| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2006, 2007, 2008, 2010 Apple Inc. All rights reserved. | 2 * Copyright (C) 2006, 2007, 2008, 2010 Apple Inc. All rights reserved. |
| 3 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) | 3 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) |
| 4 * | 4 * |
| 5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
| 6 * modification, are permitted provided that the following conditions | 6 * modification, are permitted provided that the following conditions |
| 7 * are met: | 7 * are met: |
| 8 * 1. Redistributions of source code must retain the above copyright | 8 * 1. Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * 2. Redistributions in binary form must reproduce the above copyright | 10 * 2. Redistributions in binary form must reproduce the above copyright |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 58 else | 58 else |
| 59 host->chromeClient().focus(); | 59 host->chromeClient().focus(); |
| 60 } | 60 } |
| 61 } | 61 } |
| 62 return frame; | 62 return frame; |
| 63 } | 63 } |
| 64 } | 64 } |
| 65 return nullptr; | 65 return nullptr; |
| 66 } | 66 } |
| 67 | 67 |
| 68 static Frame* createNewWindow(LocalFrame& openerFrame, const FrameLoadRequest& r
equest, const WindowFeatures& features, NavigationPolicy policy, ShouldSetOpener
shouldSetOpener, bool& created) | 68 static Frame* createNewWindow(LocalFrame& openerFrame, const FrameLoadRequest& r
equest, const WindowFeatures& features, NavigationPolicy policy, bool& created) |
| 69 { | 69 { |
| 70 FrameHost* oldHost = openerFrame.host(); | 70 FrameHost* oldHost = openerFrame.host(); |
| 71 if (!oldHost) | 71 if (!oldHost) |
| 72 return nullptr; | 72 return nullptr; |
| 73 | 73 |
| 74 Page* page = oldHost->chromeClient().createWindow(&openerFrame, request, fea
tures, policy, shouldSetOpener); | 74 Page* page = oldHost->chromeClient().createWindow(&openerFrame, request, fea
tures, policy); |
| 75 if (!page) | 75 if (!page) |
| 76 return nullptr; | 76 return nullptr; |
| 77 FrameHost* host = &page->frameHost(); | 77 FrameHost* host = &page->frameHost(); |
| 78 | 78 |
| 79 ASSERT(page->mainFrame()); | 79 ASSERT(page->mainFrame()); |
| 80 LocalFrame& frame = *toLocalFrame(page->mainFrame()); | 80 LocalFrame& frame = *toLocalFrame(page->mainFrame()); |
| 81 | 81 |
| 82 if (request.frameName() != "_blank") | 82 if (request.frameName() != "_blank") |
| 83 frame.tree().setName(request.frameName()); | 83 frame.tree().setName(request.frameName()); |
| 84 | 84 |
| (...skipping 20 matching lines...) Expand all Loading... |
| 105 | 105 |
| 106 if (openerFrame.document()->isSandboxed(SandboxPropagatesToAuxiliaryBrowsing
Contexts)) | 106 if (openerFrame.document()->isSandboxed(SandboxPropagatesToAuxiliaryBrowsing
Contexts)) |
| 107 frame.loader().forceSandboxFlags(openerFrame.securityContext()->getSandb
oxFlags()); | 107 frame.loader().forceSandboxFlags(openerFrame.securityContext()->getSandb
oxFlags()); |
| 108 | 108 |
| 109 // This call may suspend the execution by running nested message loop. | 109 // This call may suspend the execution by running nested message loop. |
| 110 InspectorInstrumentation::windowCreated(&openerFrame, &frame); | 110 InspectorInstrumentation::windowCreated(&openerFrame, &frame); |
| 111 created = true; | 111 created = true; |
| 112 return &frame; | 112 return &frame; |
| 113 } | 113 } |
| 114 | 114 |
| 115 static Frame* createWindowHelper(LocalFrame& openerFrame, LocalFrame& activeFram
e, LocalFrame& lookupFrame, const FrameLoadRequest& request, const WindowFeature
s& features, NavigationPolicy policy, ShouldSetOpener shouldSetOpener, bool& cre
ated) | 115 static Frame* createWindowHelper(LocalFrame& openerFrame, LocalFrame& activeFram
e, LocalFrame& lookupFrame, const FrameLoadRequest& request, const WindowFeature
s& features, NavigationPolicy policy, bool& created) |
| 116 { | 116 { |
