OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 1998, 1999 Torben Weis <weis@kde.org> | 2 * Copyright (C) 1998, 1999 Torben Weis <weis@kde.org> |
3 * 1999 Lars Knoll <knoll@kde.org> | 3 * 1999 Lars Knoll <knoll@kde.org> |
4 * 1999 Antti Koivisto <koivisto@kde.org> | 4 * 1999 Antti Koivisto <koivisto@kde.org> |
5 * 2000 Simon Hausmann <hausmann@kde.org> | 5 * 2000 Simon Hausmann <hausmann@kde.org> |
6 * 2000 Stefan Schimanski <1Stein@gmx.de> | 6 * 2000 Stefan Schimanski <1Stein@gmx.de> |
7 * 2001 George Staikos <staikos@kde.org> | 7 * 2001 George Staikos <staikos@kde.org> |
8 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All r
ights reserved. | 8 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All r
ights reserved. |
9 * Copyright (C) 2005 Alexey Proskuryakov <ap@nypop.com> | 9 * Copyright (C) 2005 Alexey Proskuryakov <ap@nypop.com> |
10 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) | 10 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) |
(...skipping 24 matching lines...) Expand all Loading... |
35 #include "core/frame/LocalDOMWindow.h" | 35 #include "core/frame/LocalDOMWindow.h" |
36 #include "core/frame/Settings.h" | 36 #include "core/frame/Settings.h" |
37 #include "core/frame/UseCounter.h" | 37 #include "core/frame/UseCounter.h" |
38 #include "core/html/HTMLFrameElementBase.h" | 38 #include "core/html/HTMLFrameElementBase.h" |
39 #include "core/input/EventHandler.h" | 39 #include "core/input/EventHandler.h" |
40 #include "core/inspector/InspectorInstrumentation.h" | 40 #include "core/inspector/InspectorInstrumentation.h" |
41 #include "core/inspector/InstanceCounters.h" | 41 #include "core/inspector/InstanceCounters.h" |
42 #include "core/layout/LayoutPart.h" | 42 #include "core/layout/LayoutPart.h" |
43 #include "core/loader/EmptyClients.h" | 43 #include "core/loader/EmptyClients.h" |
44 #include "core/loader/FrameLoaderClient.h" | 44 #include "core/loader/FrameLoaderClient.h" |
| 45 #include "core/loader/NavigationScheduler.h" |
45 #include "core/page/FocusController.h" | 46 #include "core/page/FocusController.h" |
46 #include "core/page/Page.h" | 47 #include "core/page/Page.h" |
47 #include "platform/Histogram.h" | 48 #include "platform/Histogram.h" |
48 #include "platform/UserGestureIndicator.h" | 49 #include "platform/UserGestureIndicator.h" |
49 | 50 |
50 namespace blink { | 51 namespace blink { |
51 | 52 |
52 using namespace HTMLNames; | 53 using namespace HTMLNames; |
53 | 54 |
54 Frame::~Frame() | 55 Frame::~Frame() |
(...skipping 106 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
161 } | 162 } |
162 | 163 |
163 return false; | 164 return false; |
164 } | 165 } |
165 | 166 |
166 bool Frame::canNavigate(const Frame& targetFrame) | 167 bool Frame::canNavigate(const Frame& targetFrame) |
167 { | 168 { |
168 String errorReason; | 169 String errorReason; |
169 bool isAllowedNavigation = canNavigateWithoutFramebusting(targetFrame, error
Reason); | 170 bool isAllowedNavigation = canNavigateWithoutFramebusting(targetFrame, error
Reason); |
170 | 171 |
171 // Frame-busting is generally allowed, but blocked for sandboxed frames lack
ing the 'allow-top-navigation' flag. | |
172 if (targetFrame != this && !securityContext()->isSandboxed(SandboxTopNavigat
ion) && targetFrame == tree().top()) { | 172 if (targetFrame != this && !securityContext()->isSandboxed(SandboxTopNavigat
ion) && targetFrame == tree().top()) { |
173 DEFINE_STATIC_LOCAL(EnumerationHistogram, framebustHistogram, ("WebCore.
Framebust", 4)); | 173 DEFINE_STATIC_LOCAL(EnumerationHistogram, framebustHistogram, ("WebCore.
