Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(165)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/renderer/render_view_impl.cc

Issue 1899843002: Fix cross-site popups to inherit their opener's sandbox flags even when popup opener is not set. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@2661
Patch Set: Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/browser/frame_host/render_frame_host_manager_browsertest.cc ('k') | content/test/data/click-noreferrer-links.html » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/renderer/render_view_impl.h" 5 #include "content/renderer/render_view_impl.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <cmath> 8 #include <cmath>
9 9
10 #include "base/auto_reset.h" 10 #include "base/auto_reset.h"
(...skipping 790 matching lines...) Expand 10 before | Expand all | Expand 10 after
801 801
802 if (command_line.HasSwitch(switches::kDomAutomationController)) 802 if (command_line.HasSwitch(switches::kDomAutomationController))
803 enabled_bindings_ |= BINDINGS_POLICY_DOM_AUTOMATION; 803 enabled_bindings_ |= BINDINGS_POLICY_DOM_AUTOMATION;
804 if (command_line.HasSwitch(switches::kStatsCollectionController)) 804 if (command_line.HasSwitch(switches::kStatsCollectionController))
805 enabled_bindings_ |= BINDINGS_POLICY_STATS_COLLECTION; 805 enabled_bindings_ |= BINDINGS_POLICY_STATS_COLLECTION;
806 806
807 GetContentClient()->renderer()->RenderViewCreated(this); 807 GetContentClient()->renderer()->RenderViewCreated(this);
808 808
809 // If we have an opener_frame but we weren't created by a renderer, then it's 809 // If we have an opener_frame but we weren't created by a renderer, then it's
810 // the browser asking us to set our opener to another frame. 810 // the browser asking us to set our opener to another frame.
811 if (opener_frame && !was_created_by_renderer) { 811 if (opener_frame && !was_created_by_renderer)
812 webview()->mainFrame()->setOpener(opener_frame); 812 webview()->mainFrame()->setOpener(opener_frame);
813 813
814 // Ensure that sandbox flags are inherited from an opener in a different 814 // Ensure that sandbox flags are inherited from an opener in a different
815 // process. In that case, the browser process will set any inherited 815 // process. In that case, the browser process will set any inherited
816 // sandbox flags in |replicated_frame_state|, so apply them here. 816 // sandbox flags in |replicated_frame_state|, so apply them here.
817 if (webview()->mainFrame()->isWebLocalFrame()) { 817 if (!was_created_by_renderer && webview()->mainFrame()->isWebLocalFrame()) {
818 webview()->mainFrame()->toWebLocalFrame()->forceSandboxFlags( 818 webview()->mainFrame()->toWebLocalFrame()->forceSandboxFlags(
819 params.replicated_frame_state.sandbox_flags); 819 params.replicated_frame_state.sandbox_flags);
820 }
821 } 820 }
822 821
823 // If we are initially swapped out, navigate to kSwappedOutURL. 822 // If we are initially swapped out, navigate to kSwappedOutURL.
824 // This ensures we are in a unique origin that others cannot script. 823 // This ensures we are in a unique origin that others cannot script.
825 if (is_swapped_out_ && webview()->mainFrame()->isWebLocalFrame()) 824 if (is_swapped_out_ && webview()->mainFrame()->isWebLocalFrame())
826 main_render_frame_->NavigateToSwappedOutURL(); 825 main_render_frame_->NavigateToSwappedOutURL();
827 } 826 }
828 827
829 RenderViewImpl::~RenderViewImpl() { 828 RenderViewImpl::~RenderViewImpl() {
830 DCHECK(!frame_widget_); 829 DCHECK(!frame_widget_);
(...skipping 2721 matching lines...) Expand 10 before | Expand all | Expand 10 after
3552 if (IsUseZoomForDSFEnabled()) { 3551 if (IsUseZoomForDSFEnabled()) {
3553 webview()->setZoomFactorForDeviceScaleFactor(device_scale_factor_); 3552 webview()->setZoomFactorForDeviceScaleFactor(device_scale_factor_);
3554 } else { 3553 } else {
3555 webview()->setDeviceScaleFactor(device_scale_factor_); 3554 webview()->setDeviceScaleFactor(device_scale_factor_);
3556 } 3555 }
3557 webview()->settings()->setPreferCompositingToLCDTextEnabled( 3556 webview()->settings()->setPreferCompositingToLCDTextEnabled(
3558 PreferCompositingToLCDText(compositor_deps_, device_scale_factor_)); 3557 PreferCompositingToLCDText(compositor_deps_, device_scale_factor_));
3559 } 3558 }
3560 3559
3561 } // namespace content 3560 } // namespace content
OLDNEW
« no previous file with comments | « content/browser/frame_host/render_frame_host_manager_browsertest.cc ('k') | content/test/data/click-noreferrer-links.html » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698