Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(933)

Side by Side Diff: third_party/WebKit/Source/core/dom/Document.cpp

Issue 2071433003: Reland: service worker: Don't control a subframe of an insecure context (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: revised Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 /* 1 /*
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org)
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) 3 * (C) 1999 Antti Koivisto (koivisto@kde.org)
4 * (C) 2001 Dirk Mueller (mueller@kde.org) 4 * (C) 2001 Dirk Mueller (mueller@kde.org)
5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org)
6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r ights reserved. 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r ights reserved.
7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/) 7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/)
8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. 8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved.
9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) 9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies)
10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved. 10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved.
(...skipping 341 matching lines...) Expand 10 before | Expand all | Expand 10 after
352 return toLayoutPart(layoutObject)->widget(); 352 return toLayoutPart(layoutObject)->widget();
353 } 353 }
354 354
355 static bool acceptsEditingFocus(const Element& element) 355 static bool acceptsEditingFocus(const Element& element)
356 { 356 {
357 DCHECK(element.hasEditableStyle()); 357 DCHECK(element.hasEditableStyle());
358 358
359 return element.document().frame() && element.rootEditableElement(); 359 return element.document().frame() && element.rootEditableElement();
360 } 360 }
361 361
362 static bool isOriginPotentiallyTrustworthy(SecurityOrigin* origin, String* error Message)
363 {
364 if (origin->isPotentiallyTrustworthy())
365 return true;
366 if (errorMessage)
367 *errorMessage = origin->isPotentiallyTrustworthyErrorMessage();
368 return false;
369 }
370
371 uint64_t Document::s_globalTreeVersion = 0; 362 uint64_t Document::s_globalTreeVersion = 0;
372 363
373 static bool s_threadedParsingEnabledForTesting = true; 364 static bool s_threadedParsingEnabledForTesting = true;
374 365
375 // This class doesn't work with non-Document ExecutionContext. 366 // This class doesn't work with non-Document ExecutionContext.
376 class AutofocusTask final : public ExecutionContextTask { 367 class AutofocusTask final : public ExecutionContextTask {
377 public: 368 public:
378 static std::unique_ptr<AutofocusTask> create() 369 static std::unique_ptr<AutofocusTask> create()
379 { 370 {
380 return wrapUnique(new AutofocusTask()); 371 return wrapUnique(new AutofocusTask());
(...skipping 2938 matching lines...) Expand 10 before | Expand all | Expand 10 after
3319 3310
3320 void Document::cloneDataFromDocument(const Document& other) 3311 void Document::cloneDataFromDocument(const Document& other)
3321 { 3312 {
3322 setCompatibilityMode(other.getCompatibilityMode()); 3313 setCompatibilityMode(other.getCompatibilityMode());
3323 setEncodingData(other.m_encodingData); 3314 setEncodingData(other.m_encodingData);
3324 setContextFeatures(other.contextFeatures()); 3315 setContextFeatures(other.contextFeatures());
3325 setSecurityOrigin(other.getSecurityOrigin()->isolatedCopy()); 3316 setSecurityOrigin(other.getSecurityOrigin()->isolatedCopy());
3326 setMimeType(other.contentType()); 3317 setMimeType(other.contentType());
3327 } 3318 }
3328 3319
3329 bool Document::isSecureContextImpl(String* errorMessage, const SecureContextChec k privilegeContextCheck) const 3320 bool Document::isSecureContextImpl(const SecureContextCheck privilegeContextChec k) const
3330 { 3321 {
3331 // There may be exceptions for the secure context check defined for certain 3322 // There may be exceptions for the secure context check defined for certain
3332 // schemes. The exceptions are applied only to the special scheme and to 3323 // schemes. The exceptions are applied only to the special scheme and to
3333 // sandboxed URLs from those origins, but *not* to any children. 3324 // sandboxed URLs from those origins, but *not* to any children.
3334 // 3325 //
3335 // For example: 3326 // For example:
3336 // <iframe src="http://host"> 3327 // <iframe src="http://host">
3337 // <iframe src="scheme-has-exception://host"></iframe> 3328 // <iframe src="scheme-has-exception://host"></iframe>
3338 // <iframe sandbox src="scheme-has-exception://host"></iframe> 3329 // <iframe sandbox src="scheme-has-exception://host"></iframe>
3339 // </iframe> 3330 // </iframe>
3340 // both inner iframes pass this check, assuming that the scheme 3331 // both inner iframes pass this check, assuming that the scheme
3341 // "scheme-has-exception:" is granted an exception. 3332 // "scheme-has-exception:" is granted an exception.
3342 // 3333 //
3343 // However, 3334 // However,
3344 // <iframe src="http://host"> 3335 // <iframe src="http://host">
3345 // <iframe sandbox src="http://host"></iframe> 3336 // <iframe sandbox src="http://host"></iframe>
3346 // </iframe> 3337 // </iframe>
3347 // would fail the check (that is, sandbox does not grant an exception itself ). 3338 // would fail the check (that is, sandbox does not grant an exception itself ).
3348 // 3339 //
3349 // Additionally, with 3340 // Additionally, with
3350 // <iframe src="scheme-has-exception://host"> 3341 // <iframe src="scheme-has-exception://host">
3351 // <iframe src="http://host"></iframe> 3342 // <iframe src="http://host"></iframe>
3352 // <iframe sandbox src="http://host"></iframe> 3343 // <iframe sandbox src="http://host"></iframe>
3353 // </iframe> 3344 // </iframe>
3354 // both inner iframes would fail the check, even though the outermost iframe 3345 // both inner iframes would fail the check, even though the outermost iframe
3355 // passes. 3346 // passes.
