OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) | 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) |
6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r
ights reserved. | 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r
ights reserved. |
7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t
orchmobile.com/) | 7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t
orchmobile.com/) |
8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. | 8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. |
9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) | 9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) |
10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved. | 10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved. |
(...skipping 336 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
347 return toLayoutPart(layoutObject)->widget(); | 347 return toLayoutPart(layoutObject)->widget(); |
348 } | 348 } |
349 | 349 |
350 static bool acceptsEditingFocus(const Element& element) | 350 static bool acceptsEditingFocus(const Element& element) |
351 { | 351 { |
352 DCHECK(element.hasEditableStyle()); | 352 DCHECK(element.hasEditableStyle()); |
353 | 353 |
354 return element.document().frame() && element.rootEditableElement(); | 354 return element.document().frame() && element.rootEditableElement(); |
355 } | 355 } |
356 | 356 |
| 357 static bool isOriginPotentiallyTrustworthy(SecurityOrigin* origin, String* error
Message) |
| 358 { |
| 359 if (origin->isPotentiallyTrustworthy()) |
| 360 return true; |
| 361 if (errorMessage) |
| 362 *errorMessage = origin->isPotentiallyTrustworthyErrorMessage(); |
| 363 return false; |
| 364 } |
| 365 |
357 uint64_t Document::s_globalTreeVersion = 0; | 366 uint64_t Document::s_globalTreeVersion = 0; |
358 | 367 |
359 static bool s_threadedParsingEnabledForTesting = true; | 368 static bool s_threadedParsingEnabledForTesting = true; |
360 | 369 |
361 using WeakDocumentSet = PersistentHeapHashSet<WeakMember<Document>>; | 370 using WeakDocumentSet = PersistentHeapHashSet<WeakMember<Document>>; |
362 | 371 |
363 static WeakDocumentSet& liveDocumentSet() | 372 static WeakDocumentSet& liveDocumentSet() |
364 { | 373 { |
365 DEFINE_STATIC_LOCAL(WeakDocumentSet, set, ()); | 374 DEFINE_STATIC_LOCAL(WeakDocumentSet, set, ()); |
366 return set; | 375 return set; |
(...skipping 2937 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3304 | 3313 |
3305 void Document::cloneDataFromDocument(const Document& other) | 3314 void Document::cloneDataFromDocument(const Document& other) |
3306 { | 3315 { |
3307 setCompatibilityMode(other.getCompatibilityMode()); | 3316 setCompatibilityMode(other.getCompatibilityMode()); |
3308 setEncodingData(other.m_encodingData); | 3317 setEncodingData(other.m_encodingData); |
3309 setContextFeatures(other.contextFeatures()); | 3318 setContextFeatures(other.contextFeatures()); |
3310 setSecurityOrigin(other.getSecurityOrigin()->isolatedCopy()); | 3319 setSecurityOrigin(other.getSecurityOrigin()->isolatedCopy()); |
3311 setMimeType(other.contentType()); | 3320 setMimeType(other.contentType()); |
3312 } | 3321 } |
3313 | 3322 |
3314 bool Document::isSecureContextImpl(const SecureContextCheck privilegeContextChec
k) const | 3323 bool Document::isSecureContextImpl(String* errorMessage, const SecureContextChec
k privilegeContextCheck) const |
3315 { | 3324 { |
3316 // There may be exceptions for the secure context check defined for certain | 3325 // There may be exceptions for the secure context check defined for certain |
3317 // schemes. The exceptions are applied only to the special scheme and to | 3326 // schemes. The exceptions are applied only to the special scheme and to |
3318 // sandboxed URLs from those origins, but *not* to any children. | 3327 // sandboxed URLs from those origins, but *not* to any children. |
3319 // | 3328 // |
3320 // For example: | 3329 // For example: |
3321 // <iframe src="http://host"> | 3330 // <iframe src="http://host"> |
3322 // <iframe src="scheme-has-exception://host"></iframe> | 3331 // <iframe src="scheme-has-exception://host"></iframe> |
3323 // <iframe sandbox src="scheme-has-exception://host"></iframe> | 3332 // <iframe sandbox src="scheme-has-exception://host"></iframe> |
3324 // </iframe> | 3333 // </iframe> |
3325 // both inner iframes pass this check, assuming that the scheme | 3334 // both inner iframes pass this check, assuming that the scheme |
3326 // "scheme-has-exception:" is granted an exception. | 3335 // "scheme-has-exception:" is granted an exception. |
3327 // | 3336 // |
3328 // However, | 3337 // However, |
3329 // <iframe src="http://host"> | 3338 // <iframe src="http://host"> |
3330 // <iframe sandbox src="http://host"></iframe> | 3339 // <iframe sandbox src="http://host"></iframe> |
3331 // </iframe> | 3340 // </iframe> |
3332 // would fail the check (that is, sandbox does not grant an exception itself
). | 3341 // would fail the check (that is, sandbox does not grant an exception itself
). |
3333 // | 3342 // |
3334 // Additionally, with | 3343 // Additionally, with |
3335 // <iframe src="scheme-has-exception://host"> | 3344 // <iframe src="scheme-has-exception://host"> |
3336 // <iframe src="http://host"></iframe> | 3345 // <iframe src="http://host"></iframe> |
