OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "modules/beacon/NavigatorBeacon.h" | 5 #include "modules/beacon/NavigatorBeacon.h" |
6 | 6 |
7 #include "bindings/core/v8/ExceptionState.h" | 7 #include "bindings/core/v8/ExceptionState.h" |
8 #include "bindings/core/v8/ScriptState.h" | 8 #include "bindings/core/v8/ScriptState.h" |
9 #include "bindings/modules/v8/ArrayBufferViewOrBlobOrStringOrFormData.h" | 9 #include "bindings/modules/v8/ArrayBufferViewOrBlobOrStringOrFormData.h" |
10 #include "core/dom/DOMArrayBufferView.h" | 10 #include "core/dom/DOMArrayBufferView.h" |
11 #include "core/dom/ExceptionCode.h" | 11 #include "core/dom/ExceptionCode.h" |
12 #include "core/dom/ExecutionContext.h" | 12 #include "core/dom/ExecutionContext.h" |
13 #include "core/fileapi/Blob.h" | 13 #include "core/fileapi/Blob.h" |
14 #include "core/frame/LocalFrame.h" | 14 #include "core/frame/LocalFrame.h" |
15 #include "core/frame/Settings.h" | 15 #include "core/frame/Settings.h" |
16 #include "core/frame/UseCounter.h" | 16 #include "core/frame/UseCounter.h" |
17 #include "core/frame/csp/ContentSecurityPolicy.h" | |
18 #include "core/html/FormData.h" | 17 #include "core/html/FormData.h" |
19 #include "core/loader/PingLoader.h" | 18 #include "core/loader/PingLoader.h" |
20 #include "platform/loader/fetch/FetchUtils.h" | 19 #include "platform/loader/fetch/FetchUtils.h" |
21 | 20 |
22 namespace blink { | 21 namespace blink { |
23 | 22 |
24 NavigatorBeacon::NavigatorBeacon(Navigator& navigator) | 23 NavigatorBeacon::NavigatorBeacon(Navigator& navigator) |
25 : Supplement<Navigator>(navigator), m_transmittedBytes(0) {} | 24 : Supplement<Navigator>(navigator), m_transmittedBytes(0) {} |
26 | 25 |
27 NavigatorBeacon::~NavigatorBeacon() {} | 26 NavigatorBeacon::~NavigatorBeacon() {} |
(...skipping 23 matching lines...) Expand all Loading... |
51 exceptionState.throwDOMException( | 50 exceptionState.throwDOMException( |
52 SyntaxError, "The URL argument is ill-formed or unsupported."); | 51 SyntaxError, "The URL argument is ill-formed or unsupported."); |
53 return false; | 52 return false; |
54 } | 53 } |
55 // For now, only support HTTP and related. | 54 // For now, only support HTTP and related. |
56 if (!url.protocolIsInHTTPFamily()) { | 55 if (!url.protocolIsInHTTPFamily()) { |
57 exceptionState.throwDOMException( | 56 exceptionState.throwDOMException( |
58 SyntaxError, "Beacons are only supported over HTTP(S)."); | 57 SyntaxError, "Beacons are only supported over HTTP(S)."); |
59 return false; | 58 return false; |
60 } | 59 } |
61 // FIXME: CSP is not enforced on redirects, crbug.com/372197 | |
62 if (!ContentSecurityPolicy::shouldBypassMainWorld(context) && | |
63 !context->contentSecurityPolicy()->allowConnectToSource(url)) { | |
64 // We can safely expose the URL to JavaScript, as these checks happen | |
65 // synchronously before redirection. JavaScript receives no new information. | |
66 exceptionState.throwSecurityError( | |
67 "Refused to send beacon to '" + url.elidedString() + | |
68 "' because it violates the document's Content Security Policy."); | |
69 return false; | |
70 } | |
71 | 60 |
72 // If detached from frame, do not allow sending a Beacon. | 61 // If detached from frame, do not allow sending a Beacon. |
73 if (!supplementable()->frame()) | 62 if (!supplementable()->frame()) |
74 return false; | 63 return false; |
75 | 64 |
76 return true; | 65 return true; |
77 } | 66 } |
78 | 67 |
79 int NavigatorBeacon::maxAllowance() const { | 68 int NavigatorBeacon::maxAllowance() const { |
80 DCHECK(supplementable()->frame()); | 69 DCHECK(supplementable()->frame()); |
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
150 if (allowed) { | 139 if (allowed) { |
151 addTransmittedBytes(bytes); | 140 addTransmittedBytes(bytes); |
152 return true; | 141 return true; |
153 } | 142 } |
154 | 143 |
155 UseCounter::count(context, UseCounter::SendBeaconQuotaExceeded); | 144 UseCounter::count(context, UseCounter::SendBeaconQuotaExceeded); |
156 return false; | 145 return false; |
157 } | 146 } |
158 | 147 |
159 } // namespace blink | 148 } // namespace blink |
OLD | NEW |