| OLD | NEW |
|---|
| 1 // Copyright 2012 The Chromium Authors. All rights reserved. | 1 // Copyright 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #import "ios/web/web_state/ui/crw_web_controller.h" | 5 #import "ios/web/web_state/ui/crw_web_controller.h" |
| 6 | 6 |
| 7 #import <WebKit/WebKit.h> | 7 #import <WebKit/WebKit.h> |
| 8 | 8 |
| 9 #import <objc/runtime.h> | 9 #import <objc/runtime.h> |
| 10 #include <stddef.h> | 10 #include <stddef.h> |
| (...skipping 2026 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2037 [self abortLoad]; | 2037 [self abortLoad]; |
| 2038 | 2038 |
| 2039 DCHECK(!_isHalted); | 2039 DCHECK(!_isHalted); |
| 2040 // Remove the transient content view. | 2040 // Remove the transient content view. |
| 2041 [self clearTransientContentView]; | 2041 [self clearTransientContentView]; |
| 2042 | 2042 |
| 2043 const GURL currentURL = [self currentNavigationURL]; | 2043 const GURL currentURL = [self currentNavigationURL]; |
| 2044 // If it's a chrome URL, but not a native one, create the WebUI instance. | 2044 // If it's a chrome URL, but not a native one, create the WebUI instance. |
| 2045 if (web::GetWebClient()->IsAppSpecificURL(currentURL) && | 2045 if (web::GetWebClient()->IsAppSpecificURL(currentURL) && |
| 2046 ![_nativeProvider hasControllerForURL:currentURL]) { | 2046 ![_nativeProvider hasControllerForURL:currentURL]) { |
| 2047 [self createWebUIForURL:currentURL]; | 2047 web::NavigationItem* item = [self currentNavItem]; |
| 2048 if (!(item->GetTransitionType() & ui::PAGE_TRANSITION_TYPED || |
| 2049 item->GetTransitionType() & ui::PAGE_TRANSITION_AUTO_BOOKMARK) && |
| 2050 self.sessionController.openedByDOM) { |
| 2051 // WebUI URLs can not be opened by DOM to prevent cross-site scripting as |
| 2052 // they have increased power. WebUI URLs may only be opened when the user |
| 2053 // types in the URL or use bookmarks. |
| 2054 [[self sessionController] discardNonCommittedEntries]; |
| 2055 return; |
| 2056 } else { |
| 2057 [self createWebUIForURL:currentURL]; |
| 2058 } |
| 2048 } | 2059 } |
| 2049 | 2060 |
| 2050 // Loading a new url, must check here if it's a native chrome URL and | 2061 // Loading a new url, must check here if it's a native chrome URL and |
| 2051 // replace the appropriate view if so, or transition back to a web view from | 2062 // replace the appropriate view if so, or transition back to a web view from |
| 2052 // a native view. | 2063 // a native view. |
| 2053 if ([self shouldLoadURLInNativeView:currentURL]) { | 2064 if ([self shouldLoadURLInNativeView:currentURL]) { |
| 2054 [self loadCurrentURLInNativeView]; | 2065 [self loadCurrentURLInNativeView]; |
| 2055 } else { | 2066 } else { |
| 2056 [self loadCurrentURLInWebView]; | 2067 [self loadCurrentURLInWebView]; |
| 2057 } | 2068 } |
| (...skipping 3604 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 5662 } | 5673 } |
| 5663 | 5674 |
| 5664 return web::WEB_VIEW_DOCUMENT_TYPE_GENERIC; | 5675 return web::WEB_VIEW_DOCUMENT_TYPE_GENERIC; |
| 5665 } | 5676 } |
| 5666 | 5677 |
| 5667 - (NSString*)refererFromNavigationAction:(WKNavigationAction*)action { | 5678 - (NSString*)refererFromNavigationAction:(WKNavigationAction*)action { |
| 5668 return [action.request valueForHTTPHeaderField:@"Referer"]; | 5679 return [action.request valueForHTTPHeaderField:@"Referer"]; |
| 5669 } | 5680 } |
| 5670 | 5681 |
| 5671 @end | 5682 @end |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2268053002:
[ios] Do not allow WebUI URLs for windows open by DOM. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master