Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(520)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/renderer/render_frame_impl.cc

Issue 2171063002: Notify the Blink client synchronously if the initial doc is accessed. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Forbid scripts. Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | third_party/WebKit/Source/core/loader/FrameLoader.h » ('j') | third_party/WebKit/Source/core/loader/FrameLoader.cpp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/renderer/render_frame_impl.cc
diff --git a/content/renderer/render_frame_impl.cc b/content/renderer/render_frame_impl.cc
index d2030c35e017a83ed17e6526dbb2907d173b90c1..be5d4da59db647458e1ce3322f9852a9fffe7b6a 100644
--- a/content/renderer/render_frame_impl.cc
+++ b/content/renderer/render_frame_impl.cc
@@ -2776,6 +2776,9 @@ RenderFrameImpl::createServiceWorkerProvider() {
}
void RenderFrameImpl::didAccessInitialDocument() {
+ // NOTE: It is critical not to call back into JavaScript here, since this call
+ // is made from a V8 security check.
+
// If the request hasn't yet committed, notify the browser process that it is
// no longer safe to show the pending URL of the main frame, since a URL spoof
// is now possible. (If the request has committed, the browser already knows.)
« no previous file with comments | « no previous file | third_party/WebKit/Source/core/loader/FrameLoader.h » ('j') | third_party/WebKit/Source/core/loader/FrameLoader.cpp » ('J')

Powered by Google App Engine
This is Rietveld 408576698