OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) | 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) |
6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r ights reserved. | 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r ights reserved. |
7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/) | 7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/) |
8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. | 8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. |
9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) | 9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) |
10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved. | 10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved. |
(...skipping 2619 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2630 else if (equalIgnoringCase(equiv, "refresh")) | 2630 else if (equalIgnoringCase(equiv, "refresh")) |
2631 processHttpEquivRefresh(content); | 2631 processHttpEquivRefresh(content); |
2632 else if (equalIgnoringCase(equiv, "set-cookie")) | 2632 else if (equalIgnoringCase(equiv, "set-cookie")) |
2633 processHttpEquivSetCookie(content); | 2633 processHttpEquivSetCookie(content); |
2634 else if (equalIgnoringCase(equiv, "content-language")) | 2634 else if (equalIgnoringCase(equiv, "content-language")) |
2635 setContentLanguage(content); | 2635 setContentLanguage(content); |
2636 else if (equalIgnoringCase(equiv, "x-dns-prefetch-control")) | 2636 else if (equalIgnoringCase(equiv, "x-dns-prefetch-control")) |
2637 parseDNSPrefetchControlHeader(content); | 2637 parseDNSPrefetchControlHeader(content); |
2638 else if (equalIgnoringCase(equiv, "x-frame-options")) | 2638 else if (equalIgnoringCase(equiv, "x-frame-options")) |
2639 processHttpEquivXFrameOptions(content); | 2639 processHttpEquivXFrameOptions(content); |
2640 else if (equalIgnoringCase(equiv, "content-security-policy")) | 2640 else if (equalIgnoringCase(equiv, "content-security-policy") |
2641 || equalIgnoringCase(equiv, "content-security-policy-report-only") | |
2642 || equalIgnoringCase(equiv, "content-security-policy-report-only") | |
2643 || equalIgnoringCase(equiv, "x-webkit-csp") | |
2644 || equalIgnoringCase(equiv, "x-webkit-csp-report-only")) | |
2645 processHttpEquivContentSecurityPolicy(equiv, content); | |
2646 } | |
2647 | |
2648 void Document::processHttpEquivContentSecurityPolicy(const String& equiv, const String& content) | |
Mike West
2013/07/22 14:39:42
I like this cleanup, but it's unrelated to the cor
| |
2649 { | |
2650 if (!this->frame()) | |
2651 return; | |
2652 | |
2653 if (equalIgnoringCase(equiv, "content-security-policy")) | |
2641 contentSecurityPolicy()->didReceiveHeader(content, ContentSecurityPolicy ::Enforce); | 2654 contentSecurityPolicy()->didReceiveHeader(content, ContentSecurityPolicy ::Enforce); |
2642 else if (equalIgnoringCase(equiv, "content-security-policy-report-only")) | 2655 else if (equalIgnoringCase(equiv, "content-security-policy-report-only")) |
2643 contentSecurityPolicy()->didReceiveHeader(content, ContentSecurityPolicy ::Report); | 2656 contentSecurityPolicy()->didReceiveHeader(content, ContentSecurityPolicy ::Report); |
2644 else if (equalIgnoringCase(equiv, "x-webkit-csp")) | 2657 else if (equalIgnoringCase(equiv, "x-webkit-csp")) |
2645 contentSecurityPolicy()->didReceiveHeader(content, ContentSecurityPolicy ::PrefixedEnforce); | 2658 contentSecurityPolicy()->didReceiveHeader(content, ContentSecurityPolicy ::PrefixedEnforce); |
2646 else if (equalIgnoringCase(equiv, "x-webkit-csp-report-only")) | 2659 else if (equalIgnoringCase(equiv, "x-webkit-csp-report-only")) |
2647 contentSecurityPolicy()->didReceiveHeader(content, ContentSecurityPolicy ::PrefixedReport); | 2660 contentSecurityPolicy()->didReceiveHeader(content, ContentSecurityPolicy ::PrefixedReport); |
2661 else | |
2662 ASSERT_NOT_REACHED(); | |
2648 } | 2663 } |
2649 | 2664 |
2650 void Document::processHttpEquivDefaultStyle(const String& content) | 2665 void Document::processHttpEquivDefaultStyle(const String& content) |
2651 { | 2666 { |
2652 // The preferred style set has been overridden as per section | 2667 // The preferred style set has been overridden as per section |
2653 // 14.3.2 of the HTML4.0 specification. We need to update the | 2668 // 14.3.2 of the HTML4.0 specification. We need to update the |
2654 // sheet used variable and then update our style selector. | 2669 // sheet used variable and then update our style selector. |
