Index: Source/core/svg/graphics/SVGImage.cpp |
diff --git a/Source/core/svg/graphics/SVGImage.cpp b/Source/core/svg/graphics/SVGImage.cpp |
index bbcfe3c44c2ce39b21e62a1fec4518c558e323b6..2c24155e259107ecb07f9114c18a2f47cb3e7dda 100644 |
--- a/Source/core/svg/graphics/SVGImage.cpp |
+++ b/Source/core/svg/graphics/SVGImage.cpp |
@@ -29,7 +29,9 @@ |
#include "core/svg/graphics/SVGImage.h" |
+#include "core/dom/NodeTraversal.h" |
#include "core/loader/DocumentLoader.h" |
+#include "core/page/Chrome.h" |
#include "core/page/FrameView.h" |
#include "core/page/Settings.h" |
#include "core/platform/graphics/GraphicsContextStateSaver.h" |
@@ -39,6 +41,7 @@ |
#include "core/rendering/style/RenderStyle.h" |
#include "core/rendering/svg/RenderSVGRoot.h" |
#include "core/svg/SVGDocument.h" |
+#include "core/svg/SVGImageElement.h" |
#include "core/svg/SVGSVGElement.h" |
#include "core/svg/graphics/SVGImageChromeClient.h" |
#include "wtf/PassRefPtr.h" |
@@ -62,6 +65,47 @@ SVGImage::~SVGImage() |
ASSERT(!m_chromeClient || !m_chromeClient->image()); |
} |
+bool SVGImage::isInSVGImage(const Element* element) |
+{ |
+ ASSERT(element); |
+ |
+ Page* page = element->document()->page(); |
+ if (!page) |
+ return false; |
+ |
+ ChromeClient* chromeClient = page->chrome().client(); |
+ return chromeClient && chromeClient->isSVGImageChromeClient(); |
+} |
+ |
+bool SVGImage::hasSingleSecurityOrigin() const |
+{ |
+ if (!m_page) |
+ return true; |
+ |
+ Frame* frame = m_page->mainFrame(); |
+ SVGSVGElement* rootElement = toSVGDocument(frame->document())->rootElement(); |
+ if (!rootElement) |
+ return true; |
+ |
+ // Don't allow foreignObject elements or images that are not known to be |
+ // single-origin since these can leak cross-origin information. |
+ for (Element* element = ElementTraversal::firstWithin(rootElement); element; element = ElementTraversal::next(element, rootElement)) { |
abarth-chromium
2013/08/12 19:47:44
Does this traverse shadow DOM?
pdr.
2013/08/19 23:16:17
Fortunately, custom elements cannot be created dec
|
+ if (element->hasTagName(SVGNames::foreignObjectTag)) |
+ return false; |
+ // FIXME(crbug.com/249037): Images should be allowed but the |
+ // implementation is difficult because images can have animations which |
+ // cause them to dynamically change their single-origin state. |
+ if (element->hasTagName(SVGNames::imageTag)) |
+ return false; |
+ if (element->hasTagName(SVGNames::feImageTag)) |
Tom Sepez
2013/08/15 17:53:59
I worry about folks introducing a new element type
pdr.
2013/08/19 23:16:17
I think this will actually end up being prohibitiv
|
+ return false; |
+ } |
+ |
+ // Because SVG image rendering disallows external resources and links, these |
+ // images effectively are restricted to a single security origin. |
+ return true; |
+} |
+ |
void SVGImage::setContainerSize(const IntSize& size) |
{ |
if (!m_page || !usesContainerSize()) |