| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 1998, 1999 Torben Weis <weis@kde.org> | 2 * Copyright (C) 1998, 1999 Torben Weis <weis@kde.org> |
| 3 * 1999 Lars Knoll <knoll@kde.org> | 3 * 1999 Lars Knoll <knoll@kde.org> |
| 4 * 1999 Antti Koivisto <koivisto@kde.org> | 4 * 1999 Antti Koivisto <koivisto@kde.org> |
| 5 * 2000 Simon Hausmann <hausmann@kde.org> | 5 * 2000 Simon Hausmann <hausmann@kde.org> |
| 6 * 2000 Stefan Schimanski <1Stein@gmx.de> | 6 * 2000 Stefan Schimanski <1Stein@gmx.de> |
| 7 * 2001 George Staikos <staikos@kde.org> | 7 * 2001 George Staikos <staikos@kde.org> |
| 8 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All r
ights reserved. | 8 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All r
ights reserved. |
| 9 * Copyright (C) 2005 Alexey Proskuryakov <ap@nypop.com> | 9 * Copyright (C) 2005 Alexey Proskuryakov <ap@nypop.com> |
| 10 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) | 10 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) |
| (...skipping 165 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 176 | 176 |
| 177 static bool canAccessAncestor(const SecurityOrigin& activeSecurityOrigin, const
Frame* targetFrame) | 177 static bool canAccessAncestor(const SecurityOrigin& activeSecurityOrigin, const
Frame* targetFrame) |
| 178 { | 178 { |
| 179 // targetFrame can be 0 when we're trying to navigate a top-level frame | 179 // targetFrame can be 0 when we're trying to navigate a top-level frame |
| 180 // that has a 0 opener. | 180 // that has a 0 opener. |
| 181 if (!targetFrame) | 181 if (!targetFrame) |
| 182 return false; | 182 return false; |
| 183 | 183 |
| 184 const bool isLocalActiveOrigin = activeSecurityOrigin.isLocal(); | 184 const bool isLocalActiveOrigin = activeSecurityOrigin.isLocal(); |
| 185 for (const Frame* ancestorFrame = targetFrame; ancestorFrame; ancestorFrame
= ancestorFrame->tree().parent()) { | 185 for (const Frame* ancestorFrame = targetFrame; ancestorFrame; ancestorFrame
= ancestorFrame->tree().parent()) { |
| 186 const SecurityOrigin* ancestorSecurityOrigin = ancestorFrame->securityCo
ntext()->securityOrigin(); | 186 const SecurityOrigin* ancestorSecurityOrigin = ancestorFrame->securityCo
ntext()->getSecurityOrigin(); |
| 187 if (activeSecurityOrigin.canAccess(ancestorSecurityOrigin)) | 187 if (activeSecurityOrigin.canAccess(ancestorSecurityOrigin)) |
| 188 return true; | 188 return true; |
| 189 | 189 |
| 190 // Allow file URL descendant navigation even when allowFileAccessFromFil
eURLs is false. | 190 // Allow file URL descendant navigation even when allowFileAccessFromFil
eURLs is false. |
| 191 // FIXME: It's a bit strange to special-case local origins here. Should
we be doing | 191 // FIXME: It's a bit strange to special-case local origins here. Should
we be doing |
| 192 // something more general instead? | 192 // something more general instead? |
| 193 if (isLocalActiveOrigin && ancestorSecurityOrigin->isLocal()) | 193 if (isLocalActiveOrigin && ancestorSecurityOrigin->isLocal()) |
| 194 return true; | 194 return true; |
| 195 } | 195 } |
| 196 | 196 |
| (...skipping 17 matching lines...) Expand all Loading... |
| 214 | 214 |
| 215 // Otherwise, block the navigation. | 215 // Otherwise, block the navigation. |
| 216 const char* reason = "The frame attempting navigation is sandboxed, and
is therefore disallowed from navigating its ancestors."; | 216 const char* reason = "The frame attempting navigation is sandboxed, and
is therefore disallowed from navigating its ancestors."; |
| 217 if (securityContext()->isSandboxed(SandboxTopNavigation) && targetFrame
== tree().top()) | 217 if (securityContext()->isSandboxed(SandboxTopNavigation) && targetFrame
== tree().top()) |
| 218 reason = "The frame attempting navigation of the top-level window is
