Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(172)

Unified Diff: third_party/WebKit/Source/core/dom/DocumentInit.cpp

Issue 2321503002: (Re-)introduce AncestorThrottle to handle 'X-Frame-Options'. (Closed)
Patch Set: Ugh. Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: third_party/WebKit/Source/core/dom/DocumentInit.cpp
diff --git a/third_party/WebKit/Source/core/dom/DocumentInit.cpp b/third_party/WebKit/Source/core/dom/DocumentInit.cpp
index 38690c75159f263566915e0de42ed6117ff37686..cf27563a4c29f37a40e096d27945ca4db386b2c9 100644
--- a/third_party/WebKit/Source/core/dom/DocumentInit.cpp
+++ b/third_party/WebKit/Source/core/dom/DocumentInit.cpp
@@ -98,11 +98,10 @@ SandboxFlags DocumentInit::getSandboxFlags() const
FrameLoader* loader = &frameForSecurityContext()->loader();
SandboxFlags flags = loader->effectiveSandboxFlags();
- // If the load was blocked by X-Frame-Options or CSP, force the Document's
- // origin to be unique, so that the blocked document appears to be a normal
- // cross-origin document's load per CSP spec:
+ // If the load was blocked by CSP, force the Document's origin to be unique, so that
+ // the blocked document appears to be a normal cross-origin document's load per CSP spec:
// https://www.w3.org/TR/CSP2/#directive-frame-ancestors
- if (loader->documentLoader() && loader->documentLoader()->wasBlockedAfterXFrameOptionsOrCSP())
+ if (loader->documentLoader() && loader->documentLoader()->wasBlockedAfterCSP())
flags |= SandboxOrigin;
return flags;

Powered by Google App Engine
This is Rietveld 408576698