| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
| 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
| 4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
| 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) | 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) |
| 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r
ights reserved. | 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r
ights reserved. |
| 7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t
orchmobile.com/) | 7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t
orchmobile.com/) |
| 8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. | 8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. |
| 9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) | 9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) |
| 10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved. | 10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved. |
| (...skipping 297 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 308 return false; | 308 return false; |
| 309 | 309 |
| 310 // rule (d) above | 310 // rule (d) above |
| 311 CharDecompositionType decompType = decompositionType(c); | 311 CharDecompositionType decompType = decompositionType(c); |
| 312 if (decompType == DecompositionFont || decompType == DecompositionCompat) | 312 if (decompType == DecompositionFont || decompType == DecompositionCompat) |
| 313 return false; | 313 return false; |
| 314 | 314 |
| 315 return true; | 315 return true; |
| 316 } | 316 } |
| 317 | 317 |
| 318 static bool shouldInheritSecurityOriginFromOwner(const KURL& url) | 318 static bool shouldInheritContentSecurityPolicyFromOwner(const KURL& url) |
| 319 { | 319 { |
| 320 // http://www.whatwg.org/specs/web-apps/current-work/#origin-0 | 320 // TODO(jochen): Somehow unify this with DocumentInit::shouldInheritSecurity
OriginFromOwner. |
| 321 // | |
| 322 // If a Document has the address "about:blank" | |
| 323 // The origin of the Document is the origin it was assigned when its bro
wsing context was created. | |
| 324 // | |
| 325 // Note: We generalize this to all "blank" URLs and invalid URLs because we | |
| 326 // treat all of these URLs as about:blank. | |
| 327 // | |
| 328 return url.isEmpty() || url.protocolIsAbout(); | 321 return url.isEmpty() || url.protocolIsAbout(); |
| 329 } | 322 } |
| 330 | 323 |
| 331 static Widget* widgetForElement(const Element& focusedElement) | 324 static Widget* widgetForElement(const Element& focusedElement) |
| 332 { | 325 { |
| 333 LayoutObject* layoutObject = focusedElement.layoutObject(); | 326 LayoutObject* layoutObject = focusedElement.layoutObject(); |
| 334 if (!layoutObject || !layoutObject->isLayoutPart()) | 327 if (!layoutObject || !layoutObject->isLayoutPart()) |
| 335 return 0; | 328 return 0; |
| 336 return toLayoutPart(layoutObject)->widget(); | 329 return toLayoutPart(layoutObject)->widget(); |
| 337 } | 330 } |
| (...skipping 4591 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 4929 securityOrigin()->blockLocalAccessFromLocalOrigin(); | 4922 securityOrigin()->blockLocalAccessFromLocalOrigin(); |
| 4930 } | 4923 } |
| 4931 } | 4924 } |
| 4932 } | 4925 } |
| 4933 | 4926 |
| 4934 if (initializer.shouldTreatURLAsSrcdocDocument()) { | 4927 if (initializer.shouldTreatURLAsSrcdocDocument()) { |
| 4935 m_isSrcdocDocument = true; | 4928 m_isSrcdocDocument = true; |
| 4936 setBaseURLOverride(initializer.parentBaseURL()); | 4929 setBaseURLOverride(initializer.parentBaseURL()); |
| 4937 } | 4930 } |
| 4938 | 4931 |
| 4939 if (!shouldInheritSecurityOriginFromOwner(m_url)) | 4932 if (!initializer.shouldInheritSecurityOriginFromOwner()) |
| 4940 return; | 4933 return; |
| 4941 | 4934 |