| 117 ASSERT(!features.dialog || request.frameName().isEmpty()); | 117 ASSERT(!features.dialog || request.frameName().isEmpty()); |
| 118 ASSERT(request.resourceRequest().requestorOrigin() || openerFrame.document()
->url().isEmpty()); | 118 ASSERT(request.resourceRequest().requestorOrigin() || openerFrame.document()
->url().isEmpty()); |
| 119 ASSERT(request.resourceRequest().frameType() == WebURLRequest::FrameTypeAuxi
liary); | 119 ASSERT(request.resourceRequest().frameType() == WebURLRequest::FrameTypeAuxi
liary); |
| 120 | 120 |
| 121 created = false; | 121 created = false; |
| 122 | 122 |
| 123 Frame* window = reuseExistingWindow(activeFrame, lookupFrame, request.frameN
ame(), policy); | 123 Frame* window = reuseExistingWindow(activeFrame, lookupFrame, request.frameN
ame(), policy); |
| 124 | 124 |
| 125 if (!window) { | 125 if (!window) { |
| 126 // Sandboxed frames cannot open new auxiliary browsing contexts. | 126 // Sandboxed frames cannot open new auxiliary browsing contexts. |
| 127 if (openerFrame.document()->isSandboxed(SandboxPopups)) { | 127 if (openerFrame.document()->isSandboxed(SandboxPopups)) { |
| 128 // FIXME: This message should be moved off the console once a soluti
on to https://bugs.webkit.org/show_bug.cgi?id=103274 exists. | 128 // FIXME: This message should be moved off the console once a soluti
on to https://bugs.webkit.org/show_bug.cgi?id=103274 exists. |
| 129 openerFrame.document()->addConsoleMessage(ConsoleMessage::create(Sec
urityMessageSource, ErrorMessageLevel, "Blocked opening '" + request.resourceReq
uest().url().elidedString() + "' in a new window because the request was made in
a sandboxed frame whose 'allow-popups' permission is not set.")); | 129 openerFrame.document()->addConsoleMessage(ConsoleMessage::create(Sec
urityMessageSource, ErrorMessageLevel, "Blocked opening '" + request.resourceReq
uest().url().elidedString() + "' in a new window because the request was made in
a sandboxed frame whose 'allow-popups' permission is not set.")); |
| 130 return nullptr; | 130 return nullptr; |
| 131 } | 131 } |
| 132 | 132 |
| 133 if (openerFrame.settings() && !openerFrame.settings()->supportsMultipleW
indows()) | 133 if (openerFrame.settings() && !openerFrame.settings()->supportsMultipleW
indows()) |
| 134 window = openerFrame.tree().top(); | 134 window = openerFrame.tree().top(); |
| 135 } | 135 } |
| 136 | 136 |
| 137 if (window) { | 137 if (window) { |
| 138 if (shouldSetOpener == MaybeSetOpener) | 138 if (request.getShouldSetOpener() == MaybeSetOpener) |
| 139 window->client()->setOpener(&openerFrame); | 139 window->client()->setOpener(&openerFrame); |
| 140 return window; | 140 return window; |
| 141 } | 141 } |
| 142 | 142 |
| 143 return createNewWindow(openerFrame, request, features, policy, shouldSetOpen
er, created); | 143 return createNewWindow(openerFrame, request, features, policy, created); |
| 144 } | 144 } |
| 145 | 145 |
| 146 DOMWindow* createWindow(const String& urlString, const AtomicString& frameName,
const WindowFeatures& windowFeatures, | 146 DOMWindow* createWindow(const String& urlString, const AtomicString& frameName,
const WindowFeatures& windowFeatures, |
| 147 LocalDOMWindow& callingWindow, LocalFrame& firstFrame, LocalFrame& openerFra
me) | 147 LocalDOMWindow& callingWindow, LocalFrame& firstFrame, LocalFrame& openerFra
me) |
| 148 { | 148 { |
| 149 LocalFrame* activeFrame = callingWindow.frame(); | 149 LocalFrame* activeFrame = callingWindow.frame(); |
| 150 ASSERT(activeFrame); | 150 ASSERT(activeFrame); |
| 151 | 151 |
| 152 KURL completedURL = urlString.isEmpty() ? KURL(ParsedURLString, emptyString(
)) : firstFrame.document()->completeURL(urlString); | 152 KURL completedURL = urlString.isEmpty() ? KURL(ParsedURLString, emptyString(
)) : firstFrame.document()->completeURL(urlString); |
| 153 if (!completedURL.isEmpty() && !completedURL.isValid()) { | 153 if (!completedURL.isEmpty() && !completedURL.isValid()) { |
| 154 // Don't expose client code to invalid URLs. | 154 // Don't expose client code to invalid URLs. |
