OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) | 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) |
6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r
ights reserved. | 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r
ights reserved. |
7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t
orchmobile.com/) | 7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t
orchmobile.com/) |
8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. | 8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. |
9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) | 9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) |
10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved. | 10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved. |
(...skipping 297 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
308 return false; | 308 return false; |
309 | 309 |
310 // rule (d) above | 310 // rule (d) above |
311 CharDecompositionType decompType = decompositionType(c); | 311 CharDecompositionType decompType = decompositionType(c); |
312 if (decompType == DecompositionFont || decompType == DecompositionCompat) | 312 if (decompType == DecompositionFont || decompType == DecompositionCompat) |
313 return false; | 313 return false; |
314 | 314 |
315 return true; | 315 return true; |
316 } | 316 } |
317 | 317 |
318 static bool shouldInheritContentSecurityPolicyFromOwner(const KURL& url) | 318 static bool shouldInheritSecurityOriginFromOwner(const KURL& url) |
319 { | 319 { |
320 // TODO(jochen): Somehow unify this with DocumentInit::shouldInheritSecurity
OriginFromOwner. | 320 // http://www.whatwg.org/specs/web-apps/current-work/#origin-0 |
| 321 // |
| 322 // If a Document has the address "about:blank" |
| 323 // The origin of the Document is the origin it was assigned when its bro
wsing context was created. |
| 324 // |
| 325 // Note: We generalize this to all "blank" URLs and invalid URLs because we |
| 326 // treat all of these URLs as about:blank. |
| 327 // |
321 return url.isEmpty() || url.protocolIsAbout(); | 328 return url.isEmpty() || url.protocolIsAbout(); |
322 } | 329 } |
323 | 330 |
324 static Widget* widgetForElement(const Element& focusedElement) | 331 static Widget* widgetForElement(const Element& focusedElement) |
325 { | 332 { |
326 LayoutObject* layoutObject = focusedElement.layoutObject(); | 333 LayoutObject* layoutObject = focusedElement.layoutObject(); |
327 if (!layoutObject || !layoutObject->isLayoutPart()) | 334 if (!layoutObject || !layoutObject->isLayoutPart()) |
328 return 0; | 335 return 0; |
329 return toLayoutPart(layoutObject)->widget(); | 336 return toLayoutPart(layoutObject)->widget(); |
330 } | 337 } |
(...skipping 4591 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
4922 securityOrigin()->blockLocalAccessFromLocalOrigin(); | 4929 securityOrigin()->blockLocalAccessFromLocalOrigin(); |
4923 } | 4930 } |
4924 } | 4931 } |
4925 } | 4932 } |
4926 | 4933 |
4927 if (initializer.shouldTreatURLAsSrcdocDocument()) { | 4934 if (initializer.shouldTreatURLAsSrcdocDocument()) { |
4928 m_isSrcdocDocument = true; | 4935 m_isSrcdocDocument = true; |
4929 setBaseURLOverride(initializer.parentBaseURL()); | 4936 setBaseURLOverride(initializer.parentBaseURL()); |
4930 } | 4937 } |
4931 | 4938 |
4932 if (!initializer.shouldInheritSecurityOriginFromOwner()) | 4939 if (!shouldInheritSecurityOriginFromOwner(m_url)) |
4933 return; | 4940 return; |
4934 | 4941 |
4935 // If we do not obtain a meaningful origin from the URL, then we try to | 4942 // If we do not obtain a meaningful origin from the URL, then we try to |
4936 // find one via the frame hierarchy. | 4943 // find one via the frame hierarchy. |
4937 | 4944 |
4938 if (!initializer.owner()) { | 4945 if (!initializer.owner()) { |
4939 didFailToInitializeSecurityOrigin(); | 4946 didFailToInitializeSecurityOrigin(); |
4940 return; | 4947 return; |
4941 } | 4948 } |
4942 | 4949 |
(...skipping 11 matching lines...) Expand all Loading... |
4954 // We alias the SecurityOrigins to match Firefox, see Bug 15313 | 4961 // We alias the SecurityOrigins to match Firefox, see Bug 15313 |
4955 // https://bugs.webkit.org/show_bug.cgi?id=15313 | 4962 // https://bugs.webkit.org/show_bug.cgi?id=15313 |
4956 setSecurityOrigin(initializer.owner()->securityOrigin()); | 4963 setSecurityOrigin(initializer.owner()->securityOrigin()); |
4957 } | 4964 } |
4958 | 4965 |
4959 void Document::initContentSecurityPolicy(PassRefPtrWillBeRawPtr<ContentSecurityP
olicy> csp) | 4966 void Document::initContentSecurityPolicy(PassRefPtrWillBeRawPtr<ContentSecurityP
olicy> csp) |
4960 { | 4967 { |
4961 setContentSecurityPolicy(csp ? csp : ContentSecurityPolicy::create()); | 4968 setContentSecurityPolicy(csp ? csp : ContentSecurityPolicy::create()); |
4962 if (m_frame && m_frame->tree().parent() && m_frame->tree().parent()->isLocal
Frame()) { | 4969 if (m_frame && m_frame->tree().parent() && m_frame->tree().parent()->isLocal
Frame()) { |
4963 ContentSecurityPolicy* parentCSP = toLocalFrame(m_frame->tree().parent()
)->document()->contentSecurityPolicy(); | 4970 ContentSecurityPolicy* parentCSP = toLocalFrame(m_frame->tree().parent()
)->document()->contentSecurityPolicy(); |
4964 if (shouldInheritContentSecurityPolicyFromOwner(m_url)) { | 4971 if (shouldInheritSecurityOriginFromOwner(m_url)) { |
4965 contentSecurityPolicy()->copyStateFrom(parentCSP); | 4972 contentSecurityPolicy()->copyStateFrom(parentCSP); |
4966 } else if (isPluginDocument()) { | 4973 } else if (isPluginDocument()) { |
4967 // Per CSP2, plugin-types for plugin documents in nested browsing | 4974 // Per CSP2, plugin-types for plugin documents in nested browsing |
4968 // contexts gets inherited from the parent. | 4975 // contexts gets inherited from the parent. |
4969 contentSecurityPolicy()->copyPluginTypesFrom(parentCSP); | 4976 contentSecurityPolicy()->copyPluginTypesFrom(parentCSP); |
4970 } | 4977 } |
4971 } | 4978 } |
4972 contentSecurityPolicy()->bindToExecutionContext(this); | 4979 contentSecurityPolicy()->bindToExecutionContext(this); |
4973 } | 4980 } |
4974 | 4981 |
(...skipping 959 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
5934 #ifndef NDEBUG | 5941 #ifndef NDEBUG |
5935 using namespace blink; | 5942 using namespace blink; |
5936 void showLiveDocumentInstances() | 5943 void showLiveDocumentInstances() |
5937 { | 5944 { |
5938 Document::WeakDocumentSet& set = Document::liveDocumentSet(); | 5945 Document::WeakDocumentSet& set = Document::liveDocumentSet(); |
5939 fprintf(stderr, "There are %u documents currently alive:\n", set.size()); | 5946 fprintf(stderr, "There are %u documents currently alive:\n", set.size()); |
5940 for (Document* document : set) | 5947 for (Document* document : set) |
5941 fprintf(stderr, "- Document %p URL: %s\n", document, document->url().str
ing().utf8().data()); | 5948 fprintf(stderr, "- Document %p URL: %s\n", document, document->url().str
ing().utf8().data()); |
5942 } | 5949 } |
5943 #endif | 5950 #endif |
OLD | NEW |