OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2009 Google Inc. All rights reserved. | 2 * Copyright (C) 2009 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 18 matching lines...) Expand all Loading... |
29 */ | 29 */ |
30 | 30 |
31 #include "bindings/core/v8/BindingSecurity.h" | 31 #include "bindings/core/v8/BindingSecurity.h" |
32 | 32 |
33 #include "bindings/core/v8/V8Binding.h" | 33 #include "bindings/core/v8/V8Binding.h" |
34 #include "core/dom/Document.h" | 34 #include "core/dom/Document.h" |
35 #include "core/frame/LocalDOMWindow.h" | 35 #include "core/frame/LocalDOMWindow.h" |
36 #include "core/frame/LocalFrame.h" | 36 #include "core/frame/LocalFrame.h" |
37 #include "core/frame/Settings.h" | 37 #include "core/frame/Settings.h" |
38 #include "core/html/HTMLFrameElementBase.h" | 38 #include "core/html/HTMLFrameElementBase.h" |
| 39 #include "core/workers/MainThreadWorkletGlobalScope.h" |
39 #include "platform/weborigin/SecurityOrigin.h" | 40 #include "platform/weborigin/SecurityOrigin.h" |
40 | 41 |
41 namespace blink { | 42 namespace blink { |
42 | 43 |
43 static bool isOriginAccessibleFromDOMWindow(const SecurityOrigin* targetOrigin,
const LocalDOMWindow* accessingWindow) | 44 static bool isOriginAccessibleFromDOMWindow(const SecurityOrigin* targetOrigin,
const LocalDOMWindow* accessingWindow) |
44 { | 45 { |
45 return accessingWindow && accessingWindow->document()->getSecurityOrigin()->
canAccessCheckSuborigins(targetOrigin); | 46 return accessingWindow && accessingWindow->document()->getSecurityOrigin()->
canAccessCheckSuborigins(targetOrigin); |
46 } | 47 } |
47 | 48 |
48 static bool canAccessFrame(v8::Isolate* isolate, const LocalDOMWindow* accessing
Window, const SecurityOrigin* targetFrameOrigin, const DOMWindow* targetWindow,
ExceptionState& exceptionState) | 49 static bool canAccessFrame(v8::Isolate* isolate, const LocalDOMWindow* accessing
Window, const SecurityOrigin* targetFrameOrigin, const DOMWindow* targetWindow,
ExceptionState& exceptionState) |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
114 | 115 |
115 bool BindingSecurity::shouldAllowAccessTo(v8::Isolate* isolate, const LocalDOMWi
ndow* accessingWindow, const Location* target, SecurityReportingOption reporting
Option) | 116 bool BindingSecurity::shouldAllowAccessTo(v8::Isolate* isolate, const LocalDOMWi
ndow* accessingWindow, const Location* target, SecurityReportingOption reporting
Option) |
116 { | 117 { |
117 ASSERT(target); | 118 ASSERT(target); |
118 const Frame* frame = target->frame(); | 119 const Frame* frame = target->frame(); |
119 if (!frame || !frame->securityContext()) | 120 if (!frame || !frame->securityContext()) |
120 return false; | 121 return false; |
121 return canAccessFrame(isolate, accessingWindow, frame->securityContext()->ge
tSecurityOrigin(), frame->domWindow(), reportingOption); | 122 return canAccessFrame(isolate, accessingWindow, frame->securityContext()->ge
tSecurityOrigin(), frame->domWindow(), reportingOption); |
122 } | 123 } |
123 | 124 |
| 125 bool BindingSecurity::shouldAllowAccessTo(v8::Isolate* isolate, const LocalDOMWi
ndow* accessingWindow, const MainThreadWorkletGlobalScope* target, SecurityRepor
tingOption reportingOption) |
| 126 { |
| 127 ASSERT(target); |
| 128 const Frame* frame = target->frame(); |
| 129 if (!frame || !frame->securityContext()) |
| 130 return false; |
| 131 return canAccessFrame(isolate, accessingWindow, frame->securityContext()->ge
tSecurityOrigin(), frame->domWindow(), reportingOption); |
| 132 } |
| 133 |
124 bool BindingSecurity::shouldAllowAccessTo(v8::Isolate* isolate, const LocalDOMWi
ndow* accessingWindow, const Node* target, ExceptionState& exceptionState) | 134 bool BindingSecurity::shouldAllowAccessTo(v8::Isolate* isolate, const LocalDOMWi
ndow* accessingWindow, const Node* target, ExceptionState& exceptionState) |
125 { | 135 { |
126 if (!target) | 136 if (!target) |
127 return false; | 137 return false; |
128 return canAccessFrame(isolate, accessingWindow, target->document().getSecuri
tyOrigin(), target->document().domWindow(), exceptionState); | 138 return canAccessFrame(isolate, accessingWindow, target->document().getSecuri
tyOrigin(), target->document().domWindow(), exceptionState); |
129 } | 139 } |
130 | 140 |
131 bool BindingSecurity::shouldAllowAccessTo(v8::Isolate* isolate, const LocalDOMWi
ndow* accessingWindow, const Node* target, SecurityReportingOption reportingOpti
on) | 141 bool BindingSecurity::shouldAllowAccessTo(v8::Isolate* isolate, const LocalDOMWi
ndow* accessingWindow, const Node* target, SecurityReportingOption reportingOpti
on) |
132 { | 142 { |
133 if (!target) | 143 if (!target) |
134 return false; | 144 return false; |
135 return canAccessFrame(isolate, accessingWindow, target->document().getSecuri
tyOrigin(), target->document().domWindow(), reportingOption); | 145 return canAccessFrame(isolate, accessingWindow, target->document().getSecuri
tyOrigin(), target->document().domWindow(), reportingOption); |
136 } | 146 } |
137 | 147 |
138 bool BindingSecurity::shouldAllowAccessToFrame(v8::Isolate* isolate, const Local
DOMWindow* accessingWindow, const Frame* target, SecurityReportingOption reporti
ngOption) | 148 bool BindingSecurity::shouldAllowAccessToFrame(v8::Isolate* isolate, const Local
DOMWindow* accessingWindow, const Frame* target, SecurityReportingOption reporti
ngOption) |
139 { | 149 { |
140 if (!target || !target->securityContext()) | 150 if (!target || !target->securityContext()) |
141 return false; | 151 return false; |
142 return canAccessFrame(isolate, accessingWindow, target->securityContext()->g
etSecurityOrigin(), target->domWindow(), reportingOption); | 152 return canAccessFrame(isolate, accessingWindow, target->securityContext()->g
etSecurityOrigin(), target->domWindow(), reportingOption); |
143 } | 153 } |
144 | 154 |
145 } // namespace blink | 155 } // namespace blink |
OLD | NEW |