Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(86)

Side by Side Diff: third_party/WebKit/Source/core/frame/LocalFrame.cpp

Issue 2528813002: Fix Self-Referencing OOPIF Infinite Loop (Closed)
Patch Set: refactor allowedToLoadFrame conditional Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 /* 1 /*
2 * Copyright (C) 1998, 1999 Torben Weis <weis@kde.org> 2 * Copyright (C) 1998, 1999 Torben Weis <weis@kde.org>
3 * 1999 Lars Knoll <knoll@kde.org> 3 * 1999 Lars Knoll <knoll@kde.org>
4 * 1999 Antti Koivisto <koivisto@kde.org> 4 * 1999 Antti Koivisto <koivisto@kde.org>
5 * 2000 Simon Hausmann <hausmann@kde.org> 5 * 2000 Simon Hausmann <hausmann@kde.org>
6 * 2000 Stefan Schimanski <1Stein@gmx.de> 6 * 2000 Stefan Schimanski <1Stein@gmx.de>
7 * 2001 George Staikos <staikos@kde.org> 7 * 2001 George Staikos <staikos@kde.org>
8 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All 8 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All
9 * rights reserved. 9 * rights reserved.
10 * Copyright (C) 2005 Alexey Proskuryakov <ap@nypop.com> 10 * Copyright (C) 2005 Alexey Proskuryakov <ap@nypop.com>
(...skipping 787 matching lines...) Expand 10 before | Expand all | Expand 10 after
798 const EphemeralRange nextCharacterRange = makeRange(position, next); 798 const EphemeralRange nextCharacterRange = makeRange(position, next);
799 if (nextCharacterRange.isNotNull()) { 799 if (nextCharacterRange.isNotNull()) {
800 IntRect rect = editor().firstRectForRange(nextCharacterRange); 800 IntRect rect = editor().firstRectForRange(nextCharacterRange);
801 if (rect.contains(framePoint)) 801 if (rect.contains(framePoint))
802 return EphemeralRange(nextCharacterRange); 802 return EphemeralRange(nextCharacterRange);
803 } 803 }
804 804
805 return EphemeralRange(); 805 return EphemeralRange();
806 } 806 }
807 807
808 bool LocalFrame::isURLAllowed(const KURL& url) const {
809 // Exempt about: URLs from self-reference check.
810 if (url.protocolIsAbout())
811 return true;
812
813 // We allow one level of self-reference because some sites depend on that,
814 // but we don't allow more than one.
815 bool foundSelfReference = false;
816 for (const Frame* frame = this; frame; frame = frame->tree().parent()) {
817 if (!frame->isLocalFrame())
818 continue;
819 if (equalIgnoringFragmentIdentifier(toLocalFrame(frame)->document()->url(),
820 url)) {
821 if (foundSelfReference)
822 return false;
823 foundSelfReference = true;
824 }
825 }
826 return true;
827 }
828
829 bool LocalFrame::shouldReuseDefaultView(const KURL& url) const { 808 bool LocalFrame::shouldReuseDefaultView(const KURL& url) const {
830 // Secure transitions can only happen when navigating from the initial empty 809 // Secure transitions can only happen when navigating from the initial empty
831 // document. 810 // document.
832 if (!loader().stateMachine()->isDisplayingInitialEmptyDocument()) 811 if (!loader().stateMachine()->isDisplayingInitialEmptyDocument())
833 return false; 812 return false;
834 813
835 return document()->isSecureTransitionTo(url); 814 return document()->isSecureTransitionTo(url);
836 } 815 }
837 816
838 void LocalFrame::removeSpellingMarkersUnderWords(const Vector<String>& words) { 817 void LocalFrame::removeSpellingMarkersUnderWords(const Vector<String>& words) {
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after
938 if (m_frame && m_frame->client() && m_frame->client()->frameBlameContext()) 917 if (m_frame && m_frame->client() && m_frame->client()->frameBlameContext())
939 m_frame->client()->frameBlameContext()->Enter(); 918 m_frame->client()->frameBlameContext()->Enter();
940 } 919 }
941 920
942 ScopedFrameBlamer::~ScopedFrameBlamer() { 921 ScopedFrameBlamer::~ScopedFrameBlamer() {
943 if (m_frame && m_frame->client() && m_frame->client()->frameBlameContext()) 922 if (m_frame && m_frame->client() && m_frame->client()->frameBlameContext())
944 m_frame->client()->frameBlameContext()->Leave(); 923 m_frame->client()->frameBlameContext()->Leave();
945 } 924 }
946 925
947 } // namespace blink 926 } // namespace blink
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/core/frame/LocalFrame.h ('k') | third_party/WebKit/Source/core/html/HTMLFrameElementBase.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698