2655 // For more info, see the test at: | 2670 // For more info, see the test at: |
2656 // http://www.hixie.ch/tests/evil/css/import/main/preferred.html | 2671 // http://www.hixie.ch/tests/evil/css/import/main/preferred.html |
2657 // -dwh | 2672 // -dwh |
(...skipping 1535 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
4193 initSecurityContext(DocumentInit(m_url, m_frame, m_import)); | 4208 initSecurityContext(DocumentInit(m_url, m_frame, m_import)); |
4194 } | 4209 } |
4195 | 4210 |
4196 void Document::initSecurityContext(const DocumentInit& initializer) | 4211 void Document::initSecurityContext(const DocumentInit& initializer) |
4197 { | 4212 { |
4198 if (haveInitializedSecurityOrigin()) { | 4213 if (haveInitializedSecurityOrigin()) { |
4199 ASSERT(securityOrigin()); | 4214 ASSERT(securityOrigin()); |
4200 return; | 4215 return; |
4201 } | 4216 } |
4202 | 4217 |
4203 if (!initializer.frame()) { | 4218 if (!initializer.hasSecurityContext()) { |
4204 // No source for a security context. | 4219 // No source for a security context. |
4205 // This can occur via document.implementation.createDocument(). | 4220 // This can occur via document.implementation.createDocument(). |
4206 m_cookieURL = KURL(ParsedURLString, emptyString()); | 4221 m_cookieURL = KURL(ParsedURLString, emptyString()); |
4207 setSecurityOrigin(SecurityOrigin::createUnique()); | 4222 setSecurityOrigin(SecurityOrigin::createUnique()); |
4208 setContentSecurityPolicy(ContentSecurityPolicy::create(this)); | 4223 setContentSecurityPolicy(ContentSecurityPolicy::create(this)); |
4209 return; | 4224 return; |
4210 } | 4225 } |
4211 | 4226 |
4212 // In the common case, create the security context from the currently | 4227 // In the common case, create the security context from the currently |
4213 // loading URL with a fresh content security policy. | 4228 // loading URL with a fresh content security policy. |
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
4267 } | 4282 } |
4268 | 4283 |
4269 m_cookieURL = ownerFrame->document()->cookieURL(); | 4284 m_cookieURL = ownerFrame->document()->cookieURL(); |
4270 // We alias the SecurityOrigins to match Firefox, see Bug 15313 | 4285 // We alias the SecurityOrigins to match Firefox, see Bug 15313 |
4271 // https://bugs.webkit.org/show_bug.cgi?id=15313 | 4286 // https://bugs.webkit.org/show_bug.cgi?id=15313 |
4272 setSecurityOrigin(ownerFrame->document()->securityOrigin()); | 4287 setSecurityOrigin(ownerFrame->document()->securityOrigin()); |
4273 } | 4288 } |
4274 | 4289 |
4275 void Document::initContentSecurityPolicy() | 4290 void Document::initContentSecurityPolicy() |
4276 { | 4291 { |
4277 if (!m_frame->tree()->parent() || (!shouldInheritSecurityOriginFromOwner(m_u rl) && !isPluginDocument())) | 4292 if (m_frame && m_frame->tree()->parent() && (shouldInheritSecurityOriginFrom Owner(m_url) || isPluginDocument())) |
4278 return; | 4293 contentSecurityPolicy()->copyStateFrom(m_frame->tree()->parent()->docume nt()->contentSecurityPolicy()); |
4279 | 4294 if (HTMLImport* import = this->import()) |
4280 contentSecurityPolicy()->copyStateFrom(m_frame->tree()->parent()->document() ->contentSecurityPolicy()); | 4295 contentSecurityPolicy()->copyStateFrom(import->master()->contentSecurity Policy()); |
4281 } | 4296 } |
4282 | 4297 |
4283 void Document::didUpdateSecurityOrigin() | 4298 void Document::didUpdateSecurityOrigin() |
4284 { | 4299 { |
4285 if (!m_frame) | 4300 if (!m_frame) |
4286 return; | 4301 return; |
4287 m_frame->script()->updateSecurityOrigin(); | 4302 m_frame->script()->updateSecurityOrigin(); |
4288 } | 4303 } |
4289 | 4304 |
4290 bool Document::isContextThread() const | 4305 bool Document::isContextThread() const |
(...skipping 790 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
5081 { | 5096 { |
5082 return DocumentLifecycleNotifier::create(this); | 5097 return DocumentLifecycleNotifier::create(this); |
5083 } | 5098 } |
5084 | 5099 |
5085 DocumentLifecycleNotifier* Document::lifecycleNotifier() | 5100 DocumentLifecycleNotifier* Document::lifecycleNotifier() |
5086 { | 5101 { |
5087 return static_cast<DocumentLifecycleNotifier*>(ScriptExecutionContext::lifec ycleNotifier()); | 5102 return static_cast<DocumentLifecycleNotifier*>(ScriptExecutionContext::lifec ycleNotifier()); |
5088 } | 5103 } |
5089 | 5104 |
5090 } // namespace WebCore | 5105 } // namespace WebCore |
OLD | NEW |