Chromium Code Reviews Chromium Code Reviews
Issue 1723753002:
Make Document::isSecureContext() work for OOPIFs (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: third_party/WebKit/Source/core/dom/SecurityContext.h |
| diff --git a/third_party/WebKit/Source/core/dom/SecurityContext.h b/third_party/WebKit/Source/core/dom/SecurityContext.h |
| index c15a4edb2782dfc3f696b6e0fa95ea7bb0375806..165c059010724aee7e598024de958cb0a1359a13 100644 |
| --- a/third_party/WebKit/Source/core/dom/SecurityContext.h |
| +++ b/third_party/WebKit/Source/core/dom/SecurityContext.h |
| @@ -83,6 +83,13 @@ public: |
| void setShouldEnforceStrictMixedContentChecking(bool shouldEnforce) { m_enforceStrictMixedContentChecking = shouldEnforce; } |
| bool shouldEnforceStrictMixedContentChecking() { return m_enforceStrictMixedContentChecking; } |
| + void setIsPotentiallyTrustworthySandboxedOrigin() { m_isPotentiallyTrustworthySandboxedOrigin = true; } |
| + // Returns true if this context is a sandboxed unique origin that should be considered potentially trustworthy. |
| + bool isPotentiallyTrustworthySandboxedOrigin() const { return m_isPotentiallyTrustworthySandboxedOrigin; } |
|
Mike West
2016/02/24 08:40:59
Did you consider putting this information into Sec
estark
2016/02/24 21:59:52
That seems reasonable. I moved these same flags on
|
| + |
| + // Returns true if this context is a sandboxed unique origin for which the secure context check should be bypassed. |
| + bool bypassSecureContextCheckForSandboxedOrigin() const { return m_bypassSecureContextCheckForSandboxedOrigin; } |
| + |
| protected: |
| SecurityContext(); |
| virtual ~SecurityContext(); |
| @@ -103,6 +110,8 @@ private: |
| InsecureRequestsPolicy m_insecureRequestsPolicy; |
| InsecureNavigationsSet m_insecureNavigationsToUpgrade; |
| bool m_enforceStrictMixedContentChecking; |
| + bool m_isPotentiallyTrustworthySandboxedOrigin; |
| + bool m_bypassSecureContextCheckForSandboxedOrigin; |
| }; |
| } // namespace blink |
