OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights | 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights |
3 * reserved. | 3 * reserved. |
4 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) | 4 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) |
5 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. | 5 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. |
6 * (http://www.torchmobile.com/) | 6 * (http://www.torchmobile.com/) |
7 * Copyright (C) 2008 Alp Toker <alp@atoker.com> | 7 * Copyright (C) 2008 Alp Toker <alp@atoker.com> |
8 * Copyright (C) Research In Motion Limited 2009. All rights reserved. | 8 * Copyright (C) Research In Motion Limited 2009. All rights reserved. |
9 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> | 9 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> |
10 * Copyright (C) 2011 Google Inc. All rights reserved. | 10 * Copyright (C) 2011 Google Inc. All rights reserved. |
(...skipping 1576 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1587 | 1587 |
1588 // If we're loading content into |m_frame| (NavigationPolicyCurrentTab), check | 1588 // If we're loading content into |m_frame| (NavigationPolicyCurrentTab), check |
1589 // against the parent's Content Security Policy and kill the load if that | 1589 // against the parent's Content Security Policy and kill the load if that |
1590 // check fails, unless we should bypass the main world's CSP. | 1590 // check fails, unless we should bypass the main world's CSP. |
1591 if (policy == NavigationPolicyCurrentTab && | 1591 if (policy == NavigationPolicyCurrentTab && |
1592 shouldCheckMainWorldContentSecurityPolicy == CheckContentSecurityPolicy) { | 1592 shouldCheckMainWorldContentSecurityPolicy == CheckContentSecurityPolicy) { |
1593 Frame* parentFrame = m_frame->tree().parent(); | 1593 Frame* parentFrame = m_frame->tree().parent(); |
1594 if (parentFrame) { | 1594 if (parentFrame) { |
1595 ContentSecurityPolicy* parentPolicy = | 1595 ContentSecurityPolicy* parentPolicy = |
1596 parentFrame->securityContext()->contentSecurityPolicy(); | 1596 parentFrame->securityContext()->contentSecurityPolicy(); |
1597 if (!parentPolicy->allowChildFrameFromSource(request.url(), | 1597 if (!parentPolicy->allowFrameFromSource(request.url(), |
1598 request.redirectStatus())) { | 1598 request.redirectStatus())) { |
1599 // Fire a load event, as timing attacks would otherwise reveal that the | 1599 // Fire a load event, as timing attacks would otherwise reveal that the |
1600 // frame was blocked. This way, it looks like every other cross-origin | 1600 // frame was blocked. This way, it looks like every other cross-origin |
1601 // page load. | 1601 // page load. |
1602 m_frame->document()->enforceSandboxFlags(SandboxOrigin); | 1602 m_frame->document()->enforceSandboxFlags(SandboxOrigin); |
1603 m_frame->owner()->dispatchLoad(); | 1603 m_frame->owner()->dispatchLoad(); |
1604 return false; | 1604 return false; |
1605 } | 1605 } |
1606 } | 1606 } |
1607 } | 1607 } |
1608 | 1608 |
(...skipping 339 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1948 m_documentLoader ? m_documentLoader->url() : String()); | 1948 m_documentLoader ? m_documentLoader->url() : String()); |
1949 return tracedValue; | 1949 return tracedValue; |
1950 } | 1950 } |
1951 | 1951 |
1952 inline void FrameLoader::takeObjectSnapshot() const { | 1952 inline void FrameLoader::takeObjectSnapshot() const { |
1953 TRACE_EVENT_OBJECT_SNAPSHOT_WITH_ID("loading", "FrameLoader", this, | 1953 TRACE_EVENT_OBJECT_SNAPSHOT_WITH_ID("loading", "FrameLoader", this, |
1954 toTracedValue()); | 1954 toTracedValue()); |
1955 } | 1955 } |
1956 | 1956 |
1957 } // namespace blink | 1957 } // namespace blink |
OLD | NEW |