| Index: third_party/WebKit/Source/core/dom/Document.cpp
|
| diff --git a/third_party/WebKit/Source/core/dom/Document.cpp b/third_party/WebKit/Source/core/dom/Document.cpp
|
| index 64f72e837e40d3a5cb3d7d72c4b4a0cc95adb60d..0c51741461f2ea9081f20925b150f9c7b8b74109 100644
|
| --- a/third_party/WebKit/Source/core/dom/Document.cpp
|
| +++ b/third_party/WebKit/Source/core/dom/Document.cpp
|
| @@ -3387,35 +3387,19 @@ bool Document::isSecureContextImpl(String* errorMessage, const SecureContextChec
|
| //
|
| // In all cases, a frame must be potentially trustworthy in addition to
|
| // having an exception listed in order for the exception to be granted.
|
| - if (SecurityContext::isSandboxed(SandboxOrigin)) {
|
| - RefPtr<SecurityOrigin> origin = SecurityOrigin::create(url());
|
| - if (!isOriginPotentiallyTrustworthy(origin.get(), errorMessage))
|
| - return false;
|
| - if (SchemeRegistry::schemeShouldBypassSecureContextCheck(origin->protocol()))
|
| - return true;
|
| - } else {
|
| - if (!isOriginPotentiallyTrustworthy(securityOrigin(), errorMessage))
|
| - return false;
|
| - if (SchemeRegistry::schemeShouldBypassSecureContextCheck(securityOrigin()->protocol()))
|
| - return true;
|
| - }
|
| + if (!isOriginPotentiallyTrustworthy(securityOrigin(), errorMessage))
|
| + return false;
|
| + if (securityOrigin()->bypassSecureContextCheck())
|
| + return true;
|
|
|
| if (privilegeContextCheck == StandardSecureContextCheck) {
|
| - Document* context = parentDocument();
|
| - while (context) {
|
| - // Skip to the next ancestor if it's a srcdoc.
|
| - if (!context->isSrcdocDocument()) {
|
| - if (context->securityContext().isSandboxed(SandboxOrigin)) {
|
| - // For a sandboxed origin, use the document's URL.
|
| - RefPtr<SecurityOrigin> origin = SecurityOrigin::create(context->url());
|
| - if (!isOriginPotentiallyTrustworthy(origin.get(), errorMessage))
|
| - return false;
|
| - } else {
|
| - if (!isOriginPotentiallyTrustworthy(context->securityOrigin(), errorMessage))
|
| - return false;
|
| - }
|
| - }
|
| - context = context->parentDocument();
|
| + if (!m_frame)
|
| + return true;
|
| + Frame* parent = m_frame->tree().parent();
|
| + while (parent) {
|
| + if (!isOriginPotentiallyTrustworthy(parent->securityContext()->securityOrigin(), errorMessage))
|
| + return false;
|
| + parent = parent->tree().parent();
|
| }
|
| }
|
| return true;
|
| @@ -4942,6 +4926,9 @@ void Document::initSecurityContext(const DocumentInit& initializer)
|
| // In the common case, create the security context from the currently
|
| // loading URL with a fresh content security policy.
|
| m_cookieURL = m_url;
|
| + // Set the origin initially based on the URL. enforceSandboxFlags()
|
| + // will adjust it to be a unique origin if necessary.
|
| + setSecurityOrigin(SecurityOrigin::create(m_url));
|
| enforceSandboxFlags(initializer.getSandboxFlags());
|
| if (initializer.shouldEnforceStrictMixedContentChecking())
|
| enforceStrictMixedContentChecking();
|
| @@ -4950,7 +4937,6 @@ void Document::initSecurityContext(const DocumentInit& initializer)
|
| for (auto toUpgrade : *initializer.insecureNavigationsToUpgrade())
|
| addInsecureNavigationUpgrade(toUpgrade);
|
| }
|
| - setSecurityOrigin(isSandboxed(SandboxOrigin) ? SecurityOrigin::createUnique() : SecurityOrigin::create(m_url));
|
|
|
| if (importsController()) {
|
| // If this document is an HTML import, grab a reference to it's master document's Content
|
| @@ -4996,9 +4982,12 @@ void Document::initSecurityContext(const DocumentInit& initializer)
|
|
|
| if (isSandboxed(SandboxOrigin)) {
|
| // If we're supposed to inherit our security origin from our owner,
|
| - // but we're also sandboxed, the only thing we inherit is the ability
|
| - // to load local resources. This lets about:blank iframes in file://
|
| + // but we're also sandboxed, the only things we inherit are the
|
| + // potential trustworthiness of the origin and the ability to
|
| + // load local resources. The latter lets about:blank iframes in file://
|
| // URL documents load images and other resources from the file system.
|
| + if (initializer.owner()->securityOrigin()->isPotentiallyTrustworthy())
|
| + securityOrigin()->setIsPotentiallyTrustworthySandboxedOrigin();
|
| if (initializer.owner()->securityOrigin()->canLoadLocalResources())
|
| securityOrigin()->grantLoadLocalResources();
|
| return;
|
|
|
Chromium Code Reviews
Issue 1723753002:
Make Document::isSecureContext() work for OOPIFs (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master