Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3)

Side by Side Diff: third_party/WebKit/Source/core/dom/Document.cpp

Issue 2061203002: WIP Reland: service worker: Don't control a subframe of an insecure context Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: maybe fix drmemory Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 /* 1 /*
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org)
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) 3 * (C) 1999 Antti Koivisto (koivisto@kde.org)
4 * (C) 2001 Dirk Mueller (mueller@kde.org) 4 * (C) 2001 Dirk Mueller (mueller@kde.org)
5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org)
6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r ights reserved. 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r ights reserved.
7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/) 7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/)
8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. 8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved.
9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) 9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies)
10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved. 10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved.
(...skipping 341 matching lines...) Expand 10 before | Expand all | Expand 10 after
352 return toLayoutPart(layoutObject)->widget(); 352 return toLayoutPart(layoutObject)->widget();
353 } 353 }
354 354
355 static bool acceptsEditingFocus(const Element& element) 355 static bool acceptsEditingFocus(const Element& element)
356 { 356 {
357 DCHECK(element.hasEditableStyle()); 357 DCHECK(element.hasEditableStyle());
358 358
359 return element.document().frame() && element.rootEditableElement(); 359 return element.document().frame() && element.rootEditableElement();
360 } 360 }
361 361
362 static bool isOriginPotentiallyTrustworthy(SecurityOrigin* origin, String* error Message)
363 {
364 if (origin->isPotentiallyTrustworthy())
365 return true;
366 if (errorMessage)
367 *errorMessage = origin->isPotentiallyTrustworthyErrorMessage();
368 return false;
369 }
370
371 uint64_t Document::s_globalTreeVersion = 0; 362 uint64_t Document::s_globalTreeVersion = 0;
372 363
373 static bool s_threadedParsingEnabledForTesting = true; 364 static bool s_threadedParsingEnabledForTesting = true;
374 365
375 // This class doesn't work with non-Document ExecutionContext. 366 // This class doesn't work with non-Document ExecutionContext.
376 class AutofocusTask final : public ExecutionContextTask { 367 class AutofocusTask final : public ExecutionContextTask {
377 public: 368 public:
378 static std::unique_ptr<AutofocusTask> create() 369 static std::unique_ptr<AutofocusTask> create()
379 { 370 {
380 return wrapUnique(new AutofocusTask()); 371 return wrapUnique(new AutofocusTask());
(...skipping 2933 matching lines...) Expand 10 before | Expand all | Expand 10 after
3314 3305
3315 void Document::cloneDataFromDocument(const Document& other) 3306 void Document::cloneDataFromDocument(const Document& other)
3316 { 3307 {
3317 setCompatibilityMode(other.getCompatibilityMode()); 3308 setCompatibilityMode(other.getCompatibilityMode());
3318 setEncodingData(other.m_encodingData); 3309 setEncodingData(other.m_encodingData);
3319 setContextFeatures(other.contextFeatures()); 3310 setContextFeatures(other.contextFeatures());
3320 setSecurityOrigin(other.getSecurityOrigin()->isolatedCopy()); 3311 setSecurityOrigin(other.getSecurityOrigin()->isolatedCopy());
3321 setMimeType(other.contentType()); 3312 setMimeType(other.contentType());
3322 } 3313 }
3323 3314
3324 bool Document::isSecureContextImpl(String* errorMessage, const SecureContextChec k privilegeContextCheck) const 3315 bool Document::isSecureContextImpl(const SecureContextCheck privilegeContextChec k) const
3325 { 3316 {
3326 // There may be exceptions for the secure context check defined for certain 3317 // There may be exceptions for the secure context check defined for certain
3327 // schemes. The exceptions are applied only to the special scheme and to 3318 // schemes. The exceptions are applied only to the special scheme and to
3328 // sandboxed URLs from those origins, but *not* to any children. 3319 // sandboxed URLs from those origins, but *not* to any children.
3329 // 3320 //
3330 // For example: 3321 // For example:
3331 // <iframe src="http://host"> 3322 // <iframe src="http://host">
3332 // <iframe src="scheme-has-exception://host"></iframe> 3323 // <iframe src="scheme-has-exception://host"></iframe>
3333 // <iframe sandbox src="scheme-has-exception://host"></iframe> 3324 // <iframe sandbox src="scheme-has-exception://host"></iframe>
3334 // </iframe> 3325 // </iframe>
3335 // both inner iframes pass this check, assuming that the scheme 3326 // both inner iframes pass this check, assuming that the scheme
3336 // "scheme-has-exception:" is granted an exception. 3327 // "scheme-has-exception:" is granted an exception.
3337 // 3328 //
3338 // However, 3329 // However,
3339 // <iframe src="http://host"> 3330 // <iframe src="http://host">
3340 // <iframe sandbox src="http://host"></iframe> 3331 // <iframe sandbox src="http://host"></iframe>
3341 // </iframe> 3332 // </iframe>
3342 // would fail the check (that is, sandbox does not grant an exception itself ). 3333 // would fail the check (that is, sandbox does not grant an exception itself ).
3343 // 3334 //
3344 // Additionally, with 3335 // Additionally, with
3345 // <iframe src="scheme-has-exception://host"> 3336 // <iframe src="scheme-has-exception://host">
3346 // <iframe src="http://host"></iframe> 3337 // <iframe src="http://host"></iframe>
3347 // <iframe sandbox src="http://host"></iframe> 3338 // <iframe sandbox src="http://host"></iframe>
3348 // </iframe> 3339 // </iframe>
3349 // both inner iframes would fail the check, even though the outermost iframe 3340 // both inner iframes would fail the check, even though the outermost iframe
3350 // passes. 3341 // passes.
