OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 2006 Eric Seidel <eric@webkit.org> | 2 * Copyright (C) 2006 Eric Seidel <eric@webkit.org> |
3 * Copyright (C) 2008, 2009 Apple Inc. All rights reserved. | 3 * Copyright (C) 2008, 2009 Apple Inc. All rights reserved. |
4 * Copyright (C) Research In Motion Limited 2011. All rights reserved. | 4 * Copyright (C) Research In Motion Limited 2011. All rights reserved. |
5 * | 5 * |
6 * Redistribution and use in source and binary forms, with or without | 6 * Redistribution and use in source and binary forms, with or without |
7 * modification, are permitted provided that the following conditions | 7 * modification, are permitted provided that the following conditions |
8 * are met: | 8 * are met: |
9 * 1. Redistributions of source code must retain the above copyright | 9 * 1. Redistributions of source code must retain the above copyright |
10 * notice, this list of conditions and the following disclaimer. | 10 * notice, this list of conditions and the following disclaimer. |
(...skipping 124 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
135 | 135 |
136 RELEASE_ASSERT(frame->document()->loadEventFinished()); | 136 RELEASE_ASSERT(frame->document()->loadEventFinished()); |
137 | 137 |
138 SVGSVGElement* rootElement = toSVGDocument(frame->document())->rootElement() ; | 138 SVGSVGElement* rootElement = toSVGDocument(frame->document())->rootElement() ; |
139 if (!rootElement) | 139 if (!rootElement) |
140 return true; | 140 return true; |
141 | 141 |
142 // Don't allow foreignObject elements or images that are not known to be | 142 // Don't allow foreignObject elements or images that are not known to be |
143 // single-origin since these can leak cross-origin information. | 143 // single-origin since these can leak cross-origin information. |
144 ComposedTreeWalker walker(rootElement); | 144 ComposedTreeWalker walker(rootElement); |
145 while (Node* node = walker.get()) { | 145 while (Node* node = walker.get()) { |
pdr.
2014/03/09 02:25:39
It looks like there's not a shadowDom-aware type c
| |
146 if (node->hasTagName(SVGNames::foreignObjectTag)) | 146 if (isSVGForeignObjectElement(*node)) |
147 return false; | 147 return false; |
148 if (node->hasTagName(SVGNames::imageTag)) { | 148 if (isSVGImageElement(*node)) { |
149 if (!toSVGImageElement(node)->currentFrameHasSingleSecurityOrigin()) | 149 if (!toSVGImageElement(*node).currentFrameHasSingleSecurityOrigin()) |
150 return false; | 150 return false; |
151 } else if (node->hasTagName(SVGNames::feImageTag)) { | 151 } else if (isSVGFEImageElement(*node)) { |
152 if (!toSVGFEImageElement(node)->currentFrameHasSingleSecurityOrigin( )) | 152 if (!toSVGFEImageElement(*node).currentFrameHasSingleSecurityOrigin( )) |
153 return false; | 153 return false; |
154 } | 154 } |
155 walker.next(); | 155 walker.next(); |
156 } | 156 } |
157 | 157 |
158 // Because SVG image rendering disallows external resources and links, these | 158 // Because SVG image rendering disallows external resources and links, these |
159 // images effectively are restricted to a single security origin. | 159 // images effectively are restricted to a single security origin. |
160 return true; | 160 return true; |
161 } | 161 } |
162 | 162 |
(...skipping 311 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
474 | 474 |
475 return m_page; | 475 return m_page; |
476 } | 476 } |
477 | 477 |
478 String SVGImage::filenameExtension() const | 478 String SVGImage::filenameExtension() const |
479 { | 479 { |
480 return "svg"; | 480 return "svg"; |
481 } | 481 } |
482 | 482 |
483 } | 483 } |
OLD | NEW |