| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserv
ed. | 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserv
ed. |
| 3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) | 3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) |
| 4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t
orchmobile.com/) | 4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t
orchmobile.com/) |
| 5 * Copyright (C) 2008 Alp Toker <alp@atoker.com> | 5 * Copyright (C) 2008 Alp Toker <alp@atoker.com> |
| 6 * Copyright (C) Research In Motion Limited 2009. All rights reserved. | 6 * Copyright (C) Research In Motion Limited 2009. All rights reserved. |
| 7 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> | 7 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> |
| 8 * Copyright (C) 2011 Google Inc. All rights reserved. | 8 * Copyright (C) 2011 Google Inc. All rights reserved. |
| 9 * | 9 * |
| 10 * Redistribution and use in source and binary forms, with or without | 10 * Redistribution and use in source and binary forms, with or without |
| (...skipping 520 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 531 | 531 |
| 532 double delay; | 532 double delay; |
| 533 String url; | 533 String url; |
| 534 if (!parseHTTPRefresh(m_documentLoader->response().httpHeaderField("Refresh"
), false, delay, url)) | 534 if (!parseHTTPRefresh(m_documentLoader->response().httpHeaderField("Refresh"
), false, delay, url)) |
| 535 return; | 535 return; |
| 536 if (url.isEmpty()) | 536 if (url.isEmpty()) |
| 537 url = m_frame->document()->url().string(); | 537 url = m_frame->document()->url().string(); |
| 538 else | 538 else |
| 539 url = m_frame->document()->completeURL(url).string(); | 539 url = m_frame->document()->completeURL(url).string(); |
| 540 | 540 |
| 541 m_frame->navigationScheduler()->scheduleRedirect(delay, url); | 541 if (!protocolIsJavaScript(url)) { |
| 542 m_frame->navigationScheduler()->scheduleRedirect(delay, url); |
| 543 } else { |
| 544 String message = "Refused to refresh " + m_frame->document()->url().elid
edString() + " to a javascript: URL"; |
| 545 m_frame->document()->addConsoleMessage(SecurityMessageSource, ErrorMessa
geLevel, message); |
| 546 } |
| 542 } | 547 } |
| 543 | 548 |
| 544 void FrameLoader::setOutgoingReferrer(const KURL& url) | 549 void FrameLoader::setOutgoingReferrer(const KURL& url) |
| 545 { | 550 { |
| 546 m_outgoingReferrer = url.strippedForUseAsReferrer(); | 551 m_outgoingReferrer = url.strippedForUseAsReferrer(); |
| 547 } | 552 } |
| 548 | 553 |
| 549 void FrameLoader::didBeginDocument(bool dispatch) | 554 void FrameLoader::didBeginDocument(bool dispatch) |
| 550 { | 555 { |
| 551 m_needsClear = true; | 556 m_needsClear = true; |
| (...skipping 1960 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2512 FloatRect newWindowRect = DOMWindow::adjustWindowRect(page, windowRect); | 2517 FloatRect newWindowRect = DOMWindow::adjustWindowRect(page, windowRect); |
| 2513 | 2518 |
| 2514 page->chrome().setWindowRect(newWindowRect); | 2519 page->chrome().setWindowRect(newWindowRect); |
| 2515 page->chrome().show(); | 2520 page->chrome().show(); |
| 2516 | 2521 |
| 2517 created = true; | 2522 created = true; |
| 2518 return frame; | 2523 return frame; |
| 2519 } | 2524 } |
| 2520 | 2525 |
| 2521 } // namespace WebCore | 2526 } // namespace WebCore |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 18865003:
Do not allow HTTP refresh headers to refresh to javascript: URLs. (Closed)
Base URL: svn://svn.chromium.org/blink/trunk