| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
| 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
| 4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
| 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) | 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) |
| 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2012 Apple Inc. All r
ights reserved. | 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2012 Apple Inc. All r
ights reserved. |
| 7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t
orchmobile.com/) | 7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t
orchmobile.com/) |
| 8 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) | 8 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) |
| 9 * Copyright (C) 2013 Google Inc. All rights reserved. | 9 * Copyright (C) 2013 Google Inc. All rights reserved. |
| 10 * | 10 * |
| (...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 91 return m_importsController->master()->frame(); | 91 return m_importsController->master()->frame(); |
| 92 return 0; | 92 return 0; |
| 93 } | 93 } |
| 94 | 94 |
| 95 SandboxFlags DocumentInit::getSandboxFlags() const | 95 SandboxFlags DocumentInit::getSandboxFlags() const |
| 96 { | 96 { |
| 97 DCHECK(frameForSecurityContext()); | 97 DCHECK(frameForSecurityContext()); |
| 98 FrameLoader* loader = &frameForSecurityContext()->loader(); | 98 FrameLoader* loader = &frameForSecurityContext()->loader(); |
| 99 SandboxFlags flags = loader->effectiveSandboxFlags(); | 99 SandboxFlags flags = loader->effectiveSandboxFlags(); |
| 100 | 100 |
| 101 // If the load was blocked by X-Frame-Options or CSP, force the Document's | 101 // If the load was blocked by CSP, force the Document's origin to be unique,
so that |
| 102 // origin to be unique, so that the blocked document appears to be a normal | 102 // the blocked document appears to be a normal cross-origin document's load
per CSP spec: |
| 103 // cross-origin document's load per CSP spec: | |
| 104 // https://www.w3.org/TR/CSP2/#directive-frame-ancestors | 103 // https://www.w3.org/TR/CSP2/#directive-frame-ancestors |
| 105 if (loader->documentLoader() && loader->documentLoader()->wasBlockedAfterXFr
ameOptionsOrCSP()) | 104 if (loader->documentLoader() && loader->documentLoader()->wasBlockedAfterCSP
()) |
| 106 flags |= SandboxOrigin; | 105 flags |= SandboxOrigin; |
| 107 | 106 |
| 108 return flags; | 107 return flags; |
| 109 } | 108 } |
| 110 | 109 |
| 111 bool DocumentInit::shouldEnforceStrictMixedContentChecking() const | 110 bool DocumentInit::shouldEnforceStrictMixedContentChecking() const |
| 112 { | 111 { |
| 113 DCHECK(frameForSecurityContext()); | 112 DCHECK(frameForSecurityContext()); |
| 114 return frameForSecurityContext()->loader().shouldEnforceStrictMixedContentCh
ecking(); | 113 return frameForSecurityContext()->loader().shouldEnforceStrictMixedContentCh
ecking(); |
| 115 } | 114 } |
| (...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 179 { | 178 { |
| 180 return m_contextDocument; | 179 return m_contextDocument; |
| 181 } | 180 } |
| 182 | 181 |
| 183 DocumentInit DocumentInit::fromContext(Document* contextDocument, const KURL& ur
l) | 182 DocumentInit DocumentInit::fromContext(Document* contextDocument, const KURL& ur
l) |
| 184 { | 183 { |
| 185 return DocumentInit(url, 0, contextDocument, 0); | 184 return DocumentInit(url, 0, contextDocument, 0); |
| 186 } | 185 } |
| 187 | 186 |
| 188 } // namespace blink | 187 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1617043002:
Introduce AncestorThrottle, which will process 'X-Frame-Options' headers. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@block-response