Framebust", 4)); |
174 const unsigned userGestureBit = 0x1; | 174 const unsigned userGestureBit = 0x1; |
175 const unsigned allowedBit = 0x2; | 175 const unsigned allowedBit = 0x2; |
176 unsigned framebustParams = 0; | 176 unsigned framebustParams = 0; |
177 UseCounter::count(&targetFrame, UseCounter::TopNavigationFromSubFrame); | 177 UseCounter::count(&targetFrame, UseCounter::TopNavigationFromSubFrame); |
178 if (UserGestureIndicator::processingUserGesture()) | 178 bool hasUserGesture = UserGestureIndicator::processingUserGesture(); |
| 179 if (hasUserGesture) |
179 framebustParams |= userGestureBit; | 180 framebustParams |= userGestureBit; |
180 if (isAllowedNavigation) | 181 if (isAllowedNavigation) |
181 framebustParams |= allowedBit; | 182 framebustParams |= allowedBit; |
182 framebustHistogram.count(framebustParams); | 183 framebustHistogram.count(framebustParams); |
183 return true; | 184 // Frame-busting used to be generally allowed in most situations, but ma
y now blocked if there is no user gesture. |
| 185 if (!RuntimeEnabledFeatures::framebustingNeedsSameOriginOrUserGestureEna
bled()) |
| 186 return true; |
| 187 if (hasUserGesture || isAllowedNavigation) |
| 188 return true; |
| 189 errorReason = "The frame attempting navigation is targeting its top-leve
l window, but is neither same-origin with its target nor is it processing a user
gesture. See https://www.chromestatus.com/features/5851021045661696."; |
| 190 printNavigationErrorMessage(targetFrame, errorReason.latin1().data()); |
| 191 if (isLocalFrame()) |
| 192 toLocalFrame(this)->navigationScheduler().schedulePageBlock(toLocalF
rame(this)->document()); |
| 193 return false; |
184 } | 194 } |
185 if (!isAllowedNavigation && !errorReason.isNull()) | 195 if (!isAllowedNavigation && !errorReason.isNull()) |
186 printNavigationErrorMessage(targetFrame, errorReason.latin1().data()); | 196 printNavigationErrorMessage(targetFrame, errorReason.latin1().data()); |
187 return isAllowedNavigation; | 197 return isAllowedNavigation; |
188 } | 198 } |
189 | 199 |
190 bool Frame::canNavigateWithoutFramebusting(const Frame& targetFrame, String& rea
son) | 200 bool Frame::canNavigateWithoutFramebusting(const Frame& targetFrame, String& rea
son) |
191 { | 201 { |
192 if (securityContext()->isSandboxed(SandboxNavigation)) { | 202 if (securityContext()->isSandboxed(SandboxNavigation)) { |
193 // Sandboxed frames can navigate their own children. | 203 // Sandboxed frames can navigate their own children. |
194 if (targetFrame.tree().isDescendantOf(this)) | 204 if (targetFrame.tree().isDescendantOf(this)) |
195 return true; | 205 return true; |
196 | 206 |
197 // They can also navigate popups, if the 'allow-sandbox-escape-via-popup
' flag is specified. | 207 // They can also navigate popups, if the 'allow-sandbox-escape-via-popup
' flag is specified. |
198 if (targetFrame == targetFrame.tree().top() && targetFrame.tree().top()
!= tree().top() && !securityContext()->isSandboxed(SandboxPropagatesToAuxiliaryB
rowsingContexts)) | 208 if (targetFrame == targetFrame.tree().top() && targetFrame.tree().top()
!= tree().top() && !securityContext()->isSandboxed(SandboxPropagatesToAuxiliaryB
rowsingContexts)) |
199 return true; | 209 return true; |
200 | 210 |
| 211 // Top navigation can be opted-in. |
| 212 if (!securityContext()->isSandboxed(SandboxTopNavigation) && targetFrame
== tree().top()) |
| 213 return true; |
| 214 |
201 // Otherwise, block the navigation. | 215 // Otherwise, block the navigation. |
202 if (securityContext()->isSandboxed(SandboxTopNavigation) && targetFrame
== tree().top()) | 216 if (securityContext()->isSandboxed(SandboxTopNavigation) && targetFrame
== tree().top()) |
203 reason = "The frame attempting navigation of the top-level window is
sandboxed, but the 'allow-top-navigation' flag is not set."; | 217 reason = "The frame attempting navigation of the top-level window is
sandboxed, but the 'allow-top-navigation' flag is not set."; |
204 else | 218 else |
205 reason = "The frame attempting navigation is sandboxed, and is there
fore disallowed from navigating its ancestors."; | 219 reason = "The frame attempting navigation is sandboxed, and is there
fore disallowed from navigating its ancestors."; |
206 return false; | 220 return false; |
207 } | 221 } |
208 | 222 |
209 ASSERT(securityContext()->getSecurityOrigin()); | 223 ASSERT(securityContext()->getSecurityOrigin()); |
210 SecurityOrigin& origin = *securityContext()->getSecurityOrigin(); | 224 SecurityOrigin& origin = *securityContext()->getSecurityOrigin(); |
(...skipping 87 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
298 | 312 |
299 ASSERT(page()); | 313 ASSERT(page()); |
300 | 314 |
301 if (m_owner) | 315 if (m_owner) |
302 m_owner->setContentFrame(*this); | 316 m_owner->setContentFrame(*this); |
303 else | 317 else |
304 page()->setMainFrame(this); | 318 page()->setMainFrame(this); |
305 } | 319 } |
306 | 320 |
307 } // namespace blink | 321 } // namespace blink |
OLD | NEW |