OLD | NEW |
---|---|
1 /** | 1 /** |
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
4 * (C) 2000 Stefan Schimanski (1Stein@gmx.de) | 4 * (C) 2000 Stefan Schimanski (1Stein@gmx.de) |
5 * Copyright (C) 2004, 2005, 2006 Apple Computer, Inc. | 5 * Copyright (C) 2004, 2005, 2006 Apple Computer, Inc. |
6 * | 6 * |
7 * This library is free software; you can redistribute it and/or | 7 * This library is free software; you can redistribute it and/or |
8 * modify it under the terms of the GNU Library General Public | 8 * modify it under the terms of the GNU Library General Public |
9 * License as published by the Free Software Foundation; either | 9 * License as published by the Free Software Foundation; either |
10 * version 2 of the License, or (at your option) any later version. | 10 * version 2 of the License, or (at your option) any later version. |
(...skipping 20 matching lines...) Expand all Loading... | |
31 #include "core/dom/shadow/ShadowRoot.h" | 31 #include "core/dom/shadow/ShadowRoot.h" |
32 #include "core/events/Event.h" | 32 #include "core/events/Event.h" |
33 #include "core/frame/FrameView.h" | 33 #include "core/frame/FrameView.h" |
34 #include "core/frame/LocalFrame.h" | 34 #include "core/frame/LocalFrame.h" |
35 #include "core/frame/Settings.h" | 35 #include "core/frame/Settings.h" |
36 #include "core/frame/csp/ContentSecurityPolicy.h" | 36 #include "core/frame/csp/ContentSecurityPolicy.h" |
37 #include "core/html/HTMLContentElement.h" | 37 #include "core/html/HTMLContentElement.h" |
38 #include "core/html/HTMLImageLoader.h" | 38 #include "core/html/HTMLImageLoader.h" |
39 #include "core/html/PluginDocument.h" | 39 #include "core/html/PluginDocument.h" |
40 #include "core/input/EventHandler.h" | 40 #include "core/input/EventHandler.h" |
41 #include "core/inspector/ConsoleMessage.h" | |
41 #include "core/layout/LayoutBlockFlow.h" | 42 #include "core/layout/LayoutBlockFlow.h" |
42 #include "core/layout/LayoutEmbeddedObject.h" | 43 #include "core/layout/LayoutEmbeddedObject.h" |
43 #include "core/layout/LayoutImage.h" | 44 #include "core/layout/LayoutImage.h" |
44 #include "core/layout/LayoutPart.h" | 45 #include "core/layout/LayoutPart.h" |
45 #include "core/loader/FrameLoaderClient.h" | 46 #include "core/loader/FrameLoaderClient.h" |
46 #include "core/loader/MixedContentChecker.h" | 47 #include "core/loader/MixedContentChecker.h" |
47 #include "core/page/Page.h" | 48 #include "core/page/Page.h" |
48 #include "core/page/scrolling/ScrollingCoordinator.h" | 49 #include "core/page/scrolling/ScrollingCoordinator.h" |
49 #include "core/plugins/PluginView.h" | 50 #include "core/plugins/PluginView.h" |
50 #include "platform/Logging.h" | 51 #include "platform/Logging.h" |
(...skipping 416 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
467 | 468 |
468 bool HTMLPlugInElement::requestObject(const String& url, const String& mimeType, const Vector<String>& paramNames, const Vector<String>& paramValues) | 469 bool HTMLPlugInElement::requestObject(const String& url, const String& mimeType, const Vector<String>& paramNames, const Vector<String>& paramValues) |
469 { | 470 { |
470 if (url.isEmpty() && mimeType.isEmpty()) | 471 if (url.isEmpty() && mimeType.isEmpty()) |
471 return false; | 472 return false; |
472 | 473 |
473 if (protocolIsJavaScript(url)) | 474 if (protocolIsJavaScript(url)) |
474 return false; | 475 return false; |
475 | 476 |
476 KURL completedURL = url.isEmpty() ? KURL() : document().completeURL(url); | 477 KURL completedURL = url.isEmpty() ? KURL() : document().completeURL(url); |
477 if (!pluginIsLoadable(completedURL, mimeType)) | 478 if (!objectIsLoadable(completedURL, mimeType)) |
478 return false; | 479 return false; |
479 | 480 |
480 bool useFallback; | 481 bool useFallback; |
481 if (shouldUsePlugin(completedURL, mimeType, hasFallbackContent(), useFallbac k)) | 482 if (shouldUsePlugin(completedURL, mimeType, hasFallbackContent(), useFallbac k)) { |
483 if (document().isSandboxed(SandboxPlugins)) { | |
484 document().addConsoleMessage(ConsoleMessage::create(SecurityMessageS ource, ErrorMessageLevel, | |
485 "Failed to load '" + completedURL.elidedString() + "' as a plugi n, because the frame into which the plugin is loading is sandboxed.")); | |
486 return false; | |
487 } | |
482 return loadPlugin(completedURL, mimeType, paramNames, paramValues, useFa llback, true); | 488 return loadPlugin(completedURL, mimeType, paramNames, paramValues, useFa llback, true); |
pdr.
