| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2007 Apple Inc. All rights reserved. | 2 * Copyright (C) 2007 Apple Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * | 7 * |
| 8 * 1. Redistributions of source code must retain the above copyright | 8 * 1. Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * 2. Redistributions in binary form must reproduce the above copyright | 10 * 2. Redistributions in binary form must reproduce the above copyright |
| (...skipping 341 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 352 | 352 |
| 353 if (SchemeRegistry::shouldTreatURLSchemeAsSecure(m_protocol) || isLocal() ||
isLocalhost()) | 353 if (SchemeRegistry::shouldTreatURLSchemeAsSecure(m_protocol) || isLocal() ||
isLocalhost()) |
| 354 return true; | 354 return true; |
| 355 | 355 |
| 356 if (SecurityPolicy::isOriginWhiteListedTrustworthy(*this)) | 356 if (SecurityPolicy::isOriginWhiteListedTrustworthy(*this)) |
| 357 return true; | 357 return true; |
| 358 | 358 |
| 359 return false; | 359 return false; |
| 360 } | 360 } |
| 361 | 361 |
| 362 bool SecurityOrigin::isPotentiallyTrustworthy(String* errorMessage) const |
| 363 { |
| 364 if (isPotentiallyTrustworthy()) |
| 365 return true; |
| 366 if (errorMessage) |
| 367 *errorMessage = isPotentiallyTrustworthyErrorMessage(); |
| 368 return false; |
| 369 } |
| 370 |
| 362 // static | 371 // static |
| 363 String SecurityOrigin::isPotentiallyTrustworthyErrorMessage() | 372 String SecurityOrigin::isPotentiallyTrustworthyErrorMessage() |
| 364 { | 373 { |
| 365 return "Only secure origins are allowed (see: https://goo.gl/Y0ZkNV)."; | 374 return "Only secure origins are allowed (see: https://goo.gl/Y0ZkNV)."; |
| 366 } | 375 } |
| 367 | 376 |
| 368 void SecurityOrigin::grantLoadLocalResources() | 377 void SecurityOrigin::grantLoadLocalResources() |
| 369 { | 378 { |
| 370 // Granting privileges to some, but not all, documents in a SecurityOrigin | 379 // Granting privileges to some, but not all, documents in a SecurityOrigin |
| 371 // is a security hazard because the documents without the privilege can | 380 // is a security hazard because the documents without the privilege can |
| (...skipping 203 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 575 m_blockLocalAccessFromLocalOrigin = privilegeData->m_blockLocalAccessFromLoc
alOrigin; | 584 m_blockLocalAccessFromLocalOrigin = privilegeData->m_blockLocalAccessFromLoc
alOrigin; |
| 576 } | 585 } |
| 577 | 586 |
| 578 void SecurityOrigin::setUniqueOriginIsPotentiallyTrustworthy(bool isUniqueOrigin
PotentiallyTrustworthy) | 587 void SecurityOrigin::setUniqueOriginIsPotentiallyTrustworthy(bool isUniqueOrigin
PotentiallyTrustworthy) |
| 579 { | 588 { |
| 580 ASSERT(!isUniqueOriginPotentiallyTrustworthy || isUnique()); | 589 ASSERT(!isUniqueOriginPotentiallyTrustworthy || isUnique()); |
| 581 m_isUniqueOriginPotentiallyTrustworthy = isUniqueOriginPotentiallyTrustworth
y; | 590 m_isUniqueOriginPotentiallyTrustworthy = isUniqueOriginPotentiallyTrustworth
y; |
| 582 } | 591 } |
| 583 | 592 |
| 584 } // namespace blink | 593 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2009453002:
service worker: Don't control a subframe of an insecure context (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master