OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) | 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) |
6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2012 Apple Inc. All | 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2012 Apple Inc. All |
7 * rights reserved. | 7 * rights reserved. |
8 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. | 8 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. |
9 * (http://www.torchmobile.com/) | 9 * (http://www.torchmobile.com/) |
10 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) | 10 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) |
(...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
89 if (m_importsController) | 89 if (m_importsController) |
90 return m_importsController->master()->frame(); | 90 return m_importsController->master()->frame(); |
91 return 0; | 91 return 0; |
92 } | 92 } |
93 | 93 |
94 SandboxFlags DocumentInit::getSandboxFlags() const { | 94 SandboxFlags DocumentInit::getSandboxFlags() const { |
95 DCHECK(frameForSecurityContext()); | 95 DCHECK(frameForSecurityContext()); |
96 FrameLoader* loader = &frameForSecurityContext()->loader(); | 96 FrameLoader* loader = &frameForSecurityContext()->loader(); |
97 SandboxFlags flags = loader->effectiveSandboxFlags(); | 97 SandboxFlags flags = loader->effectiveSandboxFlags(); |
98 | 98 |
99 // If the load was blocked by X-Frame-Options or CSP, force the Document's | 99 // If the load was blocked by CSP, force the Document's origin to be unique, |
100 // origin to be unique, so that the blocked document appears to be a normal | 100 // so that the blocked document appears to be a normal cross-origin document's |
101 // cross-origin document's load per CSP spec: | 101 // load per CSP spec: https://www.w3.org/TR/CSP3/#directive-frame-ancestors. |
102 // https://www.w3.org/TR/CSP2/#directive-frame-ancestors | |
103 if (loader->documentLoader() && | 102 if (loader->documentLoader() && |
104 loader->documentLoader()->wasBlockedAfterXFrameOptionsOrCSP()) | 103 loader->documentLoader()->wasBlockedAfterCSP()) { |
105 flags |= SandboxOrigin; | 104 flags |= SandboxOrigin; |
| 105 } |
106 | 106 |
107 return flags; | 107 return flags; |
108 } | 108 } |
109 | 109 |
110 WebInsecureRequestPolicy DocumentInit::getInsecureRequestPolicy() const { | 110 WebInsecureRequestPolicy DocumentInit::getInsecureRequestPolicy() const { |
111 DCHECK(frameForSecurityContext()); | 111 DCHECK(frameForSecurityContext()); |
112 return frameForSecurityContext()->loader().getInsecureRequestPolicy(); | 112 return frameForSecurityContext()->loader().getInsecureRequestPolicy(); |
113 } | 113 } |
114 | 114 |
115 SecurityContext::InsecureNavigationsSet* | 115 SecurityContext::InsecureNavigationsSet* |
(...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
170 Document* DocumentInit::contextDocument() const { | 170 Document* DocumentInit::contextDocument() const { |
171 return m_contextDocument; | 171 return m_contextDocument; |
172 } | 172 } |
173 | 173 |
174 DocumentInit DocumentInit::fromContext(Document* contextDocument, | 174 DocumentInit DocumentInit::fromContext(Document* contextDocument, |
175 const KURL& url) { | 175 const KURL& url) { |
176 return DocumentInit(url, 0, contextDocument, 0); | 176 return DocumentInit(url, 0, contextDocument, 0); |
177 } | 177 } |
178 | 178 |
179 } // namespace blink | 179 } // namespace blink |
OLD | NEW |