OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 1998, 1999 Torben Weis <weis@kde.org> | 2 * Copyright (C) 1998, 1999 Torben Weis <weis@kde.org> |
3 * 1999 Lars Knoll <knoll@kde.org> | 3 * 1999 Lars Knoll <knoll@kde.org> |
4 * 1999 Antti Koivisto <koivisto@kde.org> | 4 * 1999 Antti Koivisto <koivisto@kde.org> |
5 * 2000 Simon Hausmann <hausmann@kde.org> | 5 * 2000 Simon Hausmann <hausmann@kde.org> |
6 * 2000 Stefan Schimanski <1Stein@gmx.de> | 6 * 2000 Stefan Schimanski <1Stein@gmx.de> |
7 * 2001 George Staikos <staikos@kde.org> | 7 * 2001 George Staikos <staikos@kde.org> |
8 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All | 8 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All |
9 * rights reserved. | 9 * rights reserved. |
10 * Copyright (C) 2005 Alexey Proskuryakov <ap@nypop.com> | 10 * Copyright (C) 2005 Alexey Proskuryakov <ap@nypop.com> |
(...skipping 188 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
199 toLocalFrame(this)->document()); | 199 toLocalFrame(this)->document()); |
200 return false; | 200 return false; |
201 } | 201 } |
202 if (!isAllowedNavigation && !errorReason.isNull()) | 202 if (!isAllowedNavigation && !errorReason.isNull()) |
203 printNavigationErrorMessage(targetFrame, errorReason.latin1().data()); | 203 printNavigationErrorMessage(targetFrame, errorReason.latin1().data()); |
204 return isAllowedNavigation; | 204 return isAllowedNavigation; |
205 } | 205 } |
206 | 206 |
207 bool Frame::canNavigateWithoutFramebusting(const Frame& targetFrame, | 207 bool Frame::canNavigateWithoutFramebusting(const Frame& targetFrame, |
208 String& reason) { | 208 String& reason) { |
209 if (&targetFrame == this) | |
210 return true; | |
211 | |
209 if (securityContext()->isSandboxed(SandboxNavigation)) { | 212 if (securityContext()->isSandboxed(SandboxNavigation)) { |
210 // Sandboxed frames can navigate their own children. | 213 if (!targetFrame.tree().isDescendantOf(this) && |
211 if (targetFrame.tree().isDescendantOf(this)) | 214 !targetFrame.isMainFrame()) { |
Nate Chapin
2016/11/01 23:47:52
I inverted this block so that it more closely matc
| |
212 return true; | |
213 | |
214 // They can also navigate popups, if the 'allow-sandbox-escape-via-popup' | |
215 // flag is specified. | |
216 if (targetFrame == targetFrame.tree().top() && | |
217 targetFrame.tree().top() != tree().top() && | |
218 !securityContext()->isSandboxed( | |
219 SandboxPropagatesToAuxiliaryBrowsingContexts)) | |
220 return true; | |
221 | |
222 // Top navigation can be opted-in. | |
223 if (!securityContext()->isSandboxed(SandboxTopNavigation) && | |
224 targetFrame == tree().top()) | |
225 return true; | |
226 | |
227 // Otherwise, block the navigation. | |
228 if (securityContext()->isSandboxed(SandboxTopNavigation) && | |
229 targetFrame == tree().top()) | |
230 reason = | |
231 "The frame attempting navigation of the top-level window is " | |
232 "sandboxed, but the 'allow-top-navigation' flag is not set."; | |
233 else | |
234 reason = | 215 reason = |
235 "The frame attempting navigation is sandboxed, and is therefore " | 216 "The frame attempting navigation is sandboxed, and is therefore " |
236 "disallowed from navigating its ancestors."; | 217 "disallowed from navigating its ancestors."; |
237 return false; | 218 return false; |
219 } | |
220 | |
221 // Sandboxed frames can also navigate popups, if the | |
222 // 'allow-sandbox-escape-via-popup' flag is specified, or if | |
223 // 'allow-popups' flag is specified, or if the | |
224 if (targetFrame.isMainFrame() && targetFrame != tree().top() && | |
225 securityContext()->isSandboxed( | |
226 SandboxPropagatesToAuxiliaryBrowsingContexts) && | |
227 (securityContext()->isSandboxed(SandboxPopups) || | |
228 targetFrame.client()->opener() != this)) { | |
229 reason = | |
230 "The frame attempting navigation is sandboxed and is trying " | |
231 "to navigate a popup, but is not the popup's opener and is not " | |
232 "set to propagate sandboxing to popups."; | |
233 return false; | |
234 } | |
235 | |
236 // Top navigation is forbidden unless opted-in. allow-top-navigation | |
237 // will also skips origin checks. | |
238 if (targetFrame == tree().top()) { | |
239 if (securityContext()->isSandboxed(SandboxTopNavigation)) { | |
240 reason = | |
241 "The frame attempting navigation of the top-level window is " | |
242 "sandboxed, but the 'allow-top-navigation' flag is not set."; | |
243 return false; | |
244 } | |
245 return true; | |
Nate Chapin
2016/11/01 23:47:52
We seem to depend on skipping origin checks for al
| |
246 } | |
238 } | 247 } |
239 | 248 |
240 ASSERT(securityContext()->getSecurityOrigin()); | 249 ASSERT(securityContext()->getSecurityOrigin()); |
241 SecurityOrigin& origin = *securityContext()->getSecurityOrigin(); | 250 SecurityOrigin& origin = *securityContext()->getSecurityOrigin(); |
242 | 251 |
243 // This is the normal case. A document can navigate its decendant frames, | 252 // This is the normal case. A document can navigate its decendant frames, |
244 // or, more generally, a document can navigate a frame if the document is | 253 // or, more generally, a document can navigate a frame if the document is |
245 // in the same origin as any of that frame's ancestors (in the frame | 254 // in the same origin as any of that frame's ancestors (in the frame |
246 // hierarchy). | 255 // hierarchy). |
247 // | 256 // |
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
332 | 341 |
333 ASSERT(page()); | 342 ASSERT(page()); |
334 | 343 |
335 if (m_owner) | 344 if (m_owner) |
336 m_owner->setContentFrame(*this); | 345 m_owner->setContentFrame(*this); |
337 else | 346 else |
338 page()->setMainFrame(this); | 347 page()->setMainFrame(this); |
339 } | 348 } |
340 | 349 |
341 } // namespace blink | 350 } // namespace blink |
OLD | NEW |