| 155 callingWindow.printErrorMessage("Unable to open a window with invalid UR
L '" + completedURL.getString() + "'.\n"); | 155 callingWindow.printErrorMessage("Unable to open a window with invalid UR
L '" + completedURL.getString() + "'.\n"); |
| 156 return nullptr; | 156 return nullptr; |
| 157 } | 157 } |
| 158 | 158 |
| 159 FrameLoadRequest frameRequest(callingWindow.document(), completedURL, frameN
ame); | 159 FrameLoadRequest frameRequest(callingWindow.document(), completedURL, frameN
ame); |
| 160 frameRequest.setShouldSetOpener(windowFeatures.noopener ? NeverSetOpener : M
aybeSetOpener); |
| 160 frameRequest.resourceRequest().setFrameType(WebURLRequest::FrameTypeAuxiliar
y); | 161 frameRequest.resourceRequest().setFrameType(WebURLRequest::FrameTypeAuxiliar
y); |
| 161 frameRequest.resourceRequest().setRequestorOrigin(SecurityOrigin::create(act
iveFrame->document()->url())); | 162 frameRequest.resourceRequest().setRequestorOrigin(SecurityOrigin::create(act
iveFrame->document()->url())); |
| 162 | 163 |
| 163 // Normally, FrameLoader would take care of setting the referrer for a navig
ation that is | 164 // Normally, FrameLoader would take care of setting the referrer for a navig
ation that is |
| 164 // triggered from javascript. However, creating a window goes through suffic
ient processing | 165 // triggered from javascript. However, creating a window goes through suffic
ient processing |
| 165 // that it eventually enters FrameLoader as an embedder-initiated navigation
. FrameLoader | 166 // that it eventually enters FrameLoader as an embedder-initiated navigation
. FrameLoader |
| 166 // assumes no responsibility for generating an embedder-initiated navigation
's referrer, | 167 // assumes no responsibility for generating an embedder-initiated navigation
's referrer, |
| 167 // so we need to ensure the proper referrer is set now. | 168 // so we need to ensure the proper referrer is set now. |
| 168 frameRequest.resourceRequest().setHTTPReferrer(SecurityPolicy::generateRefer
rer(activeFrame->document()->getReferrerPolicy(), completedURL, activeFrame->doc
ument()->outgoingReferrer())); | 169 frameRequest.resourceRequest().setHTTPReferrer(SecurityPolicy::generateRefer
rer(activeFrame->document()->getReferrerPolicy(), completedURL, activeFrame->doc
ument()->outgoingReferrer())); |
| 169 | 170 |
| 170 // Records HasUserGesture before the value is invalidated inside createWindo
w(LocalFrame& openerFrame, ...). | 171 // Records HasUserGesture before the value is invalidated inside createWindo
w(LocalFrame& openerFrame, ...). |
| 171 // This value will be set in ResourceRequest loaded in a new LocalFrame. | 172 // This value will be set in ResourceRequest loaded in a new LocalFrame. |
| 172 bool hasUserGesture = UserGestureIndicator::processingUserGesture(); | 173 bool hasUserGesture = UserGestureIndicator::processingUserGesture(); |
| 173 | 174 |
| 174 // We pass the opener frame for the lookupFrame in case the active frame is
different from | 175 // We pass the opener frame for the lookupFrame in case the active frame is
different from |
| 175 // the opener frame, and the name references a frame relative to the opener
frame. | 176 // the opener frame, and the name references a frame relative to the opener
frame. |
| 176 bool created; | 177 bool created; |
| 177 ShouldSetOpener opener = windowFeatures.noopener ? NeverSetOpener : MaybeSet
Opener; | 178 Frame* newFrame = createWindowHelper(openerFrame, *activeFrame, openerFrame,
frameRequest, windowFeatures, NavigationPolicyIgnore, created); |
| 178 Frame* newFrame = createWindowHelper(openerFrame, *activeFrame, openerFrame,
frameRequest, windowFeatures, NavigationPolicyIgnore, opener, created); | |
| 179 if (!newFrame) | 179 if (!newFrame) |
| 180 return nullptr; | 180 return nullptr; |
| 181 | 181 |
| 182 if (!newFrame->domWindow()->isInsecureScriptAccess(callingWindow, completedU
