Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(913)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/Source/modules/payments/PaymentRequest.cpp

Issue 2394473002: iframes with allowpaymentrequest attribute are allowed to make payment requests. (Closed)
Patch Set: Rebaselined tests Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« third_party/WebKit/Source/modules/payments/HTMLIFrameElementPayments.idl ('K') | « third_party/WebKit/Source/modules/payments/HTMLIFrameElementPayments.idl ('k') | third_party/WebKit/Source/modules/payments/PaymentRequestUpdateEventInit.idl » ('j') | third_party/WebKit/Source/modules/payments/PaymentRequestUpdateEventInit.idl » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/Source/modules/payments/PaymentRequest.cpp
diff --git a/third_party/WebKit/Source/modules/payments/PaymentRequest.cpp b/third_party/WebKit/Source/modules/payments/PaymentRequest.cpp
index ec17e2590d68417016122e1c7c43ab543c12cda2..0699a536e87c84a39b23acf1a35c9ad7c536c88d 100644
--- a/third_party/WebKit/Source/modules/payments/PaymentRequest.cpp
+++ b/third_party/WebKit/Source/modules/payments/PaymentRequest.cpp
@@ -14,6 +14,7 @@
#include "core/dom/ExceptionCode.h"
#include "core/events/Event.h"
#include "core/events/EventQueue.h"
+#include "core/frame/FrameOwner.h"
#include "modules/EventTargetModulesNames.h"
#include "modules/payments/PaymentAddress.h"
#include "modules/payments/PaymentItem.h"
@@ -409,6 +410,30 @@ String getValidShippingType(const String& shippingType) {
return validValues[0];
}
+bool allowedToUsePaymentRequest(const Frame* frame) {
+ // To determine whether a Document object |document| is allowed to use the
+ // feature indicated by attribute name |allowpaymentrequest|, run these steps:
+
+ // 1. If |document| has no browsing context, then return false.
+ if (!frame)
+ return false;
+
+ // 2. If |document|'s browsing context is a top-level browsing context, then
+ // return true.
+ if (frame->isMainFrame())
+ return true;
+
+ // 3. If |document|'s browsing context has a browsing context container that
+ // is an iframe element with an |allowpaymentrequest| attribute specified, and
+ // whose node document is allowed to use the feature indicated by
+ // |allowpaymentrequest|, then return true.
+ if (frame->owner() && frame->owner()->allowPaymentRequest())
+ return allowedToUsePaymentRequest(frame->tree().parent());
+
+ // 4. Return false.
+ return false;
+}
+
} // namespace
PaymentRequest* PaymentRequest::create(
@@ -584,10 +609,10 @@ PaymentRequest::PaymentRequest(ScriptState* scriptState,
return;
}
- if (!scriptState->domWindow()->frame() ||
- !scriptState->domWindow()->frame()->isMainFrame()) {
+ if (!allowedToUsePaymentRequest(scriptState->domWindow()->frame())) {
exceptionState.throwSecurityError(
- "Must be in a top-level browsing context");
+ "Must be in a top-level browsing context or an iframe needs to specify "
+ "'allowpaymentrequest' explicitly");
return;
}
« third_party/WebKit/Source/modules/payments/HTMLIFrameElementPayments.idl ('K') | « third_party/WebKit/Source/modules/payments/HTMLIFrameElementPayments.idl ('k') | third_party/WebKit/Source/modules/payments/PaymentRequestUpdateEventInit.idl » ('j') | third_party/WebKit/Source/modules/payments/PaymentRequestUpdateEventInit.idl » ('J')

Powered by Google App Engine
This is Rietveld 408576698