentSecurityPolicy, |
| 1325 NavigationType type, NavigationPolicy policy, bool replacesCurrentHistoryIte m, bool isClientRedirect) | 1325 NavigationType type, NavigationPolicy policy, bool replacesCurrentHistoryIte m, bool isClientRedirect, HTMLFormElement* form) |
| 1326 { | 1326 { |
| 1327 // Don't ask if we are loading an empty URL. | 1327 // Don't ask if we are loading an empty URL. |
| 1328 if (request.url().isEmpty() || substituteData.isValid()) | 1328 if (request.url().isEmpty() || substituteData.isValid()) |
| 1329 return true; | 1329 return true; |
| 1330 | 1330 |
| 1331 // If we're loading content into a subframe, check against the parent's Cont ent Security Policy | 1331 // If we're loading content into a subframe, check against the parent's Cont ent Security Policy |
| 1332 // and kill the load if that check fails, unless we should bypass the main w orld's CSP. | 1332 // and kill the load if that check fails, unless we should bypass the main w orld's CSP. |
| 1333 // FIXME: CSP checks are broken for OOPI. For now, this policy always allows frames with a remote parent... | 1333 // FIXME: CSP checks are broken for OOPI. For now, this policy always allows frames with a remote parent... |
| 1334 if ((shouldCheckMainWorldContentSecurityPolicy == CheckContentSecurityPolicy ) && (m_frame->deprecatedLocalOwner() && !m_frame->deprecatedLocalOwner()->docum ent().contentSecurityPolicy()->allowChildFrameFromSource(request.url(), request. followedRedirect() ? ContentSecurityPolicy::DidRedirect : ContentSecurityPolicy: :DidNotRedirect))) { | 1334 if ((shouldCheckMainWorldContentSecurityPolicy == CheckContentSecurityPolicy ) && (m_frame->deprecatedLocalOwner() && !m_frame->deprecatedLocalOwner()->docum ent().contentSecurityPolicy()->allowChildFrameFromSource(request.url(), request. followedRedirect() ? ContentSecurityPolicy::DidRedirect : ContentSecurityPolicy: :DidNotRedirect))) { |
| 1335 // Fire a load event, as timing attacks would otherwise reveal that the | 1335 // Fire a load event, as timing attacks would otherwise reveal that the |
| 1336 // frame was blocked. This way, it looks like every other cross-origin | 1336 // frame was blocked. This way, it looks like every other cross-origin |
| 1337 // page load. | 1337 // page load. |
| 1338 m_frame->document()->enforceSandboxFlags(SandboxOrigin); | 1338 m_frame->document()->enforceSandboxFlags(SandboxOrigin); |
| 1339 m_frame->owner()->dispatchLoad(); | 1339 m_frame->owner()->dispatchLoad(); |
| 1340 return false; | 1340 return false; |
| 1341 } | 1341 } |
| 1342 | 1342 |
| 1343 bool isFormSubmission = type == NavigationTypeFormSubmitted || type == Navig ationTypeFormResubmitted; | 1343 bool isFormSubmission = type == NavigationTypeFormSubmitted || type == Navig ationTypeFormResubmitted; |
| 1344 if (isFormSubmission && !m_frame->document()->contentSecurityPolicy()->allow FormAction(request.url())) | 1344 if (isFormSubmission && !m_frame->document()->contentSecurityPolicy()->allow FormAction(request.url())) |
| 1345 return false; | 1345 return false; |
| 1346 | 1346 |
| 1347 policy = client()->decidePolicyForNavigation(request, loader, type, policy, replacesCurrentHistoryItem, isClientRedirect); | 1347 policy = client()->decidePolicyForNavigation(request, loader, type, policy, replacesCurrentHistoryItem, isClientRedirect); |
| 1348 if (policy == NavigationPolicyCurrentTab) | 1348 if (policy == NavigationPolicyCurrentTab) |
| 1349 return true; | 1349 return true; |
| 1350 if (policy == NavigationPolicyIgnore) | 1350 if (policy == NavigationPolicyIgnore) |
| 1351 return false; | 1351 return false; |
| 1352 if (policy == NavigationPolicyHandledByClient) { | 1352 if (policy == NavigationPolicyHandledByClient) { |
| 1353 // Mark the frame as loading since the embedder is handling the navigati on. | 1353 // Mark the frame as loading since the embedder is handling the navigati on. |
| 1354 m_progressTracker->progressStarted(); | 1354 m_progressTracker->progressStarted(); |
| 1355 | |
| 1356 // If this is a form submit, dispatch that a form is being submitted | |
| 1357 // since the embedder is handling the navigation. | |
| 1358 if (form) | |
| 1359 client()->dispatchWillSubmitForm(form); | |
|
dcheng
2016/02/24 21:24:55
Just curious: shouldn't the embedder "know" it is
clamy
2016/02/25 14:34:07
I'm not sure how exactly the embedder know the nav
dcheng
2016/02/25 21:56:17
Makes sense, thanks.