2016/01/29 22:14:54
There is a scary side-codepath (requestPluginCreat
fs
2016/01/30 00:03:09
Yeah, I noticed that - and was equally frightened.
| |
489 } | |
483 | 490 |
484 // If the plugin element already contains a subframe, | 491 // If the plugin element already contains a subframe, |
485 // loadOrRedirectSubframe will re-use it. Otherwise, it will create a new | 492 // loadOrRedirectSubframe will re-use it. Otherwise, it will create a new |
486 // frame and set it as the LayoutPart's widget, causing what was previously | 493 // frame and set it as the LayoutPart's widget, causing what was previously |
487 // in the widget to be torn down. | 494 // in the widget to be torn down. |
488 return loadOrRedirectSubframe(completedURL, getNameAttribute(), true); | 495 return loadOrRedirectSubframe(completedURL, getNameAttribute(), true); |
489 } | 496 } |
490 | 497 |
491 bool HTMLPlugInElement::loadPlugin(const KURL& url, const String& mimeType, cons t Vector<String>& paramNames, const Vector<String>& paramValues, bool useFallbac k, bool requireLayoutObject) | 498 bool HTMLPlugInElement::loadPlugin(const KURL& url, const String& mimeType, cons t Vector<String>& paramNames, const Vector<String>& paramValues, bool useFallbac k, bool requireLayoutObject) |
492 { | 499 { |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
534 } | 541 } |
535 | 542 |
536 bool HTMLPlugInElement::shouldUsePlugin(const KURL& url, const String& mimeType, bool hasFallback, bool& useFallback) | 543 bool HTMLPlugInElement::shouldUsePlugin(const KURL& url, const String& mimeType, bool hasFallback, bool& useFallback) |
537 { | 544 { |
538 // Allow other plugins to win over QuickTime because if the user has | 545 // Allow other plugins to win over QuickTime because if the user has |
539 // installed a plugin that can handle TIFF (which QuickTime can also | 546 // installed a plugin that can handle TIFF (which QuickTime can also |
540 // handle) they probably intended to override QT. | 547 // handle) they probably intended to override QT. |
541 if (document().frame()->page() && (mimeType == "image/tiff" || mimeType == " image/tif" || mimeType == "image/x-tiff")) { | 548 if (document().frame()->page() && (mimeType == "image/tiff" || mimeType == " image/tif" || mimeType == "image/x-tiff")) { |
542 const PluginData* pluginData = document().frame()->page()->pluginData(); | 549 const PluginData* pluginData = document().frame()->page()->pluginData(); |
543 String pluginName = pluginData ? pluginData->pluginNameForMimeType(mimeT ype) : String(); | 550 String pluginName = pluginData ? pluginData->pluginNameForMimeType(mimeT ype) : String(); |
544 if (!pluginName.isEmpty() && !pluginName.contains("QuickTime", TextCaseI nsensitive)) | 551 if (!pluginName.isEmpty() && !pluginName.contains("QuickTime", TextCaseI nsensitive)) { |
552 useFallback = false; | |
545 return true; | 553 return true; |
554 } | |
546 } | 555 } |
547 | 556 |
548 ObjectContentType objectType = document().frame()->loader().client()->object ContentType(url, mimeType, shouldPreferPlugInsForImages()); | 557 ObjectContentType objectType = document().frame()->loader().client()->object ContentType(url, mimeType, shouldPreferPlugInsForImages()); |
549 // If an object's content can't be handled and it has no fallback, let | 558 // If an object's content can't be handled and it has no fallback, let |
550 // it be handled as a plugin to show the broken plugin icon. | 559 // it be handled as a plugin to show the broken plugin icon. |
551 useFallback = objectType == ObjectContentNone && hasFallback; | 560 useFallback = objectType == ObjectContentNone && hasFallback; |
