OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights reserv ed. | 5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights reserv ed. |
6 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org> | 6 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org> |
7 * | 7 * |
8 * This library is free software; you can redistribute it and/or | 8 * This library is free software; you can redistribute it and/or |
9 * modify it under the terms of the GNU Library General Public | 9 * modify it under the terms of the GNU Library General Public |
10 * License as published by the Free Software Foundation; either | 10 * License as published by the Free Software Foundation; either |
(...skipping 259 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
270 if (m_cachedScript) { | 270 if (m_cachedScript) { |
271 return true; | 271 return true; |
272 } | 272 } |
273 | 273 |
274 dispatchErrorEvent(); | 274 dispatchErrorEvent(); |
275 return false; | 275 return false; |
276 } | 276 } |
277 | 277 |
278 bool isHTMLScriptElement(Element* element) | 278 bool isHTMLScriptElement(Element* element) |
279 { | 279 { |
280 return element->isHTMLElement() && element->hasTagName(HTMLNames::scriptTag) ; | 280 return element->hasTagName(HTMLNames::scriptTag); |
281 } | |
282 | |
283 bool isSVGScriptElement(Element* element) | |
284 { | |
285 return element->hasTagName(SVGNames::scriptTag); | |
286 } | |
287 | |
288 HTMLScriptElement* toHTMLScriptElement(Element* element) | |
289 { | |
290 ASSERT_WITH_SECURITY_IMPLICATION(element->hasTagName(HTMLNames::scriptTag)); | |
291 return static_cast<HTMLScriptElement*>(element); | |
292 } | |
abarth-chromium
2013/06/11 18:18:23
We usually put these functions in the header that
arv (Not doing code reviews)
2013/06/11 18:44:01
Thanks. I moved these to {HTML,SVG}ScriptElement.h
| |
293 | |
294 SVGScriptElement* toSVGScriptElement(Element* element) | |
295 { | |
296 ASSERT_WITH_SECURITY_IMPLICATION(element->hasTagName(SVGNames::scriptTag)); | |
297 return static_cast<SVGScriptElement*>(element); | |
281 } | 298 } |
282 | 299 |
283 void ScriptElement::executeScript(const ScriptSourceCode& sourceCode) | 300 void ScriptElement::executeScript(const ScriptSourceCode& sourceCode) |
284 { | 301 { |
285 ASSERT(m_alreadyStarted); | 302 ASSERT(m_alreadyStarted); |
286 | 303 |
287 if (sourceCode.isEmpty()) | 304 if (sourceCode.isEmpty()) |
288 return; | 305 return; |
289 | 306 |
290 RefPtr<Document> document = m_element->document(); | 307 RefPtr<Document> document = m_element->document(); |
291 Frame* frame = document->frame(); | 308 Frame* frame = document->frame(); |
292 | 309 |
293 bool shouldBypassMainWorldContentSecurityPolicy = (frame && frame->script()- >shouldBypassMainWorldContentSecurityPolicy()) || document->contentSecurityPolic y()->allowScriptNonce(m_element->fastGetAttribute(HTMLNames::nonceAttr)); | 310 bool shouldBypassMainWorldContentSecurityPolicy = (frame && frame->script()- >shouldBypassMainWorldContentSecurityPolicy()) || document->contentSecurityPolic y()->allowScriptNonce(m_element->fastGetAttribute(HTMLNames::nonceAttr)); |
294 | 311 |
295 if (!m_isExternalScript && (!shouldBypassMainWorldContentSecurityPolicy && ! document->contentSecurityPolicy()->allowInlineScript(document->url(), m_startLin eNumber))) | 312 if (!m_isExternalScript && (!shouldBypassMainWorldContentSecurityPolicy && ! document->contentSecurityPolicy()->allowInlineScript(document->url(), m_startLin eNumber))) |
296 return; | 313 return; |
297 | 314 |
298 if (m_isExternalScript && m_cachedScript && !m_cachedScript->mimeTypeAllowed ByNosniff()) { | 315 if (m_isExternalScript && m_cachedScript && !m_cachedScript->mimeTypeAllowed ByNosniff()) { |
299 document->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, "R efused to execute script from '" + m_cachedScript->url().elidedString() + "' bec ause its MIME type ('" + m_cachedScript->mimeType() + "') is not executable, and strict MIME type checking is enabled."); | 316 document->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, "R efused to execute script from '" + m_cachedScript->url().elidedString() + "' bec ause its MIME type ('" + m_cachedScript->mimeType() + "') is not executable, and strict MIME type checking is enabled."); |
300 return; | 317 return; |
301 } | 318 } |
302 | 319 |
303 if (frame) { | 320 if (frame) { |
304 { | 321 { |
305 IgnoreDestructiveWriteCountIncrementer ignoreDesctructiveWriteCountI ncrementer(m_isExternalScript ? document.get() : 0); | 322 IgnoreDestructiveWriteCountIncrementer ignoreDesctructiveWriteCountI ncrementer(m_isExternalScript ? document.get() : 0); |
306 | 323 |
307 if (isHTMLScriptElement(m_element)) | 324 if (isHTMLScriptElement(m_element)) |
308 document->pushCurrentScript(static_cast<HTMLScriptElement*>(m_el ement)); | 325 document->pushCurrentScript(toHTMLScriptElement(m_element)); |
309 | 326 |
310 // Create a script from the script element node, using the script | 327 // Create a script from the script element node, using the script |
311 // block's source and the script block's type. | 328 // block's source and the script block's type. |
312 // Note: This is where the script is compiled and actually executed. | 329 // Note: This is where the script is compiled and actually executed. |
313 frame->script()->executeScriptInMainWorld(sourceCode); | 330 frame->script()->executeScriptInMainWorld(sourceCode); |
314 | 331 |
315 if (isHTMLScriptElement(m_element)) { | 332 if (isHTMLScriptElement(m_element)) { |
316 ASSERT(document->currentScript() == m_element); | 333 ASSERT(document->currentScript() == m_element); |
317 document->popCurrentScript(); | 334 document->popCurrentScript(); |
318 } | 335 } |
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
418 firstTextNode->atomize(); | 435 firstTextNode->atomize(); |
419 return firstTextNode->data(); | 436 return firstTextNode->data(); |
420 } | 437 } |
421 | 438 |
422 return content.toString(); | 439 return content.toString(); |
423 } | 440 } |
424 | 441 |
425 ScriptElement* toScriptElementIfPossible(Element* element) | 442 ScriptElement* toScriptElementIfPossible(Element* element) |
426 { | 443 { |
427 if (isHTMLScriptElement(element)) | 444 if (isHTMLScriptElement(element)) |
428 return static_cast<HTMLScriptElement*>(element); | 445 return toHTMLScriptElement(element); |
429 | 446 |
430 if (element->isSVGElement() && element->hasTagName(SVGNames::scriptTag)) | 447 if (isSVGScriptElement(element)) |
431 return static_cast<SVGScriptElement*>(element); | 448 return toSVGScriptElement(element); |
432 | 449 |
433 return 0; | 450 return 0; |
434 } | 451 } |
435 | 452 |
436 } | 453 } |
OLD | NEW |