third_party/WebKit/Source/core/loader/FrameLoader.cpp - Issue 2421473004: CSP: Fire 'SecurityPolicyViolation' on the offending element.

Side by Side Diff: third_party/WebKit/Source/core/loader/FrameLoader.cpp

Issue 2421473004: CSP: Fire 'SecurityPolicyViolation' on the offending element. (Closed)

Patch Set: Test. Created 4 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

« no previous file with comments | « third_party/WebKit/Source/core/html/HTMLMetaElement.cpp ('k') | third_party/WebKit/Source/core/loader/HttpEquiv.h » ('j') | no next file with comments »

OLD	NEW
1 /*	1 /*

2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights	2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights

3 * reserved.	3 * reserved.

4 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies)	4 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies)

5 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved.	5 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved.

6 * (http://www.torchmobile.com/)	6 * (http://www.torchmobile.com/)

7 * Copyright (C) 2008 Alp Toker <alp@atoker.com>	7 * Copyright (C) 2008 Alp Toker <alp@atoker.com>

8 * Copyright (C) Research In Motion Limited 2009. All rights reserved.	8 * Copyright (C) Research In Motion Limited 2009. All rights reserved.

9 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com>	9 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com>

10 * Copyright (C) 2011 Google Inc. All rights reserved.	10 * Copyright (C) 2011 Google Inc. All rights reserved.

(...skipping 933 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
944 return FrameLoadTypeStandard;	944 return FrameLoadTypeStandard;

945 }	945 }

946	946

947 bool FrameLoader::prepareRequestForThisFrame(FrameLoadRequest& request) {	947 bool FrameLoader::prepareRequestForThisFrame(FrameLoadRequest& request) {

948 // If no origin Document* was specified, skip remaining security checks and	948 // If no origin Document* was specified, skip remaining security checks and

949 // assume the caller has fully initialized the FrameLoadRequest.	949 // assume the caller has fully initialized the FrameLoadRequest.

950 if (!request.originDocument())	950 if (!request.originDocument())

951 return true;	951 return true;

952	952

953 KURL url = request.resourceRequest().url();	953 KURL url = request.resourceRequest().url();

954 if (m_frame->script().executeScriptIfJavaScriptURL(url))	954 if (m_frame->script().executeScriptIfJavaScriptURL(url, nullptr))

955 return false;	955 return false;

956	956

957 if (!request.originDocument()->getSecurityOrigin()->canDisplay(url)) {	957 if (!request.originDocument()->getSecurityOrigin()->canDisplay(url)) {

958 reportLocalLoadFailed(m_frame, url.elidedString());	958 reportLocalLoadFailed(m_frame, url.elidedString());

959 return false;	959 return false;

960 }	960 }

961	961

962 if (!request.form() && request.frameName().isEmpty())	962 if (!request.form() && request.frameName().isEmpty())

963 request.setFrameName(m_frame->document()->baseTarget());	963 request.setFrameName(m_frame->document()->baseTarget());

964 return true;	964 return true;

(...skipping 951 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1916 m_documentLoader ? m_documentLoader->url() : String());	1916 m_documentLoader ? m_documentLoader->url() : String());

1917 return tracedValue;	1917 return tracedValue;

1918 }	1918 }

1919	1919

1920 inline void FrameLoader::takeObjectSnapshot() const {	1920 inline void FrameLoader::takeObjectSnapshot() const {

1921 TRACE_EVENT_OBJECT_SNAPSHOT_WITH_ID("loading", "FrameLoader", this,	1921 TRACE_EVENT_OBJECT_SNAPSHOT_WITH_ID("loading", "FrameLoader", this,

1922 toTracedValue());	1922 toTracedValue());

1923 }	1923 }

1924	1924

1925 } // namespace blink	1925 } // namespace blink

OLD	NEW