552 return objectType == ObjectContentNone || objectType == ObjectContentNetscap ePlugin || objectType == ObjectContentOtherPlugin; | 561 return objectType == ObjectContentNone || objectType == ObjectContentNetscap ePlugin || objectType == ObjectContentOtherPlugin; |
553 | 562 |
554 } | 563 } |
555 | 564 |
556 void HTMLPlugInElement::dispatchErrorEvent() | 565 void HTMLPlugInElement::dispatchErrorEvent() |
557 { | 566 { |
558 if (document().isPluginDocument() && document().ownerElement()) | 567 if (document().isPluginDocument() && document().ownerElement()) |
559 document().ownerElement()->dispatchEvent(Event::create(EventTypeNames::e rror)); | 568 document().ownerElement()->dispatchEvent(Event::create(EventTypeNames::e rror)); |
560 else | 569 else |
561 dispatchEvent(Event::create(EventTypeNames::error)); | 570 dispatchEvent(Event::create(EventTypeNames::error)); |
562 } | 571 } |
563 | 572 |
564 bool HTMLPlugInElement::pluginIsLoadable(const KURL& url, const String& mimeType ) | 573 bool HTMLPlugInElement::objectIsLoadable(const KURL& url, const String& mimeType ) |
565 { | 574 { |
566 if (url.isEmpty() && mimeType.isEmpty()) | 575 if (url.isEmpty() && mimeType.isEmpty()) |
567 return false; | 576 return false; |
568 | 577 |
569 LocalFrame* frame = document().frame(); | 578 LocalFrame* frame = document().frame(); |
570 Settings* settings = frame->settings(); | 579 Settings* settings = frame->settings(); |
571 if (!settings) | 580 if (!settings) |
572 return false; | 581 return false; |
573 | 582 |
574 if (MIMETypeRegistry::isJavaAppletMIMEType(mimeType)) | 583 if (MIMETypeRegistry::isJavaAppletMIMEType(mimeType)) |
575 return false; | 584 return false; |
576 | 585 |
577 if (document().isSandboxed(SandboxPlugins)) | |
pdr.
2016/01/29 22:14:54
It seems odd to me that sandboxing and the plugin
fs
2016/01/30 00:03:09
It's intended (for now at least) - as in better to
fs
2016/02/01 09:21:06
I shuffled the code a bit and the plugin-CSP check
fs
2016/02/01 11:52:34
Doing that added a new failure:
http/tests/securi
| |
578 return false; | |
579 | |
580 if (!document().securityOrigin()->canDisplay(url)) { | 586 if (!document().securityOrigin()->canDisplay(url)) { |
581 FrameLoader::reportLocalLoadFailed(frame, url.string()); | 587 FrameLoader::reportLocalLoadFailed(frame, url.string()); |
582 return false; | 588 return false; |
583 } | 589 } |
584 | 590 |
585 AtomicString declaredMimeType = document().isPluginDocument() && document(). ownerElement() ? | 591 AtomicString declaredMimeType = document().isPluginDocument() && document(). ownerElement() ? |
586 document().ownerElement()->fastGetAttribute(HTMLNames::typeAttr) : | 592 document().ownerElement()->fastGetAttribute(HTMLNames::typeAttr) : |
587 fastGetAttribute(HTMLNames::typeAttr); | 593 fastGetAttribute(HTMLNames::typeAttr); |
588 if (!document().contentSecurityPolicy()->allowObjectFromSource(url) | 594 if (!document().contentSecurityPolicy()->allowObjectFromSource(url) |
589 || !document().contentSecurityPolicy()->allowPluginTypeForDocument(docum ent(), mimeType, declaredMimeType, url)) { | 595 || !document().contentSecurityPolicy()->allowPluginTypeForDocument(docum ent(), mimeType, declaredMimeType, url)) { |
(...skipping 24 matching lines...) Expand all Loading... | |
614 return openShadowRoot(); | 620 return openShadowRoot(); |
615 } | 621 } |
616 | 622 |
617 void HTMLPlugInElement::lazyReattachIfNeeded() | 623 void HTMLPlugInElement::lazyReattachIfNeeded() |
618 { | 624 { |
619 if (!useFallbackContent() && needsWidgetUpdate() && layoutObject() && !isIma geType()) | 625 if (!useFallbackContent() && needsWidgetUpdate() && layoutObject() && !isIma geType()) |
620 lazyReattachIfAttached(); | 626 lazyReattachIfAttached(); |
621 } | 627 } |
622 | 628 |
623 } // namespace blink | 629 } // namespace blink |
OLD | NEW |