OLD | NEW |
(Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "config.h" |
| 6 #include "modules/beacon/NavigatorBeacon.h" |
| 7 |
| 8 #include "bindings/v8/ExceptionState.h" |
| 9 #include "core/dom/ExceptionCode.h" |
| 10 #include "core/dom/ExecutionContext.h" |
| 11 #include "core/fileapi/Blob.h" |
| 12 #include "core/frame/LocalFrame.h" |
| 13 #include "core/frame/csp/ContentSecurityPolicy.h" |
| 14 #include "core/html/DOMFormData.h" |
| 15 #include "core/loader/BeaconLoader.h" |
| 16 #include "wtf/ArrayBufferView.h" |
| 17 |
| 18 namespace WebCore { |
| 19 |
| 20 bool NavigatorBeacon::isAllowedAccess(ExecutionContext* context, const KURL& url
, ExceptionState& exceptionState) |
| 21 { |
| 22 if (!url.isValid()) { |
| 23 exceptionState.throwDOMException(SyntaxError, "The URL argument is ill-f
ormed or unsupported."); |
| 24 return false; |
| 25 } |
| 26 // For now, only support HTTP and related. |
| 27 if (!url.protocolIsInHTTPFamily()) { |
| 28 exceptionState.throwDOMException(SyntaxError, "Beacons are only supporte
d over HTTP(S)."); |
| 29 return false; |
| 30 } |
| 31 if (!ContentSecurityPolicy::shouldBypassMainWorld(context) && !context->cont
entSecurityPolicy()->allowConnectToSource(url)) { |
| 32 // We can safely expose the URL to JavaScript, as these checks happen sy
nchronously before redirection. JavaScript receives no new information. |
| 33 exceptionState.throwSecurityError("Refused to send beacon to '" + url.el
idedString() + "' because it violates the document's Content Security Policy."); |
| 34 return false; |
| 35 } |
| 36 return true; |
| 37 } |
| 38 |
| 39 bool NavigatorBeacon::sendBeacon(ExecutionContext* context, Navigator& navigator
, const String& urlstring, const String& data, ExceptionState& exceptionState) |
| 40 { |
| 41 KURL url = context->completeURL(urlstring); |
| 42 if (!isAllowedAccess(context, url, exceptionState)) |
| 43 return false; |
| 44 |
| 45 BeaconLoader::sendBeacon(navigator.frame(), url, data); |
| 46 return true; |
| 47 } |
| 48 |
| 49 bool NavigatorBeacon::sendBeacon(ExecutionContext* context, Navigator& navigator
, const String& urlstring, PassRefPtr<ArrayBufferView> data, ExceptionState& exc
eptionState) |
| 50 { |
| 51 KURL url = context->completeURL(urlstring); |
| 52 if (!isAllowedAccess(context, url, exceptionState)) |
| 53 return false; |
| 54 |
| 55 BeaconLoader::sendBeacon(navigator.frame(), url, data); |
| 56 return true; |
| 57 } |
| 58 |
| 59 bool NavigatorBeacon::sendBeacon(ExecutionContext* context, Navigator& navigator
, const String& urlstring, PassRefPtrWillBeRawPtr<Blob> data, ExceptionState& ex
ceptionState) |
| 60 { |
| 61 KURL url = context->completeURL(urlstring); |
| 62 if (!isAllowedAccess(context, url, exceptionState)) |
| 63 return false; |
| 64 |
| 65 BeaconLoader::sendBeacon(navigator.frame(), url, data); |
| 66 return true; |
| 67 } |
| 68 |
| 69 bool NavigatorBeacon::sendBeacon(ExecutionContext* context, Navigator& navigator
, const String& urlstring, PassRefPtrWillBeRawPtr<DOMFormData> data, ExceptionSt
ate& exceptionState) |
| 70 { |
| 71 KURL url = context->completeURL(urlstring); |
| 72 if (!isAllowedAccess(context, url, exceptionState)) |
| 73 return false; |
| 74 |
| 75 BeaconLoader::sendBeacon(navigator.frame(), url, data); |
| 76 return true; |
| 77 } |
| 78 |
| 79 const char* NavigatorBeacon::supplementName() |
| 80 { |
| 81 return "NavigatorBeacon"; |
| 82 } |
| 83 |
| 84 NavigatorBeacon& NavigatorBeacon::from(Navigator& navigator) |
| 85 { |
| 86 NavigatorBeacon* supplement = static_cast<NavigatorBeacon*>(WillBeHeapSupple
ment<Navigator>::from(navigator, supplementName())); |
| 87 if (!supplement) { |
| 88 supplement = new NavigatorBeacon(); |
| 89 provideTo(navigator, supplementName(), adoptPtrWillBeNoop(supplement)); |
| 90 } |
| 91 return *supplement; |
| 92 } |
| 93 |
| 94 } // namespace WebCore |
OLD | NEW |