Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(761)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: ios/web/web_state/ui/crw_web_controller.mm

Issue 2233063002: Reset previous WKBackForwardListeItem when navigating to WebUI pages. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Comment clarification Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 The Chromium Authors. All rights reserved. 1 // Copyright 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #import "ios/web/web_state/ui/crw_web_controller.h" 5 #import "ios/web/web_state/ui/crw_web_controller.h"
6 6
7 #import <WebKit/WebKit.h> 7 #import <WebKit/WebKit.h>
8 8
9 #import <objc/runtime.h> 9 #import <objc/runtime.h>
10 #include <stddef.h> 10 #include <stddef.h>
(...skipping 2300 matching lines...) Expand 10 before | Expand all | Expand 10 after
2311 _webStateImpl->GetRequestTracker()->FinishPageLoad(currentURL, loadSuccess); 2311 _webStateImpl->GetRequestTracker()->FinishPageLoad(currentURL, loadSuccess);
2312 // Reset the navigation type to the default value. 2312 // Reset the navigation type to the default value.
2313 // Note: it is possible that the web view has already started loading the 2313 // Note: it is possible that the web view has already started loading the
2314 // next page when this is called. In that case the cache mode can leak to 2314 // next page when this is called. In that case the cache mode can leak to
2315 // (some of) the requests of the next page. It's expected to be an edge case, 2315 // (some of) the requests of the next page. It's expected to be an edge case,
2316 // but if it becomes a problem it should be possible to notice it afterwards 2316 // but if it becomes a problem it should be possible to notice it afterwards
2317 // and react to it (by warning the user or reloading the page for example). 2317 // and react to it (by warning the user or reloading the page for example).
2318 _webStateImpl->GetRequestTracker()->SetCacheModeFromUIThread( 2318 _webStateImpl->GetRequestTracker()->SetCacheModeFromUIThread(
2319 net::RequestTracker::CACHE_NORMAL); 2319 net::RequestTracker::CACHE_NORMAL);
2320 2320
2321 // Rather than creating a new WKBackForwardListItem when loading WebUI pages,
2322 // WKWebView will cache the WebUI HTML in the previous WKBackForwardListItem
2323 // since it's loaded via |-loadHTML:forURL:| instead of an NSURLRequest. As a
2324 // result, the WebUI's HTML and URL will be loaded when navigating to that
2325 // WKBackForwardListItem, causing a mismatch between the visible content and
2326 // the visible URL (WebUI page will be visible, but URL will be the previous
2327 // page's URL). To prevent this potential URL spoofing vulnerability, reset
2328 // the previous NavigationItem's WKBackForwardListItem to force loading via
2329 // NSURLRequest.
2330 if (_webUIManager) {
2331 web::NavigationItem* lastNavigationItem =
2332 self.sessionController.previousEntry.navigationItem;
2333 if (lastNavigationItem) {
2334 web::WKBackForwardListItemHolder* holder =
2335 web::WKBackForwardListItemHolder::FromNavigationItem(
2336 lastNavigationItem);
2337 DCHECK(holder);
2338 holder->set_back_forward_list_item(nil);
2339 }
2340 }
2341
2321 [self restoreStateFromHistory]; 2342 [self restoreStateFromHistory];
2322 _webStateImpl->OnPageLoaded(currentURL, loadSuccess); 2343 _webStateImpl->OnPageLoaded(currentURL, loadSuccess);
2323 _webStateImpl->SetIsLoading(false); 2344 _webStateImpl->SetIsLoading(false);
2324 // Inform the embedder the load completed. 2345 // Inform the embedder the load completed.
2325 [_delegate webDidFinishWithURL:currentURL loadSuccess:loadSuccess]; 2346 [_delegate webDidFinishWithURL:currentURL loadSuccess:loadSuccess];
2326 } 2347 }
2327 2348
2328 - (void)finishHistoryNavigationFromEntry:(CRWSessionEntry*)fromEntry { 2349 - (void)finishHistoryNavigationFromEntry:(CRWSessionEntry*)fromEntry {
2329 [_delegate webWillFinishHistoryNavigationFromEntry:fromEntry]; 2350 [_delegate webWillFinishHistoryNavigationFromEntry:fromEntry];
2330 2351
(...skipping 3313 matching lines...) Expand 10 before | Expand all | Expand 10 after
5644 } 5665 }
5645 5666
5646 return web::WEB_VIEW_DOCUMENT_TYPE_GENERIC; 5667 return web::WEB_VIEW_DOCUMENT_TYPE_GENERIC;
5647 } 5668 }
5648 5669
5649 - (NSString*)refererFromNavigationAction:(WKNavigationAction*)action { 5670 - (NSString*)refererFromNavigationAction:(WKNavigationAction*)action {
5650 return [action.request valueForHTTPHeaderField:@"Referer"]; 5671 return [action.request valueForHTTPHeaderField:@"Referer"];
5651 } 5672 }
5652 5673
5653 @end 5674 @end
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698