3351 // 3342 //
3352 // In all cases, a frame must be potentially trustworthy in addition to 3343 // In all cases, a frame must be potentially trustworthy in addition to
3353 // having an exception listed in order for the exception to be granted. 3344 // having an exception listed in order for the exception to be granted.
3354 if (!isOriginPotentiallyTrustworthy(getSecurityOrigin(), errorMessage)) 3345 if (!getSecurityOrigin()->isPotentiallyTrustworthy())
3355 return false; 3346 return false;
3356 3347
3357 if (SchemeRegistry::schemeShouldBypassSecureContextCheck(getSecurityOrigin() ->protocol())) 3348 if (SchemeRegistry::schemeShouldBypassSecureContextCheck(getSecurityOrigin() ->protocol()))
3358 return true; 3349 return true;
3359 3350
3360 if (privilegeContextCheck == StandardSecureContextCheck) { 3351 if (privilegeContextCheck == StandardSecureContextCheck) {
3361 if (!m_frame) 3352 Frame* parent = m_frame ? m_frame->tree().parent() : nullptr;
3362 return true; 3353 if (parent && !parent->canHaveSecureChild())
3363 Frame* parent = m_frame->tree().parent(); 3354 return false;
3364 while (parent) {
3365 if (!isOriginPotentiallyTrustworthy(parent->securityContext()->getSe curityOrigin(), errorMessage))
3366 return false;
3367 parent = parent->tree().parent();
3368 }
3369 } 3355 }
3370 return true; 3356 return true;
3371 } 3357 }
3372 3358
3373 StyleSheetList& Document::styleSheets() 3359 StyleSheetList& Document::styleSheets()
3374 { 3360 {
3375 if (!m_styleSheetList) 3361 if (!m_styleSheetList)
3376 m_styleSheetList = StyleSheetList::create(this); 3362 m_styleSheetList = StyleSheetList::create(this);
3377 return *m_styleSheetList; 3363 return *m_styleSheetList;
3378 } 3364 }
(...skipping 2457 matching lines...) Expand 10 before | Expand all | Expand 10 after
5836 { 5822 {
5837 wrapper = V8DOMWrapper::associateObjectWithWrapper(isolate, this, wrapperTyp e, wrapper); 5823 wrapper = V8DOMWrapper::associateObjectWithWrapper(isolate, this, wrapperTyp e, wrapper);
5838 DOMWrapperWorld& world = DOMWrapperWorld::current(isolate); 5824 DOMWrapperWorld& world = DOMWrapperWorld::current(isolate);
5839 if (world.isMainWorld() && frame()) 5825 if (world.isMainWorld() && frame())
5840 frame()->script().windowProxy(world)->updateDocumentWrapper(wrapper); 5826 frame()->script().windowProxy(world)->updateDocumentWrapper(wrapper);
5841 return wrapper; 5827 return wrapper;
5842 } 5828 }
5843 5829
5844 bool Document::isSecureContext(String& errorMessage, const SecureContextCheck pr ivilegeContextCheck) const 5830 bool Document::isSecureContext(String& errorMessage, const SecureContextCheck pr ivilegeContextCheck) const
5845 { 5831 {
5846 return isSecureContextImpl(&errorMessage, privilegeContextCheck); 5832 if (isSecureContextImpl(privilegeContextCheck))
5833 return true;
5834 errorMessage = SecurityOrigin::isPotentiallyTrustworthyErrorMessage();
5835 return false;
5847 } 5836 }
5848 5837
5849 bool Document::isSecureContext(const SecureContextCheck privilegeContextCheck) c onst 5838 bool Document::isSecureContext(const SecureContextCheck privilegeContextCheck) c onst
5850 { 5839 {
5851 return isSecureContextImpl(nullptr, privilegeContextCheck); 5840 return isSecureContextImpl(privilegeContextCheck);
5852 } 5841 }
5853 5842
5854 WebTaskRunner* Document::loadingTaskRunner() const 5843 WebTaskRunner* Document::loadingTaskRunner() const
5855 { 5844 {
5856 if (frame()) 5845 if (frame())
5857 return frame()->frameScheduler()->loadingTaskRunner(); 5846 return frame()->frameScheduler()->loadingTaskRunner();
5858 if (m_importsController) 5847 if (m_importsController)
5859 return m_importsController->master()->loadingTaskRunner(); 5848 return m_importsController->master()->loadingTaskRunner();
5860 if (m_contextDocument) 5849 if (m_contextDocument)
5861 return m_contextDocument->loadingTaskRunner(); 5850 return m_contextDocument->loadingTaskRunner();
(...skipping 146 matching lines...) Expand 10 before | Expand all | Expand 10 after
6008 } 5997 }
6009 5998
6010 void showLiveDocumentInstances() 5999 void showLiveDocumentInstances()
6011 { 6000 {
6012 WeakDocumentSet& set = liveDocumentSet(); 6001 WeakDocumentSet& set = liveDocumentSet();
6013 fprintf(stderr, "There are %u documents currently alive:\n", set.size()); 6002 fprintf(stderr, "There are %u documents currently alive:\n", set.size());
6014 for (Document* document : set) 6003 for (Document* document : set)
6015 fprintf(stderr, "- Document %p URL: %s\n", document, document->url().get String().utf8().data()); 6004 fprintf(stderr, "- Document %p URL: %s\n", document, document->url().get String().utf8().data());
6016 } 6005 }
6017 #endif 6006 #endif
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/core/dom/Document.h ('k') | third_party/WebKit/Source/core/frame/Frame.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698