Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(861)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: ios/web/web_state/ui/crw_web_controller.mm

Issue 2252903002: Reset previous WKBackForwardListeItem when navigating to WebUI pages. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@2785
Patch Set: Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 The Chromium Authors. All rights reserved. 1 // Copyright 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #import "ios/web/web_state/ui/crw_web_controller.h" 5 #import "ios/web/web_state/ui/crw_web_controller.h"
6 6
7 #import <WebKit/WebKit.h> 7 #import <WebKit/WebKit.h>
8 8
9 #import <objc/runtime.h> 9 #import <objc/runtime.h>
10 #include <stddef.h> 10 #include <stddef.h>
(...skipping 2318 matching lines...) Expand 10 before | Expand all | Expand 10 after
2329 _webStateImpl->GetRequestTracker()->FinishPageLoad(currentURL, loadSuccess); 2329 _webStateImpl->GetRequestTracker()->FinishPageLoad(currentURL, loadSuccess);
2330 // Reset the navigation type to the default value. 2330 // Reset the navigation type to the default value.
2331 // Note: it is possible that the web view has already started loading the 2331 // Note: it is possible that the web view has already started loading the
2332 // next page when this is called. In that case the cache mode can leak to 2332 // next page when this is called. In that case the cache mode can leak to
2333 // (some of) the requests of the next page. It's expected to be an edge case, 2333 // (some of) the requests of the next page. It's expected to be an edge case,
2334 // but if it becomes a problem it should be possible to notice it afterwards 2334 // but if it becomes a problem it should be possible to notice it afterwards
2335 // and react to it (by warning the user or reloading the page for example). 2335 // and react to it (by warning the user or reloading the page for example).
2336 _webStateImpl->GetRequestTracker()->SetCacheModeFromUIThread( 2336 _webStateImpl->GetRequestTracker()->SetCacheModeFromUIThread(
2337 net::RequestTracker::CACHE_NORMAL); 2337 net::RequestTracker::CACHE_NORMAL);
2338 2338
2339 // Rather than creating a new WKBackForwardListItem when loading WebUI pages,
2340 // WKWebView will cache the WebUI HTML in the previous WKBackForwardListItem
2341 // since it's loaded via |-loadHTML:forURL:| instead of an NSURLRequest. As a
2342 // result, the WebUI's HTML and URL will be loaded when navigating to that
2343 // WKBackForwardListItem, causing a mismatch between the visible content and
2344 // the visible URL (WebUI page will be visible, but URL will be the previous
2345 // page's URL). To prevent this potential URL spoofing vulnerability, reset
2346 // the previous NavigationItem's WKBackForwardListItem to force loading via
2347 // NSURLRequest.
2348 if (_webUIManager) {
2349 web::NavigationItem* lastNavigationItem =
2350 self.sessionController.previousEntry.navigationItem;
2351 if (lastNavigationItem) {
2352 web::WKBackForwardListItemHolder* holder =
2353 web::WKBackForwardListItemHolder::FromNavigationItem(
2354 lastNavigationItem);
2355 DCHECK(holder);
2356 holder->set_back_forward_list_item(nil);
2357 }
2358 }
2359
2339 [self restoreStateFromHistory]; 2360 [self restoreStateFromHistory];
2340 _webStateImpl->OnPageLoaded(currentURL, loadSuccess); 2361 _webStateImpl->OnPageLoaded(currentURL, loadSuccess);
2341 _webStateImpl->SetIsLoading(false); 2362 _webStateImpl->SetIsLoading(false);
2342 // Inform the embedder the load completed. 2363 // Inform the embedder the load completed.
2343 [_delegate webDidFinishWithURL:currentURL loadSuccess:loadSuccess]; 2364 [_delegate webDidFinishWithURL:currentURL loadSuccess:loadSuccess];
2344 } 2365 }
2345 2366
2346 - (void)finishHistoryNavigationFromEntry:(CRWSessionEntry*)fromEntry { 2367 - (void)finishHistoryNavigationFromEntry:(CRWSessionEntry*)fromEntry {
2347 [_delegate webWillFinishHistoryNavigationFromEntry:fromEntry]; 2368 [_delegate webWillFinishHistoryNavigationFromEntry:fromEntry];
2348 2369
(...skipping 3315 matching lines...) Expand 10 before | Expand all | Expand 10 after
5664 } 5685 }
5665 5686
5666 return web::WEB_VIEW_DOCUMENT_TYPE_GENERIC; 5687 return web::WEB_VIEW_DOCUMENT_TYPE_GENERIC;
5667 } 5688 }
5668 5689
5669 - (NSString*)refererFromNavigationAction:(WKNavigationAction*)action { 5690 - (NSString*)refererFromNavigationAction:(WKNavigationAction*)action {
5670 return [action.request valueForHTTPHeaderField:@"Referer"]; 5691 return [action.request valueForHTTPHeaderField:@"Referer"];
5671 } 5692 }
5672 5693
5673 @end 5694 @end
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698