RL)) { | 182 if (!newFrame->domWindow()->isInsecureScriptAccess(callingWindow, completedU
RL)) { |
| 183 if (!urlString.isEmpty() || created) | 183 if (!urlString.isEmpty() || created) |
| 184 newFrame->navigate(*callingWindow.document(), completedURL, false, h
asUserGesture ? UserGestureStatus::Active : UserGestureStatus::None); | 184 newFrame->navigate(*callingWindow.document(), completedURL, false, h
asUserGesture ? UserGestureStatus::Active : UserGestureStatus::None); |
| 185 } | 185 } |
| 186 return newFrame->domWindow(); | 186 return newFrame->domWindow(); |
| 187 } | 187 } |
| 188 | 188 |
| 189 void createWindowForRequest(const FrameLoadRequest& request, LocalFrame& openerF
rame, NavigationPolicy policy, ShouldSendReferrer shouldSendReferrer, ShouldSetO
pener shouldSetOpener) | 189 void createWindowForRequest(const FrameLoadRequest& request, LocalFrame& openerF
rame, NavigationPolicy policy) |
| 190 { | 190 { |
| 191 ASSERT(request.resourceRequest().requestorOrigin() || (openerFrame.document(
) && openerFrame.document()->url().isEmpty())); | 191 ASSERT(request.resourceRequest().requestorOrigin() || (openerFrame.document(
) && openerFrame.document()->url().isEmpty())); |
| 192 | 192 |
| 193 if (openerFrame.document()->pageDismissalEventBeingDispatched() != Document:
:NoDismissal) | 193 if (openerFrame.document()->pageDismissalEventBeingDispatched() != Document:
:NoDismissal) |
| 194 return; | 194 return; |
| 195 | 195 |
| 196 if (openerFrame.document() && openerFrame.document()->isSandboxed(SandboxPop
ups)) | 196 if (openerFrame.document() && openerFrame.document()->isSandboxed(SandboxPop
ups)) |
| 197 return; | 197 return; |
| 198 | 198 |
| 199 if (!LocalDOMWindow::allowPopUp(openerFrame)) | 199 if (!LocalDOMWindow::allowPopUp(openerFrame)) |
| 200 return; | 200 return; |
| 201 | 201 |
| 202 if (policy == NavigationPolicyCurrentTab) | 202 if (policy == NavigationPolicyCurrentTab) |
| 203 policy = NavigationPolicyNewForegroundTab; | 203 policy = NavigationPolicyNewForegroundTab; |
| 204 | 204 |
| 205 WindowFeatures features; | 205 WindowFeatures features; |
| 206 features.noopener = request.getShouldSetOpener() == NeverSetOpener; |
| 206 bool created; | 207 bool created; |
| 207 Frame* newFrame = createWindowHelper(openerFrame, openerFrame, openerFrame,
request, features, policy, shouldSetOpener, created); | 208 Frame* newFrame = createWindowHelper(openerFrame, openerFrame, openerFrame,
request, features, policy, created); |
| 208 if (!newFrame) | 209 if (!newFrame) |
| 209 return; | 210 return; |
| 210 if (shouldSendReferrer == MaybeSendReferrer) { | 211 if (request.getShouldSendReferrer() == MaybeSendReferrer) { |
| 211 // TODO(japhet): Does ReferrerPolicy need to be proagated for RemoteFram
es? | 212 // TODO(japhet): Does ReferrerPolicy need to be proagated for RemoteFram
es? |
| 212 if (newFrame->isLocalFrame()) | 213 if (newFrame->isLocalFrame()) |
| 213 toLocalFrame(newFrame)->document()->setReferrerPolicy(openerFrame.do
cument()->getReferrerPolicy()); | 214 toLocalFrame(newFrame)->document()->setReferrerPolicy(openerFrame.do
cument()->getReferrerPolicy()); |
| 214 } | 215 } |
| 215 | 216 |
| 216 // TODO(japhet): Form submissions on RemoteFrames don't work yet. | 217 // TODO(japhet): Form submissions on RemoteFrames don't work yet. |
| 217 FrameLoadRequest newRequest(0, request.resourceRequest()); | 218 FrameLoadRequest newRequest(0, request.resourceRequest()); |
| 218 newRequest.setForm(request.form()); | 219 newRequest.setForm(request.form()); |
| 219 if (newFrame->isLocalFrame()) | 220 if (newFrame->isLocalFrame()) |
| 220 toLocalFrame(newFrame)->loader().load(newRequest); | 221 toLocalFrame(newFrame)->loader().load(newRequest); |
| 221 } | 222 } |
| 222 | 223 |
| 223 } // namespace blink | 224 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2058693002:
Do not suppress referrers for '<a ... rel="noopener">'. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master