sandboxed, but the 'allow-top-navigation' flag is not set."; | 218 reason = "The frame attempting navigation of the top-level window is
sandboxed, but the 'allow-top-navigation' flag is not set."; |
| 219 | 219 |
| 220 printNavigationErrorMessage(targetFrame, reason); | 220 printNavigationErrorMessage(targetFrame, reason); |
| 221 return false; | 221 return false; |
| 222 } | 222 } |
| 223 | 223 |
| 224 ASSERT(securityContext()->securityOrigin()); | 224 ASSERT(securityContext()->getSecurityOrigin()); |
| 225 SecurityOrigin& origin = *securityContext()->securityOrigin(); | 225 SecurityOrigin& origin = *securityContext()->getSecurityOrigin(); |
| 226 | 226 |
| 227 // This is the normal case. A document can navigate its decendant frames, | 227 // This is the normal case. A document can navigate its decendant frames, |
| 228 // or, more generally, a document can navigate a frame if the document is | 228 // or, more generally, a document can navigate a frame if the document is |
| 229 // in the same origin as any of that frame's ancestors (in the frame | 229 // in the same origin as any of that frame's ancestors (in the frame |
| 230 // hierarchy). | 230 // hierarchy). |
| 231 // | 231 // |
| 232 // See http://www.adambarth.com/papers/2008/barth-jackson-mitchell.pdf for | 232 // See http://www.adambarth.com/papers/2008/barth-jackson-mitchell.pdf for |
| 233 // historical information about this security check. | 233 // historical information about this security check. |
| 234 if (canAccessAncestor(origin, &targetFrame)) | 234 if (canAccessAncestor(origin, &targetFrame)) |
| 235 return true; | 235 return true; |
| (...skipping 19 matching lines...) Expand all Loading... |
| 255 printNavigationErrorMessage(targetFrame, "The frame attempting navigation is
neither same-origin with the target, nor is it the target's parent or opener.")
; | 255 printNavigationErrorMessage(targetFrame, "The frame attempting navigation is
neither same-origin with the target, nor is it the target's parent or opener.")
; |
| 256 return false; | 256 return false; |
| 257 } | 257 } |
| 258 | 258 |
| 259 Frame* Frame::findUnsafeParentScrollPropagationBoundary() | 259 Frame* Frame::findUnsafeParentScrollPropagationBoundary() |
| 260 { | 260 { |
| 261 Frame* currentFrame = this; | 261 Frame* currentFrame = this; |
| 262 Frame* ancestorFrame = tree().parent(); | 262 Frame* ancestorFrame = tree().parent(); |
| 263 | 263 |
| 264 while (ancestorFrame) { | 264 while (ancestorFrame) { |
| 265 if (!ancestorFrame->securityContext()->securityOrigin()->canAccess(secur
ityContext()->securityOrigin())) | 265 if (!ancestorFrame->securityContext()->getSecurityOrigin()->canAccess(se
curityContext()->getSecurityOrigin())) |
| 266 return currentFrame; | 266 return currentFrame; |
| 267 currentFrame = ancestorFrame; | 267 currentFrame = ancestorFrame; |
| 268 ancestorFrame = ancestorFrame->tree().parent(); | 268 ancestorFrame = ancestorFrame->tree().parent(); |
| 269 } | 269 } |
| 270 return nullptr; | 270 return nullptr; |
| 271 } | 271 } |
| 272 | 272 |
| 273 LayoutPart* Frame::ownerLayoutObject() const | 273 LayoutPart* Frame::ownerLayoutObject() const |
| 274 { | 274 { |
| 275 if (!deprecatedLocalOwner()) | 275 if (!deprecatedLocalOwner()) |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 311 | 311 |
| 312 if (m_owner) { | 312 if (m_owner) { |
| 313 if (m_owner->isLocal()) | 313 if (m_owner->isLocal()) |
| 314 toHTMLFrameOwnerElement(m_owner)->setContentFrame(*this); | 314 toHTMLFrameOwnerElement(m_owner)->setContentFrame(*this); |
| 315 } else { | 315 } else { |
| 316 page()->setMainFrame(this); | 316 page()->setMainFrame(this); |
| 317 } | 317 } |
| 318 } | 318 } |
| 319 | 319 |
| 320 } // namespace blink | 320 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1773813007:
blink: Rename modules/ method to prefix with get when they collide. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master