Chromium Code Reviews| Index: third_party/WebKit/Source/core/html/HTMLAnchorElement.cpp |
| diff --git a/third_party/WebKit/Source/core/html/HTMLAnchorElement.cpp b/third_party/WebKit/Source/core/html/HTMLAnchorElement.cpp |
| index 4957d232290e4a3d99b25b6b4aa05b95c88cff23..f0a6dff4727e9eea8591106658e60b023d72b63f 100644 |
| --- a/third_party/WebKit/Source/core/html/HTMLAnchorElement.cpp |
| +++ b/third_party/WebKit/Source/core/html/HTMLAnchorElement.cpp |
| @@ -426,11 +426,15 @@ void HTMLAnchorElement::handleClick(Event* event) |
| } |
| if (hasAttribute(downloadAttr)) { |
| - request.setRequestContext(WebURLRequest::RequestContextDownload); |
| - bool isSameOrigin = completedURL.protocolIsData() || document().getSecurityOrigin()->canRequest(completedURL); |
| - const AtomicString& suggestedName = (isSameOrigin ? fastGetAttribute(downloadAttr) : nullAtom); |
| - |
| - frame->loader().client()->loadURLExternally(request, NavigationPolicyDownload, suggestedName, false); |
| + if (event->isTrusted()) { |
| + request.setRequestContext(WebURLRequest::RequestContextDownload); |
| + bool isSameOrigin = completedURL.protocolIsData() || document().getSecurityOrigin()->canRequest(completedURL); |
| + const AtomicString& suggestedName = (isSameOrigin ? fastGetAttribute(downloadAttr) : nullAtom); |
| + |
| + frame->loader().client()->loadURLExternally(request, NavigationPolicyDownload, suggestedName, false); |
| + } else { |
| + // TODO: Throw an "InvalidAccessError" DOMException. |
|
Rick Byers
2016/09/28 22:31:56
I'm OK leaving this as follow-up work (it's probab
|
| + } |
| } else { |
| request.setRequestContext(WebURLRequest::RequestContextHyperlink); |
| FrameLoadRequest frameRequest(&document(), request, getAttribute(targetAttr)); |