| 4942 // If we do not obtain a meaningful origin from the URL, then we try to | 4935 // If we do not obtain a meaningful origin from the URL, then we try to |
| 4943 // find one via the frame hierarchy. | 4936 // find one via the frame hierarchy. |
| 4944 | 4937 |
| 4945 if (!initializer.owner()) { | 4938 if (!initializer.owner()) { |
| 4946 didFailToInitializeSecurityOrigin(); | 4939 didFailToInitializeSecurityOrigin(); |
| 4947 return; | 4940 return; |
| 4948 } | 4941 } |
| 4949 | 4942 |
| (...skipping 11 matching lines...) Expand all Loading... |
| 4961 // We alias the SecurityOrigins to match Firefox, see Bug 15313 | 4954 // We alias the SecurityOrigins to match Firefox, see Bug 15313 |
| 4962 // https://bugs.webkit.org/show_bug.cgi?id=15313 | 4955 // https://bugs.webkit.org/show_bug.cgi?id=15313 |
| 4963 setSecurityOrigin(initializer.owner()->securityOrigin()); | 4956 setSecurityOrigin(initializer.owner()->securityOrigin()); |
| 4964 } | 4957 } |
| 4965 | 4958 |
| 4966 void Document::initContentSecurityPolicy(PassRefPtrWillBeRawPtr<ContentSecurityP
olicy> csp) | 4959 void Document::initContentSecurityPolicy(PassRefPtrWillBeRawPtr<ContentSecurityP
olicy> csp) |
| 4967 { | 4960 { |
| 4968 setContentSecurityPolicy(csp ? csp : ContentSecurityPolicy::create()); | 4961 setContentSecurityPolicy(csp ? csp : ContentSecurityPolicy::create()); |
| 4969 if (m_frame && m_frame->tree().parent() && m_frame->tree().parent()->isLocal
Frame()) { | 4962 if (m_frame && m_frame->tree().parent() && m_frame->tree().parent()->isLocal
Frame()) { |
| 4970 ContentSecurityPolicy* parentCSP = toLocalFrame(m_frame->tree().parent()
)->document()->contentSecurityPolicy(); | 4963 ContentSecurityPolicy* parentCSP = toLocalFrame(m_frame->tree().parent()
)->document()->contentSecurityPolicy(); |
| 4971 if (shouldInheritSecurityOriginFromOwner(m_url)) { | 4964 if (shouldInheritContentSecurityPolicyFromOwner(m_url)) { |
| 4972 contentSecurityPolicy()->copyStateFrom(parentCSP); | 4965 contentSecurityPolicy()->copyStateFrom(parentCSP); |
| 4973 } else if (isPluginDocument()) { | 4966 } else if (isPluginDocument()) { |
| 4974 // Per CSP2, plugin-types for plugin documents in nested browsing | 4967 // Per CSP2, plugin-types for plugin documents in nested browsing |
| 4975 // contexts gets inherited from the parent. | 4968 // contexts gets inherited from the parent. |
| 4976 contentSecurityPolicy()->copyPluginTypesFrom(parentCSP); | 4969 contentSecurityPolicy()->copyPluginTypesFrom(parentCSP); |
| 4977 } | 4970 } |
| 4978 } | 4971 } |
| 4979 contentSecurityPolicy()->bindToExecutionContext(this); | 4972 contentSecurityPolicy()->bindToExecutionContext(this); |
| 4980 } | 4973 } |
| 4981 | 4974 |
| (...skipping 959 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 5941 #ifndef NDEBUG | 5934 #ifndef NDEBUG |
| 5942 using namespace blink; | 5935 using namespace blink; |
| 5943 void showLiveDocumentInstances() | 5936 void showLiveDocumentInstances() |
| 5944 { | 5937 { |
| 5945 Document::WeakDocumentSet& set = Document::liveDocumentSet(); | 5938 Document::WeakDocumentSet& set = Document::liveDocumentSet(); |
| 5946 fprintf(stderr, "There are %u documents currently alive:\n", set.size()); | 5939 fprintf(stderr, "There are %u documents currently alive:\n", set.size()); |
| 5947 for (Document* document : set) | 5940 for (Document* document : set) |
| 5948 fprintf(stderr, "- Document %p URL: %s\n", document, document->url().str
ing().utf8().data()); | 5941 fprintf(stderr, "- Document %p URL: %s\n", document, document->url().str
ing().utf8().data()); |
| 5949 } | 5942 } |
| 5950 #endif | 5943 #endif |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1670173002:
Don't set the origin twice when navigating for javascript: URLs (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master