| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2008, 2009 Google Inc. All rights reserved. | 2 * Copyright (C) 2008, 2009 Google Inc. All rights reserved. |
| 3 * Copyright (C) 2009 Apple Inc. All rights reserved. | 3 * Copyright (C) 2009 Apple Inc. All rights reserved. |
| 4 * Copyright (C) 2014 Opera Software ASA. All rights reserved. | 4 * Copyright (C) 2014 Opera Software ASA. All rights reserved. |
| 5 * | 5 * |
| 6 * Redistribution and use in source and binary forms, with or without | 6 * Redistribution and use in source and binary forms, with or without |
| 7 * modification, are permitted provided that the following conditions are | 7 * modification, are permitted provided that the following conditions are |
| 8 * met: | 8 * met: |
| 9 * | 9 * |
| 10 * * Redistributions of source code must retain the above copyright | 10 * * Redistributions of source code must retain the above copyright |
| (...skipping 14 matching lines...) Expand all Loading... |
| 25 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | 25 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| 26 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | 26 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 27 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | 27 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 28 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | 28 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 29 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | 29 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 30 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 30 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 31 */ | 31 */ |
| 32 | 32 |
| 33 #include "bindings/core/v8/ScriptController.h" | 33 #include "bindings/core/v8/ScriptController.h" |
| 34 | 34 |
| 35 #include "bindings/core/v8/BindingSecurity.h" | |
| 36 #include "bindings/core/v8/ScriptSourceCode.h" | 35 #include "bindings/core/v8/ScriptSourceCode.h" |
| 37 #include "bindings/core/v8/ScriptValue.h" | 36 #include "bindings/core/v8/ScriptValue.h" |
| 38 #include "bindings/core/v8/V8Binding.h" | 37 #include "bindings/core/v8/V8Binding.h" |
| 39 #include "bindings/core/v8/V8Event.h" | 38 #include "bindings/core/v8/V8Event.h" |
| 40 #include "bindings/core/v8/V8GCController.h" | 39 #include "bindings/core/v8/V8GCController.h" |
| 41 #include "bindings/core/v8/V8HTMLElement.h" | 40 #include "bindings/core/v8/V8HTMLElement.h" |
| 42 #include "bindings/core/v8/V8PerContextData.h" | 41 #include "bindings/core/v8/V8PerContextData.h" |
| 43 #include "bindings/core/v8/V8ScriptRunner.h" | 42 #include "bindings/core/v8/V8ScriptRunner.h" |
| 44 #include "bindings/core/v8/V8Window.h" | 43 #include "bindings/core/v8/V8Window.h" |
| 45 #include "bindings/core/v8/WindowProxy.h" | 44 #include "bindings/core/v8/WindowProxy.h" |
| (...skipping 25 matching lines...) Expand all Loading... |
| 71 #include "public/platform/Platform.h" | 70 #include "public/platform/Platform.h" |
| 72 #include "wtf/CurrentTime.h" | 71 #include "wtf/CurrentTime.h" |
| 73 #include "wtf/StdLibExtras.h" | 72 #include "wtf/StdLibExtras.h" |
| 74 #include "wtf/StringExtras.h" | 73 #include "wtf/StringExtras.h" |
| 75 #include "wtf/text/CString.h" | 74 #include "wtf/text/CString.h" |
| 76 #include "wtf/text/StringBuilder.h" | 75 #include "wtf/text/StringBuilder.h" |
| 77 #include "wtf/text/TextPosition.h" | 76 #include "wtf/text/TextPosition.h" |
| 78 | 77 |
| 79 namespace blink { | 78 namespace blink { |
| 80 | 79 |
| 81 bool ScriptController::canAccessFromCurrentOrigin(v8::Isolate* isolate, | |
| 82 Frame* frame) { | |
| 83 if (!frame) | |
| 84 return false; | |
| 85 return !isolate->InContext() || | |
| 86 BindingSecurity::shouldAllowAccessToFrame( | |
| 87 currentDOMWindow(isolate), frame, | |
| 88 BindingSecurity::ErrorReportOption::Report); | |
| 89 } | |
| 90 | |
| 91 ScriptController::ScriptController(LocalFrame* frame) | 80 ScriptController::ScriptController(LocalFrame* frame) |
| 92 : m_windowProxyManager(WindowProxyManager::create(*frame)) {} | 81 : m_windowProxyManager(WindowProxyManager::create(*frame)) {} |
| 93 | 82 |
| 94 DEFINE_TRACE(ScriptController) { | 83 DEFINE_TRACE(ScriptController) { |
| 95 visitor->trace(m_windowProxyManager); | 84 visitor->trace(m_windowProxyManager); |
| 96 } | 85 } |
| 97 | 86 |
| 98 void ScriptController::clearForClose() { | 87 void ScriptController::clearForClose() { |
| 99 m_windowProxyManager->clearForClose(); | 88 m_windowProxyManager->clearForClose(); |
| 100 MainThreadDebugger::instance()->didClearContextsForFrame(frame()); | 89 MainThreadDebugger::instance()->didClearContextsForFrame(frame()); |
| (...skipping 366 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 467 for (size_t i = 0; i < resultArray->Length(); ++i) { | 456 for (size_t i = 0; i < resultArray->Length(); ++i) { |
| 468 v8::Local<v8::Value> value; | 457 v8::Local<v8::Value> value; |
| 469 if (!resultArray->Get(scriptState->context(), i).ToLocal(&value)) | 458 if (!resultArray->Get(scriptState->context(), i).ToLocal(&value)) |
| 470 return; | 459 return; |
| 471 results->append(value); | 460 results->append(value); |
| 472 } | 461 } |
| 473 } | 462 } |
| 474 } | 463 } |
| 475 | 464 |
| 476 } // namespace blink | 465 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2502783004:
Don't skip security checks for javascript: URLs when the JS stack is empty. (Closed)