3337 // <iframe sandbox src="http://host"></iframe> | 3346 // <iframe sandbox src="http://host"></iframe> |
3338 // </iframe> | 3347 // </iframe> |
3339 // both inner iframes would fail the check, even though the outermost iframe | 3348 // both inner iframes would fail the check, even though the outermost iframe |
3340 // passes. | 3349 // passes. |
3341 // | 3350 // |
3342 // In all cases, a frame must be potentially trustworthy in addition to | 3351 // In all cases, a frame must be potentially trustworthy in addition to |
3343 // having an exception listed in order for the exception to be granted. | 3352 // having an exception listed in order for the exception to be granted. |
3344 if (!getSecurityOrigin()->isPotentiallyTrustworthy()) | 3353 if (!isOriginPotentiallyTrustworthy(getSecurityOrigin(), errorMessage)) |
3345 return false; | 3354 return false; |
3346 | 3355 |
3347 if (SchemeRegistry::schemeShouldBypassSecureContextCheck(getSecurityOrigin()
->protocol())) | 3356 if (SchemeRegistry::schemeShouldBypassSecureContextCheck(getSecurityOrigin()
->protocol())) |
3348 return true; | 3357 return true; |
3349 | 3358 |
3350 if (privilegeContextCheck == StandardSecureContextCheck) { | 3359 if (privilegeContextCheck == StandardSecureContextCheck) { |
3351 Frame* parent = m_frame ? m_frame->tree().parent() : nullptr; | 3360 if (!m_frame) |
3352 if (parent && !parent->canHaveSecureChild()) | 3361 return true; |
3353 return false; | 3362 Frame* parent = m_frame->tree().parent(); |
| 3363 while (parent) { |
| 3364 if (!isOriginPotentiallyTrustworthy(parent->securityContext()->getSe
curityOrigin(), errorMessage)) |
| 3365 return false; |
| 3366 parent = parent->tree().parent(); |
| 3367 } |
3354 } | 3368 } |
3355 return true; | 3369 return true; |
3356 } | 3370 } |
3357 | 3371 |
3358 StyleSheetList& Document::styleSheets() | 3372 StyleSheetList& Document::styleSheets() |
3359 { | 3373 { |
3360 if (!m_styleSheetList) | 3374 if (!m_styleSheetList) |
3361 m_styleSheetList = StyleSheetList::create(this); | 3375 m_styleSheetList = StyleSheetList::create(this); |
3362 return *m_styleSheetList; | 3376 return *m_styleSheetList; |
3363 } | 3377 } |
(...skipping 2456 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
5820 { | 5834 { |
5821 wrapper = V8DOMWrapper::associateObjectWithWrapper(isolate, this, wrapperTyp
e, wrapper); | 5835 wrapper = V8DOMWrapper::associateObjectWithWrapper(isolate, this, wrapperTyp
e, wrapper); |
5822 DOMWrapperWorld& world = DOMWrapperWorld::current(isolate); | 5836 DOMWrapperWorld& world = DOMWrapperWorld::current(isolate); |
5823 if (world.isMainWorld() && frame()) | 5837 if (world.isMainWorld() && frame()) |
5824 frame()->script().windowProxy(world)->updateDocumentWrapper(wrapper); | 5838 frame()->script().windowProxy(world)->updateDocumentWrapper(wrapper); |
5825 return wrapper; | 5839 return wrapper; |
5826 } | 5840 } |
5827 | 5841 |
5828 bool Document::isSecureContext(String& errorMessage, const SecureContextCheck pr
ivilegeContextCheck) const | 5842 bool Document::isSecureContext(String& errorMessage, const SecureContextCheck pr
ivilegeContextCheck) const |
5829 { | 5843 { |
5830 if (isSecureContextImpl(privilegeContextCheck)) | 5844 return isSecureContextImpl(&errorMessage, privilegeContextCheck); |
5831 return true; | |
5832 errorMessage = SecurityOrigin::isPotentiallyTrustworthyErrorMessage(); | |
5833 return false; | |
5834 } | 5845 } |
5835 | 5846 |
5836 bool Document::isSecureContext(const SecureContextCheck privilegeContextCheck) c
onst | 5847 bool Document::isSecureContext(const SecureContextCheck privilegeContextCheck) c
onst |
5837 { | 5848 { |
5838 return isSecureContextImpl(privilegeContextCheck); | 5849 return isSecureContextImpl(nullptr, privilegeContextCheck); |
5839 } | 5850 } |
5840 | 5851 |
5841 WebTaskRunner* Document::loadingTaskRunner() const | 5852 WebTaskRunner* Document::loadingTaskRunner() const |
5842 { | 5853 { |
5843 if (frame()) | 5854 if (frame()) |
5844 return frame()->frameScheduler()->loadingTaskRunner(); | 5855 return frame()->frameScheduler()->loadingTaskRunner(); |
5845 if (m_importsController) | 5856 if (m_importsController) |
5846 return m_importsController->master()->loadingTaskRunner(); | 5857 return m_importsController->master()->loadingTaskRunner(); |
5847 if (m_contextDocument) | 5858 if (m_contextDocument) |
5848 return m_contextDocument->loadingTaskRunner(); | 5859 return m_contextDocument->loadingTaskRunner(); |
(...skipping 134 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
5983 #ifndef NDEBUG | 5994 #ifndef NDEBUG |
5984 using namespace blink; | 5995 using namespace blink; |
5985 void showLiveDocumentInstances() | 5996 void showLiveDocumentInstances() |
5986 { | 5997 { |
5987 WeakDocumentSet& set = liveDocumentSet(); | 5998 WeakDocumentSet& set = liveDocumentSet(); |
5988 fprintf(stderr, "There are %u documents currently alive:\n", set.size()); | 5999 fprintf(stderr, "There are %u documents currently alive:\n", set.size()); |
5989 for (Document* document : set) | 6000 for (Document* document : set) |
5990 fprintf(stderr, "- Document %p URL: %s\n", document, document->url().get
String().utf8().data()); | 6001 fprintf(stderr, "- Document %p URL: %s\n", document, document->url().get
String().utf8().data()); |
5991 } | 6002 } |
5992 #endif | 6003 #endif |
OLD | NEW |