3356 // 3347 //
3357 // In all cases, a frame must be potentially trustworthy in addition to 3348 // In all cases, a frame must be potentially trustworthy in addition to
3358 // having an exception listed in order for the exception to be granted. 3349 // having an exception listed in order for the exception to be granted.
3359 if (!isOriginPotentiallyTrustworthy(getSecurityOrigin(), errorMessage)) 3350 if (!getSecurityOrigin()->isPotentiallyTrustworthy())
3360 return false; 3351 return false;
3361 3352
3362 if (SchemeRegistry::schemeShouldBypassSecureContextCheck(getSecurityOrigin() ->protocol())) 3353 if (SchemeRegistry::schemeShouldBypassSecureContextCheck(getSecurityOrigin() ->protocol()))
3363 return true; 3354 return true;
3364 3355
3365 if (privilegeContextCheck == StandardSecureContextCheck) { 3356 if (privilegeContextCheck == StandardSecureContextCheck) {
3366 if (!m_frame) 3357 Frame* parent = m_frame ? m_frame->tree().parent() : nullptr;
3367 return true; 3358 if (parent && !parent->canHaveSecureChild())
3368 Frame* parent = m_frame->tree().parent(); 3359 return false;
3369 while (parent) {
3370 if (!isOriginPotentiallyTrustworthy(parent->securityContext()->getSe curityOrigin(), errorMessage))
3371 return false;
3372 parent = parent->tree().parent();
3373 }
3374 } 3360 }
3375 return true; 3361 return true;
3376 } 3362 }
3377 3363
3378 StyleSheetList& Document::styleSheets() 3364 StyleSheetList& Document::styleSheets()
3379 { 3365 {
3380 if (!m_styleSheetList) 3366 if (!m_styleSheetList)
3381 m_styleSheetList = StyleSheetList::create(this); 3367 m_styleSheetList = StyleSheetList::create(this);
3382 return *m_styleSheetList; 3368 return *m_styleSheetList;
3383 } 3369 }
(...skipping 2457 matching lines...) Expand 10 before | Expand all | Expand 10 after
5841 { 5827 {
5842 wrapper = V8DOMWrapper::associateObjectWithWrapper(isolate, this, wrapperTyp e, wrapper); 5828 wrapper = V8DOMWrapper::associateObjectWithWrapper(isolate, this, wrapperTyp e, wrapper);
5843 DOMWrapperWorld& world = DOMWrapperWorld::current(isolate); 5829 DOMWrapperWorld& world = DOMWrapperWorld::current(isolate);
5844 if (world.isMainWorld() && frame()) 5830 if (world.isMainWorld() && frame())
5845 frame()->script().windowProxy(world)->updateDocumentWrapper(wrapper); 5831 frame()->script().windowProxy(world)->updateDocumentWrapper(wrapper);
5846 return wrapper; 5832 return wrapper;
5847 } 5833 }
5848 5834
5849 bool Document::isSecureContext(String& errorMessage, const SecureContextCheck pr ivilegeContextCheck) const 5835 bool Document::isSecureContext(String& errorMessage, const SecureContextCheck pr ivilegeContextCheck) const
5850 { 5836 {
5851 return isSecureContextImpl(&errorMessage, privilegeContextCheck); 5837 if (isSecureContextImpl(privilegeContextCheck))
5838 return true;
5839 errorMessage = SecurityOrigin::isPotentiallyTrustworthyErrorMessage();
5840 return false;
5852 } 5841 }
5853 5842
5854 bool Document::isSecureContext(const SecureContextCheck privilegeContextCheck) c onst 5843 bool Document::isSecureContext(const SecureContextCheck privilegeContextCheck) c onst
5855 { 5844 {
5856 return isSecureContextImpl(nullptr, privilegeContextCheck); 5845 return isSecureContextImpl(privilegeContextCheck);
5857 } 5846 }
5858 5847
5859 WebTaskRunner* Document::loadingTaskRunner() const 5848 WebTaskRunner* Document::loadingTaskRunner() const
5860 { 5849 {
5861 if (frame()) 5850 if (frame())
5862 return frame()->frameScheduler()->loadingTaskRunner(); 5851 return frame()->frameScheduler()->loadingTaskRunner();
5863 if (m_importsController) 5852 if (m_importsController)
5864 return m_importsController->master()->loadingTaskRunner(); 5853 return m_importsController->master()->loadingTaskRunner();
5865 if (m_contextDocument) 5854 if (m_contextDocument)
5866 return m_contextDocument->loadingTaskRunner(); 5855 return m_contextDocument->loadingTaskRunner();
(...skipping 146 matching lines...) Expand 10 before | Expand all | Expand 10 after
6013 } 6002 }
6014 6003
6015 void showLiveDocumentInstances() 6004 void showLiveDocumentInstances()
6016 { 6005 {
6017 WeakDocumentSet& set = liveDocumentSet(); 6006 WeakDocumentSet& set = liveDocumentSet();
6018 fprintf(stderr, "There are %u documents currently alive:\n", set.size()); 6007 fprintf(stderr, "There are %u documents currently alive:\n", set.size());
6019 for (Document* document : set) 6008 for (Document* document : set)
6020 fprintf(stderr, "- Document %p URL: %s\n", document, document->url().get String().utf8().data()); 6009 fprintf(stderr, "- Document %p URL: %s\n", document, document->url().get String().utf8().data());
6021 } 6010 }
6022 #endif 6011 #endif
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/core/dom/Document.h ('k') | third_party/WebKit/Source/core/frame/Frame.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698