| |
| 1360 | |
| 1355 return false; | 1361 return false; |
| 1356 } | 1362 } |
| 1357 if (!LocalDOMWindow::allowPopUp(*m_frame) && !UserGestureIndicator::processi ngUserGesture()) | 1363 if (!LocalDOMWindow::allowPopUp(*m_frame) && !UserGestureIndicator::processi ngUserGesture()) |
| 1358 return false; | 1364 return false; |
| 1359 client()->loadURLExternally(request, policy, String(), replacesCurrentHistor yItem); | 1365 client()->loadURLExternally(request, policy, String(), replacesCurrentHistor yItem); |
| 1360 return false; | 1366 return false; |
| 1361 } | 1367 } |
| 1362 | 1368 |
| 1363 void FrameLoader::startLoad(FrameLoadRequest& frameLoadRequest, FrameLoadType ty pe, NavigationPolicy navigationPolicy) | 1369 void FrameLoader::startLoad(FrameLoadRequest& frameLoadRequest, FrameLoadType ty pe, NavigationPolicy navigationPolicy) |
| 1364 { | 1370 { |
| 1365 ASSERT(client()->hasWebView()); | 1371 ASSERT(client()->hasWebView()); |
| 1366 // Lots of things in this function can detach the LocalFrame (stopAllLoaders , beforeunload handlers, etc.), so protect the frame. | 1372 // Lots of things in this function can detach the LocalFrame (stopAllLoaders , beforeunload handlers, etc.), so protect the frame. |
| 1367 RefPtrWillBeRawPtr<LocalFrame> protect(m_frame.get()); | 1373 RefPtrWillBeRawPtr<LocalFrame> protect(m_frame.get()); |
| 1368 if (m_frame->document()->pageDismissalEventBeingDispatched() != Document::No Dismissal) | 1374 if (m_frame->document()->pageDismissalEventBeingDispatched() != Document::No Dismissal) |
| 1369 return; | 1375 return; |
| 1370 | 1376 |
| 1371 NavigationType navigationType = determineNavigationType(type, frameLoadReque st.resourceRequest().httpBody() || frameLoadRequest.form(), frameLoadRequest.tri ggeringEvent()); | 1377 NavigationType navigationType = determineNavigationType(type, frameLoadReque st.resourceRequest().httpBody() || frameLoadRequest.form(), frameLoadRequest.tri ggeringEvent()); |
| 1372 frameLoadRequest.resourceRequest().setRequestContext(determineRequestContext FromNavigationType(navigationType)); | 1378 frameLoadRequest.resourceRequest().setRequestContext(determineRequestContext FromNavigationType(navigationType)); |
| 1373 frameLoadRequest.resourceRequest().setFrameType(m_frame->isMainFrame() ? Web URLRequest::FrameTypeTopLevel : WebURLRequest::FrameTypeNested); | 1379 frameLoadRequest.resourceRequest().setFrameType(m_frame->isMainFrame() ? Web URLRequest::FrameTypeTopLevel : WebURLRequest::FrameTypeNested); |
| 1374 ResourceRequest& request = frameLoadRequest.resourceRequest(); | 1380 ResourceRequest& request = frameLoadRequest.resourceRequest(); |
| 1375 if (!shouldContinueForNavigationPolicy(request, frameLoadRequest.substituteD ata(), nullptr, frameLoadRequest.shouldCheckMainWorldContentSecurityPolicy(), na vigationType, navigationPolicy, type == FrameLoadTypeReplaceCurrentItem, frameLo adRequest.clientRedirect() == ClientRedirect)) | 1381 if (!shouldContinueForNavigationPolicy(request, frameLoadRequest.substituteD ata(), nullptr, |
| 1382 frameLoadRequest.shouldCheckMainWorldContentSecurityPolicy(), navigation Type, | |
| 1383 navigationPolicy, type == FrameLoadTypeReplaceCurrentItem, | |
| 1384 frameLoadRequest.clientRedirect() == ClientRedirect, frameLoadRequest.fo rm())) { | |
| 1376 return; | 1385 return; |
| 1386 } | |
| 1387 | |
| 1377 if (!shouldClose(navigationType == NavigationTypeReload)) | 1388 if (!shouldClose(navigationType == NavigationTypeReload)) |
| 1378 return; | 1389 return; |
| 1379 | 1390 |
| 1380 m_frame->document()->cancelParsing(); | 1391 m_frame->document()->cancelParsing(); |
| 1381 | 1392 |
| 1382 if (m_provisionalDocumentLoader) { | 1393 if (m_provisionalDocumentLoader) { |
| 1383 m_provisionalDocumentLoader->stopLoading(); | 1394 m_provisionalDocumentLoader->stopLoading(); |
| 1384 detachDocumentLoader(m_provisionalDocumentLoader); | 1395 detachDocumentLoader(m_provisionalDocumentLoader); |
| 1385 } | 1396 } |
| 1386 | 1397 |
| (...skipping 174 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1561 // FIXME: We need a way to propagate insecure requests policy flags to | 1572 // FIXME: We need a way to propagate insecure requests policy flags to |
| 1562 // out-of-process frames. For now, we'll always use default behavior. | 1573 // out-of-process frames. For now, we'll always use default behavior. |
| 1563 if (!parentFrame->isLocalFrame()) | 1574 if (!parentFrame->isLocalFrame()) |
| 1564 return nullptr; | 1575 return nullptr; |
| 1565 | 1576 |
| 1566 ASSERT(toLocalFrame(parentFrame)->document()); | 1577 ASSERT(toLocalFrame(parentFrame)->document()); |
| 1567 return toLocalFrame(parentFrame)->document()->insecureNavigationsToUpgrade() ; | 1578 return toLocalFrame(parentFrame)->document()->insecureNavigationsToUpgrade() ; |
| 1568 } | 1579 } |
| 1569 | 1580 |
| 1570 } // namespace blink | 1581 } // namespace blink |
| OLD | NEW |
