| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 1998, 1999 Torben Weis <weis@kde.org> | 2 * Copyright (C) 1998, 1999 Torben Weis <weis@kde.org> |
| 3 * 1999 Lars Knoll <knoll@kde.org> | 3 * 1999 Lars Knoll <knoll@kde.org> |
| 4 * 1999 Antti Koivisto <koivisto@kde.org> | 4 * 1999 Antti Koivisto <koivisto@kde.org> |
| 5 * 2000 Simon Hausmann <hausmann@kde.org> | 5 * 2000 Simon Hausmann <hausmann@kde.org> |
| 6 * 2000 Stefan Schimanski <1Stein@gmx.de> | 6 * 2000 Stefan Schimanski <1Stein@gmx.de> |
| 7 * 2001 George Staikos <staikos@kde.org> | 7 * 2001 George Staikos <staikos@kde.org> |
| 8 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All | 8 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All |
| 9 * rights reserved. | 9 * rights reserved. |
| 10 * Copyright (C) 2005 Alexey Proskuryakov <ap@nypop.com> | 10 * Copyright (C) 2005 Alexey Proskuryakov <ap@nypop.com> |
| (...skipping 189 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 200 toLocalFrame(this)->document()); | 200 toLocalFrame(this)->document()); |
| 201 return false; | 201 return false; |
| 202 } | 202 } |
| 203 if (!isAllowedNavigation && !errorReason.isNull()) | 203 if (!isAllowedNavigation && !errorReason.isNull()) |
| 204 printNavigationErrorMessage(targetFrame, errorReason.latin1().data()); | 204 printNavigationErrorMessage(targetFrame, errorReason.latin1().data()); |
| 205 return isAllowedNavigation; | 205 return isAllowedNavigation; |
| 206 } | 206 } |
| 207 | 207 |
| 208 bool Frame::canNavigateWithoutFramebusting(const Frame& targetFrame, | 208 bool Frame::canNavigateWithoutFramebusting(const Frame& targetFrame, |
| 209 String& reason) { | 209 String& reason) { |
| 210 if (&targetFrame == this) |
| 211 return true; |
| 212 |
| 210 if (securityContext()->isSandboxed(SandboxNavigation)) { | 213 if (securityContext()->isSandboxed(SandboxNavigation)) { |
| 211 // Sandboxed frames can navigate their own children. | 214 if (!targetFrame.tree().isDescendantOf(this) && |
| 212 if (targetFrame.tree().isDescendantOf(this)) | 215 !targetFrame.isMainFrame()) { |
| 213 return true; | |
| 214 | |
| 215 // They can also navigate popups, if the 'allow-sandbox-escape-via-popup' | |
| 216 // flag is specified. | |
| 217 if (targetFrame == targetFrame.tree().top() && | |
| 218 targetFrame.tree().top() != tree().top() && | |
| 219 !securityContext()->isSandboxed( | |
| 220 SandboxPropagatesToAuxiliaryBrowsingContexts)) | |
| 221 return true; | |
| 222 | |
| 223 // Top navigation can be opted-in. | |
| 224 if (!securityContext()->isSandboxed(SandboxTopNavigation) && | |
| 225 targetFrame == tree().top()) | |
| 226 return true; | |
| 227 | |
| 228 // Otherwise, block the navigation. | |
| 229 if (securityContext()->isSandboxed(SandboxTopNavigation) && | |
| 230 targetFrame == tree().top()) | |
| 231 reason = | |
| 232 "The frame attempting navigation of the top-level window is " | |
| 233 "sandboxed, but the 'allow-top-navigation' flag is not set."; | |
| 234 else | |
| 235 reason = | 216 reason = |
| 236 "The frame attempting navigation is sandboxed, and is therefore " | 217 "The frame attempting navigation is sandboxed, and is therefore " |
| 237 "disallowed from navigating its ancestors."; | 218 "disallowed from navigating its ancestors."; |
| 238 return false; | 219 return false; |
| 220 } |
| 221 |
| 222 // Sandboxed frames can also navigate popups, if the |
| 223 // 'allow-sandbox-escape-via-popup' flag is specified, or if |
| 224 // 'allow-popups' flag is specified, or if the |
| 225 if (targetFrame.isMainFrame() && targetFrame != tree().top() && |
| 226 securityContext()->isSandboxed( |
| 227 SandboxPropagatesToAuxiliaryBrowsingContexts) && |
| 228 (securityContext()->isSandboxed(SandboxPopups) || |
| 229 targetFrame.client()->opener() != this)) { |
| 230 reason = |
| 231 "The frame attempting navigation is sandboxed and is trying " |
| 232 "to navigate a popup, but is not the popup's opener and is not " |
| 233 "set to propagate sandboxing to popups."; |
| 234 return false; |
| 235 } |
| 236 |
| 237 // Top navigation is forbidden unless opted-in. allow-top-navigation |
| 238 // will also skips origin checks. |
| 239 if (targetFrame == tree().top()) { |
| 240 if (securityContext()->isSandboxed(SandboxTopNavigation)) { |
| 241 reason = |
| 242 "The frame attempting navigation of the top-level window is " |
| 243 "sandboxed, but the 'allow-top-navigation' flag is not set."; |
| 244 return false; |
| 245 } |
| 246 return true; |
| 247 } |
| 239 } | 248 } |
| 240 | 249 |
| 241 ASSERT(securityContext()->getSecurityOrigin()); | 250 ASSERT(securityContext()->getSecurityOrigin()); |
| 242 SecurityOrigin& origin = *securityContext()->getSecurityOrigin(); | 251 SecurityOrigin& origin = *securityContext()->getSecurityOrigin(); |
| 243 | 252 |
| 244 // This is the normal case. A document can navigate its decendant frames, | 253 // This is the normal case. A document can navigate its decendant frames, |
| 245 // or, more generally, a document can navigate a frame if the document is | 254 // or, more generally, a document can navigate a frame if the document is |
| 246 // in the same origin as any of that frame's ancestors (in the frame | 255 // in the same origin as any of that frame's ancestors (in the frame |
| 247 // hierarchy). | 256 // hierarchy). |
| 248 // | 257 // |
| (...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 333 | 342 |
| 334 ASSERT(page()); | 343 ASSERT(page()); |
| 335 | 344 |
| 336 if (m_owner) | 345 if (m_owner) |
| 337 m_owner->setContentFrame(*this); | 346 m_owner->setContentFrame(*this); |
| 338 else | 347 else |
| 339 page()->setMainFrame(this); | 348 page()->setMainFrame(this); |
| 340 } | 349 } |
| 341 | 350 |
| 342 } // namespace blink | 351 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2399713002:
window.close() should work from a sandboxed iframe if iframe is opener (Closed)
