| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2009 Google Inc. All rights reserved. | 2 * Copyright (C) 2009 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 93 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 104 } | 104 } |
| 105 | 105 |
| 106 void V8WrapperInstantiationScope::securityCheck( | 106 void V8WrapperInstantiationScope::securityCheck( |
| 107 v8::Isolate* isolate, | 107 v8::Isolate* isolate, |
| 108 v8::Local<v8::Context> contextForWrapper) { | 108 v8::Local<v8::Context> contextForWrapper) { |
| 109 if (m_context.IsEmpty()) | 109 if (m_context.IsEmpty()) |
| 110 return; | 110 return; |
| 111 // If the context is different, we need to make sure that the current | 111 // If the context is different, we need to make sure that the current |
| 112 // context has access to the creation context. | 112 // context has access to the creation context. |
| 113 Frame* frame = toFrameIfNotDetached(contextForWrapper); | 113 Frame* frame = toFrameIfNotDetached(contextForWrapper); |
| 114 if (!frame) { | 114 if (!frame) |
| 115 // Sandbox detached frames - they can't create cross origin objects. | 115 return; |
| 116 LocalDOMWindow* callingWindow = currentDOMWindow(isolate); | |
| 117 DOMWindow* targetWindow = toDOMWindow(contextForWrapper); | |
| 118 // TODO(jochen): Currently, Location is the only object for which we can | |
| 119 // reach this code path. Should be generalized. | |
| 120 ExceptionState exceptionState(ExceptionState::ConstructionContext, | |
| 121 "Location", contextForWrapper->Global(), | |
| 122 isolate); | |
| 123 if (BindingSecurity::shouldAllowAccessToDetachedWindow( | |
| 124 callingWindow, targetWindow, exceptionState)) | |
| 125 return; | |
| 126 | 116 |
| 127 CHECK_EQ(SecurityError, exceptionState.code()); | |
| 128 return; | |
| 129 } | |
| 130 const DOMWrapperWorld& currentWorld = DOMWrapperWorld::world(m_context); | 117 const DOMWrapperWorld& currentWorld = DOMWrapperWorld::world(m_context); |
| 131 RELEASE_ASSERT(currentWorld.worldId() == | 118 RELEASE_ASSERT(currentWorld.worldId() == |
| 132 DOMWrapperWorld::world(contextForWrapper).worldId()); | 119 DOMWrapperWorld::world(contextForWrapper).worldId()); |
| 133 // TODO(jochen): Add the interface name here once this is generalized. | 120 // TODO(jochen): Add the interface name here once this is generalized. |
| 134 ExceptionState exceptionState(ExceptionState::ConstructionContext, nullptr, | 121 ExceptionState exceptionState(ExceptionState::ConstructionContext, nullptr, |
| 135 contextForWrapper->Global(), isolate); | 122 contextForWrapper->Global(), isolate); |
| 136 if (currentWorld.isMainWorld() && | 123 if (currentWorld.isMainWorld() && |
| 137 !BindingSecurity::shouldAllowAccessToFrame(currentDOMWindow(isolate), | 124 !BindingSecurity::shouldAllowAccessToFrame(currentDOMWindow(isolate), |
| 138 frame, exceptionState)) { | 125 frame, exceptionState)) { |
| 139 CHECK_EQ(SecurityError, exceptionState.code()); | 126 CHECK_EQ(SecurityError, exceptionState.code()); |
| 140 return; | 127 return; |
| 141 } | 128 } |
| 142 } | 129 } |
| 143 | 130 |
| 144 void V8WrapperInstantiationScope::convertException() { | 131 void V8WrapperInstantiationScope::convertException() { |
| 145 v8::Isolate* isolate = m_context->GetIsolate(); | 132 v8::Isolate* isolate = m_context->GetIsolate(); |
| 146 // TODO(jochen): Currently, Location is the only object for which we can reach | 133 // TODO(jochen): Currently, Location is the only object for which we can reach |
| 147 // this code path. Should be generalized. | 134 // this code path. Should be generalized. |
| 148 ExceptionState exceptionState(ExceptionState::ConstructionContext, "Location", | 135 ExceptionState exceptionState(ExceptionState::ConstructionContext, "Location", |
| 149 isolate->GetCurrentContext()->Global(), | 136 isolate->GetCurrentContext()->Global(), |
| 150 isolate); | 137 isolate); |
| 151 LocalDOMWindow* callingWindow = currentDOMWindow(isolate); | 138 LocalDOMWindow* callingWindow = currentDOMWindow(isolate); |
| 152 DOMWindow* targetWindow = toDOMWindow(m_context); | 139 DOMWindow* targetWindow = toDOMWindow(m_context); |
| 153 exceptionState.throwSecurityError( | 140 exceptionState.throwSecurityError( |
| 154 targetWindow->sanitizedCrossDomainAccessErrorMessage(callingWindow), | 141 targetWindow->sanitizedCrossDomainAccessErrorMessage(callingWindow), |
| 155 targetWindow->crossDomainAccessErrorMessage(callingWindow)); | 142 targetWindow->crossDomainAccessErrorMessage(callingWindow)); |
| 156 } | 143 } |
| 157 | 144 |
| 158 } // namespace blink | 145 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2393133005:
Call LocalDOMWindow::clearDocument when a frame gets detached
