OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights | 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights |
3 * reserved. | 3 * reserved. |
4 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) | 4 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) |
5 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. | 5 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. |
6 * (http://www.torchmobile.com/) | 6 * (http://www.torchmobile.com/) |
7 * Copyright (C) 2008 Alp Toker <alp@atoker.com> | 7 * Copyright (C) 2008 Alp Toker <alp@atoker.com> |
8 * Copyright (C) Research In Motion Limited 2009. All rights reserved. | 8 * Copyright (C) Research In Motion Limited 2009. All rights reserved. |
9 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> | 9 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> |
10 * Copyright (C) 2011 Google Inc. All rights reserved. | 10 * Copyright (C) 2011 Google Inc. All rights reserved. |
(...skipping 1578 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1589 | 1589 |
1590 // If we're loading content into |m_frame| (NavigationPolicyCurrentTab), check | 1590 // If we're loading content into |m_frame| (NavigationPolicyCurrentTab), check |
1591 // against the parent's Content Security Policy and kill the load if that | 1591 // against the parent's Content Security Policy and kill the load if that |
1592 // check fails, unless we should bypass the main world's CSP. | 1592 // check fails, unless we should bypass the main world's CSP. |
1593 if (policy == NavigationPolicyCurrentTab && | 1593 if (policy == NavigationPolicyCurrentTab && |
1594 shouldCheckMainWorldContentSecurityPolicy == CheckContentSecurityPolicy) { | 1594 shouldCheckMainWorldContentSecurityPolicy == CheckContentSecurityPolicy) { |
1595 Frame* parentFrame = m_frame->tree().parent(); | 1595 Frame* parentFrame = m_frame->tree().parent(); |
1596 if (parentFrame) { | 1596 if (parentFrame) { |
1597 ContentSecurityPolicy* parentPolicy = | 1597 ContentSecurityPolicy* parentPolicy = |
1598 parentFrame->securityContext()->contentSecurityPolicy(); | 1598 parentFrame->securityContext()->contentSecurityPolicy(); |
1599 if (!parentPolicy->allowChildFrameFromSource(request.url(), | 1599 if (!parentPolicy->allowFrameFromSource(request.url(), |
1600 request.redirectStatus())) { | 1600 request.redirectStatus())) { |
1601 // Fire a load event, as timing attacks would otherwise reveal that the | 1601 // Fire a load event, as timing attacks would otherwise reveal that the |
1602 // frame was blocked. This way, it looks like every other cross-origin | 1602 // frame was blocked. This way, it looks like every other cross-origin |
1603 // page load. | 1603 // page load. |
1604 m_frame->document()->enforceSandboxFlags(SandboxOrigin); | 1604 m_frame->document()->enforceSandboxFlags(SandboxOrigin); |
1605 m_frame->owner()->dispatchLoad(); | 1605 m_frame->owner()->dispatchLoad(); |
1606 return false; | 1606 return false; |
1607 } | 1607 } |
1608 } | 1608 } |
1609 } | 1609 } |
1610 | 1610 |
(...skipping 339 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1950 m_documentLoader ? m_documentLoader->url() : String()); | 1950 m_documentLoader ? m_documentLoader->url() : String()); |
1951 return tracedValue; | 1951 return tracedValue; |
1952 } | 1952 } |
1953 | 1953 |
1954 inline void FrameLoader::takeObjectSnapshot() const { | 1954 inline void FrameLoader::takeObjectSnapshot() const { |
1955 TRACE_EVENT_OBJECT_SNAPSHOT_WITH_ID("loading", "FrameLoader", this, | 1955 TRACE_EVENT_OBJECT_SNAPSHOT_WITH_ID("loading", "FrameLoader", this, |
1956 toTracedValue()); | 1956 toTracedValue()); |
1957 } | 1957 } |
1958 | 1958 |
1959 } // namespace blink | 1959 } // namespace blink |
OLD | NEW |