Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/public/browser/web_ui_message_handler.h

Issue 2099563002: WebUI: DisallowJavascript only on Refresh and non-same-page navigations (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: fix style Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/browser/webui/web_ui_message_handler.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CONTENT_PUBLIC_BROWSER_WEB_UI_MESSAGE_HANDLER_H_ 5 #ifndef CONTENT_PUBLIC_BROWSER_WEB_UI_MESSAGE_HANDLER_H_
6 #define CONTENT_PUBLIC_BROWSER_WEB_UI_MESSAGE_HANDLER_H_ 6 #define CONTENT_PUBLIC_BROWSER_WEB_UI_MESSAGE_HANDLER_H_
7 7
8 #include <vector> 8 #include <vector>
9 9
10 #include "base/gtest_prod_util.h" 10 #include "base/gtest_prod_util.h"
(...skipping 24 matching lines...) Expand all
35 WebUIMessageHandler() : javascript_allowed_(false), web_ui_(nullptr) {} 35 WebUIMessageHandler() : javascript_allowed_(false), web_ui_(nullptr) {}
36 virtual ~WebUIMessageHandler() {} 36 virtual ~WebUIMessageHandler() {}
37 37
38 // Call this when a page should not receive JavaScript messages. 38 // Call this when a page should not receive JavaScript messages.
39 void DisallowJavascript(); 39 void DisallowJavascript();
40 40
41 // Called from tests to toggle JavaScript to catch bugs. If AllowJavascript() 41 // Called from tests to toggle JavaScript to catch bugs. If AllowJavascript()
42 // is needed from production code, just publicize AllowJavascript() instead. 42 // is needed from production code, just publicize AllowJavascript() instead.
43 void AllowJavascriptForTesting(); 43 void AllowJavascriptForTesting();
44 44
45 bool IsJavascriptAllowed() const;
46
45 protected: 47 protected:
46 FRIEND_TEST_ALL_PREFIXES(WebUIMessageHandlerTest, ExtractIntegerValue); 48 FRIEND_TEST_ALL_PREFIXES(WebUIMessageHandlerTest, ExtractIntegerValue);
47 FRIEND_TEST_ALL_PREFIXES(WebUIMessageHandlerTest, ExtractDoubleValue); 49 FRIEND_TEST_ALL_PREFIXES(WebUIMessageHandlerTest, ExtractDoubleValue);
48 FRIEND_TEST_ALL_PREFIXES(WebUIMessageHandlerTest, ExtractStringValue); 50 FRIEND_TEST_ALL_PREFIXES(WebUIMessageHandlerTest, ExtractStringValue);
49 51
50 // Subclasses must call this once the page is ready for JavaScript calls 52 // Subclasses must call this once the page is ready for JavaScript calls
51 // from this handler. 53 // from this handler.
52 void AllowJavascript(); 54 void AllowJavascript();
53 55
54 bool IsJavascriptAllowed() const;
55
56 // Helper methods: 56 // Helper methods:
57 57
58 // Extract an integer value from a list Value. 58 // Extract an integer value from a list Value.
59 static bool ExtractIntegerValue(const base::ListValue* value, int* out_int); 59 static bool ExtractIntegerValue(const base::ListValue* value, int* out_int);
60 60
61 // Extract a floating point (double) value from a list Value. 61 // Extract a floating point (double) value from a list Value.
62 static bool ExtractDoubleValue(const base::ListValue* value, 62 static bool ExtractDoubleValue(const base::ListValue* value,
63 double* out_value); 63 double* out_value);
64 64
65 // Extract a string value from a list Value. 65 // Extract a string value from a list Value.
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after
114 114
115 // Sets the attached WebUI - exposed to subclasses for testing purposes. 115 // Sets the attached WebUI - exposed to subclasses for testing purposes.
116 void set_web_ui(WebUI* web_ui) { web_ui_ = web_ui; } 116 void set_web_ui(WebUI* web_ui) { web_ui_ = web_ui; }
117 117
118 private: 118 private:
119 // Provide external classes access to web_ui(), set_web_ui(), and 119 // Provide external classes access to web_ui(), set_web_ui(), and
120 // RenderViewReused. 120 // RenderViewReused.
121 friend class WebUIImpl; 121 friend class WebUIImpl;
122 friend class ::WebUIBrowserTest; 122 friend class ::WebUIBrowserTest;
123 123
124 // Called when a RenderView is reused to display a page (i.e. reload).
125 void RenderViewReused();
126
127 // TODO(dbeam): disallow JavaScript when a renderer process crashes. 124 // TODO(dbeam): disallow JavaScript when a renderer process crashes.
128 // http://crbug.com/610450 125 // http://crbug.com/610450
129 126
130 // True if the page is for JavaScript calls from this handler. 127 // True if the page is for JavaScript calls from this handler.
131 bool javascript_allowed_; 128 bool javascript_allowed_;
132 129
133 WebUI* web_ui_; 130 WebUI* web_ui_;
134 }; 131 };
135 132
136 } // namespace content 133 } // namespace content
137 134
138 #endif // CONTENT_PUBLIC_BROWSER_WEB_UI_MESSAGE_HANDLER_H_ 135 #endif // CONTENT_PUBLIC_BROWSER_WEB_UI_MESSAGE_HANDLER_H_
OLDNEW
« no previous file with comments | « content/browser/webui/web_ui_message_handler.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698