OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
4 * (C) 2000 Simon Hausmann (hausmann@kde.org) | 4 * (C) 2000 Simon Hausmann (hausmann@kde.org) |
5 * (C) 2001 Dirk Mueller (mueller@kde.org) | 5 * (C) 2001 Dirk Mueller (mueller@kde.org) |
6 * Copyright (C) 2004, 2006, 2008, 2009 Apple Inc. All rights reserved. | 6 * Copyright (C) 2004, 2006, 2008, 2009 Apple Inc. All rights reserved. |
7 * | 7 * |
8 * This library is free software; you can redistribute it and/or | 8 * This library is free software; you can redistribute it and/or |
9 * modify it under the terms of the GNU Library General Public | 9 * modify it under the terms of the GNU Library General Public |
10 * License as published by the Free Software Foundation; either | 10 * License as published by the Free Software Foundation; either |
11 * version 2 of the License, or (at your option) any later version. | 11 * version 2 of the License, or (at your option) any later version. |
12 * | 12 * |
13 * This library is distributed in the hope that it will be useful, | 13 * This library is distributed in the hope that it will be useful, |
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of | 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
16 * Library General Public License for more details. | 16 * Library General Public License for more details. |
17 * | 17 * |
18 * You should have received a copy of the GNU Library General Public License | 18 * You should have received a copy of the GNU Library General Public License |
19 * along with this library; see the file COPYING.LIB. If not, write to | 19 * along with this library; see the file COPYING.LIB. If not, write to |
20 * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, | 20 * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, |
21 * Boston, MA 02110-1301, USA. | 21 * Boston, MA 02110-1301, USA. |
22 */ | 22 */ |
23 | 23 |
24 #include "core/html/HTMLFrameElementBase.h" | 24 #include "core/html/HTMLFrameElementBase.h" |
25 | 25 |
26 #include "bindings/core/v8/BindingSecurity.h" | |
26 #include "bindings/core/v8/ScriptController.h" | 27 #include "bindings/core/v8/ScriptController.h" |
27 #include "bindings/core/v8/ScriptEventListener.h" | 28 #include "bindings/core/v8/ScriptEventListener.h" |
28 #include "core/HTMLNames.h" | 29 #include "core/HTMLNames.h" |
29 #include "core/dom/Attribute.h" | 30 #include "core/dom/Attribute.h" |
30 #include "core/dom/Document.h" | 31 #include "core/dom/Document.h" |
31 #include "core/frame/FrameView.h" | 32 #include "core/frame/FrameView.h" |
32 #include "core/frame/LocalFrame.h" | 33 #include "core/frame/LocalFrame.h" |
33 #include "core/frame/RemoteFrame.h" | 34 #include "core/frame/RemoteFrame.h" |
34 #include "core/frame/RemoteFrameView.h" | 35 #include "core/frame/RemoteFrameView.h" |
35 #include "core/html/parser/HTMLParserIdioms.h" | 36 #include "core/html/parser/HTMLParserIdioms.h" |
(...skipping 12 matching lines...) Expand all Loading... | |
48 m_scrollingMode(ScrollbarAuto), | 49 m_scrollingMode(ScrollbarAuto), |
49 m_marginWidth(-1), | 50 m_marginWidth(-1), |
50 m_marginHeight(-1) {} | 51 m_marginHeight(-1) {} |
51 | 52 |
52 bool HTMLFrameElementBase::isURLAllowed() const { | 53 bool HTMLFrameElementBase::isURLAllowed() const { |
53 if (m_URL.isEmpty()) | 54 if (m_URL.isEmpty()) |
54 return true; | 55 return true; |
55 | 56 |
56 const KURL& completeURL = document().completeURL(m_URL); | 57 const KURL& completeURL = document().completeURL(m_URL); |
57 | 58 |
58 if (protocolIsJavaScript(completeURL)) { | 59 if (contentFrame() && protocolIsJavaScript(completeURL)) { |
haraken
2016/11/21 01:26:31
Add a comment and explain what these security chec
Mariusz Mlynski
2016/11/22 06:30:14
Done.
| |
59 if (contentFrame() && | 60 v8::Isolate* isolate = toIsolate(&document()); |
60 !ScriptController::canAccessFromCurrentOrigin(toIsolate(&document()), | 61 LocalDOMWindow* accessingWindow = isolate->InContext() |
61 contentFrame())) | 62 ? currentDOMWindow(isolate) |
63 : document().domWindow(); | |
64 if (!BindingSecurity::shouldAllowAccessToFrame( | |
65 accessingWindow, contentFrame(), | |
66 BindingSecurity::ErrorReportOption::Report)) | |
62 return false; | 67 return false; |
63 } | 68 } |
64 | 69 |
65 LocalFrame* parentFrame = document().frame(); | 70 LocalFrame* parentFrame = document().frame(); |
66 if (parentFrame) | 71 if (parentFrame) |
67 return parentFrame->isURLAllowed(completeURL); | 72 return parentFrame->isURLAllowed(completeURL); |
68 | 73 |
69 return true; | 74 return true; |
70 } | 75 } |
71 | 76 |
(...skipping 174 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
246 m_marginWidth = marginWidth; | 251 m_marginWidth = marginWidth; |
247 frameOwnerPropertiesChanged(); | 252 frameOwnerPropertiesChanged(); |
248 } | 253 } |
249 | 254 |
250 void HTMLFrameElementBase::setMarginHeight(int marginHeight) { | 255 void HTMLFrameElementBase::setMarginHeight(int marginHeight) { |
251 m_marginHeight = marginHeight; | 256 m_marginHeight = marginHeight; |
252 frameOwnerPropertiesChanged(); | 257 frameOwnerPropertiesChanged(); |
253 } | 258 } |
254 | 259 |
255 } // namespace blink | 260 } // namespace blink |
OLD | NEW |