Index: third_party/WebKit/Source/core/loader/FrameLoader.cpp |
diff --git a/third_party/WebKit/Source/core/loader/FrameLoader.cpp b/third_party/WebKit/Source/core/loader/FrameLoader.cpp |
index 9477c3ba4bbfa71438314cf301c5e5baa40c27d5..a632db981677c6a60abacd57051a8ba62f277f97 100644 |
--- a/third_party/WebKit/Source/core/loader/FrameLoader.cpp |
+++ b/third_party/WebKit/Source/core/loader/FrameLoader.cpp |
@@ -1431,53 +1431,6 @@ void FrameLoader::applyUserAgent(ResourceRequest& request) |
request.setHTTPUserAgent(AtomicString(userAgent)); |
} |
-bool FrameLoader::shouldInterruptLoadForXFrameOptions(const String& content, const KURL& url, unsigned long requestIdentifier) |
-{ |
- UseCounter::count(m_frame->domWindow()->document(), UseCounter::XFrameOptions); |
- |
- Frame* topFrame = m_frame->tree().top(); |
- if (m_frame == topFrame) |
- return false; |
- |
- XFrameOptionsDisposition disposition = parseXFrameOptionsHeader(content); |
- |
- switch (disposition) { |
- case XFrameOptionsSameOrigin: { |
- UseCounter::count(m_frame->domWindow()->document(), UseCounter::XFrameOptionsSameOrigin); |
- RefPtr<SecurityOrigin> origin = SecurityOrigin::create(url); |
- // Out-of-process ancestors are always a different origin. |
- if (!topFrame->isLocalFrame() || !origin->isSameSchemeHostPort(toLocalFrame(topFrame)->document()->getSecurityOrigin())) |
- return true; |
- for (Frame* frame = m_frame->tree().parent(); frame; frame = frame->tree().parent()) { |
- if (!frame->isLocalFrame() || !origin->isSameSchemeHostPort(toLocalFrame(frame)->document()->getSecurityOrigin())) { |
- UseCounter::count(m_frame->domWindow()->document(), UseCounter::XFrameOptionsSameOriginWithBadAncestorChain); |
- break; |
- } |
- } |
- return false; |
- } |
- case XFrameOptionsDeny: |
- return true; |
- case XFrameOptionsAllowAll: |
- return false; |
- case XFrameOptionsConflict: { |
- ConsoleMessage* consoleMessage = ConsoleMessage::create(JSMessageSource, ErrorMessageLevel, "Multiple 'X-Frame-Options' headers with conflicting values ('" + content + "') encountered when loading '" + url.elidedString() + "'. Falling back to 'DENY'."); |
- consoleMessage->setRequestIdentifier(requestIdentifier); |
- m_frame->document()->addConsoleMessage(consoleMessage); |
- return true; |
- } |
- case XFrameOptionsInvalid: { |
- ConsoleMessage* consoleMessage = ConsoleMessage::create(JSMessageSource, ErrorMessageLevel, "Invalid 'X-Frame-Options' header encountered when loading '" + url.elidedString() + "': '" + content + "' is not a recognized directive. The header will be ignored."); |
- consoleMessage->setRequestIdentifier(requestIdentifier); |
- m_frame->document()->addConsoleMessage(consoleMessage); |
- return false; |
- } |
- default: |
- ASSERT_NOT_REACHED(); |
- return false; |
- } |
-} |
- |
bool FrameLoader::shouldTreatURLAsSameAsCurrent(const KURL& url) const |
{ |
return m_currentItem && url == m_currentItem->url(); |