| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
| 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
| 4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
| 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) | 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) |
| 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2012 Apple Inc. All r
ights reserved. | 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2012 Apple Inc. All r
ights reserved. |
| 7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t
orchmobile.com/) | 7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t
orchmobile.com/) |
| 8 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) | 8 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) |
| 9 * Copyright (C) 2013 Google Inc. All rights reserved. | 9 * Copyright (C) 2013 Google Inc. All rights reserved. |
| 10 * | 10 * |
| (...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 97 if (m_frame) | 97 if (m_frame) |
| 98 return m_frame; | 98 return m_frame; |
| 99 if (m_importsController) | 99 if (m_importsController) |
| 100 return m_importsController->master()->frame(); | 100 return m_importsController->master()->frame(); |
| 101 return 0; | 101 return 0; |
| 102 } | 102 } |
| 103 | 103 |
| 104 SandboxFlags DocumentInit::getSandboxFlags() const | 104 SandboxFlags DocumentInit::getSandboxFlags() const |
| 105 { | 105 { |
| 106 ASSERT(frameForSecurityContext()); | 106 ASSERT(frameForSecurityContext()); |
| 107 return frameForSecurityContext()->loader().effectiveSandboxFlags(); | 107 FrameLoader* loader = &frameForSecurityContext()->loader(); |
| 108 SandboxFlags flags = loader->effectiveSandboxFlags(); |
| 109 |
| 110 // If the load was blocked by X-Frame-Options or CSP, force the Document's |
| 111 // origin to be unique, so that the blocked document appears to be a normal |
| 112 // cross-origin document's load per CSP spec: |
| 113 // https://www.w3.org/TR/CSP2/#directive-frame-ancestors |
| 114 if (loader->documentLoader() && loader->documentLoader()->wasBlockedAfterXFr
ameOptionsOrCSP()) |
| 115 flags |= SandboxOrigin; |
| 116 |
| 117 return flags; |
| 108 } | 118 } |
| 109 | 119 |
| 110 bool DocumentInit::shouldEnforceStrictMixedContentChecking() const | 120 bool DocumentInit::shouldEnforceStrictMixedContentChecking() const |
| 111 { | 121 { |
| 112 ASSERT(frameForSecurityContext()); | 122 ASSERT(frameForSecurityContext()); |
| 113 return frameForSecurityContext()->loader().shouldEnforceStrictMixedContentCh
ecking(); | 123 return frameForSecurityContext()->loader().shouldEnforceStrictMixedContentCh
ecking(); |
| 114 } | 124 } |
| 115 | 125 |
| 116 SecurityContext::InsecureRequestsPolicy DocumentInit::getInsecureRequestsPolicy(
) const | 126 SecurityContext::InsecureRequestsPolicy DocumentInit::getInsecureRequestsPolicy(
) const |
| 117 { | 127 { |
| (...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 177 return m_contextDocument; | 187 return m_contextDocument; |
| 178 } | 188 } |
| 179 | 189 |
| 180 DocumentInit DocumentInit::fromContext(WeakPtrWillBeRawPtr<Document> contextDocu
ment, const KURL& url) | 190 DocumentInit DocumentInit::fromContext(WeakPtrWillBeRawPtr<Document> contextDocu
ment, const KURL& url) |
| 181 { | 191 { |
| 182 return DocumentInit(url, 0, contextDocument, 0); | 192 return DocumentInit(url, 0, contextDocument, 0); |
| 183 } | 193 } |
| 184 | 194 |
| 185 } // namespace blink | 195 } // namespace blink |
| 186 | 196 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1742923002:
Commit empty document instead of canceling the load for blocked CSP/XFO responses. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master