Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(562)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/core/frame/Frame.cpp

Issue 2617313002: Add deprecation message for top navigations from sandbox w/ 'allow-top-navigation' but no gesture (Closed)
Patch Set: Add the deprecation message to fix the broken tests in LayoutTests/fast/frames/. Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/Source/core/frame/Frame.h ('k') | third_party/WebKit/Source/core/frame/LocalFrame.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 1998, 1999 Torben Weis <weis@kde.org> 2 * Copyright (C) 1998, 1999 Torben Weis <weis@kde.org>
3 * 1999 Lars Knoll <knoll@kde.org> 3 * 1999 Lars Knoll <knoll@kde.org>
4 * 1999 Antti Koivisto <koivisto@kde.org> 4 * 1999 Antti Koivisto <koivisto@kde.org>
5 * 2000 Simon Hausmann <hausmann@kde.org> 5 * 2000 Simon Hausmann <hausmann@kde.org>
6 * 2000 Stefan Schimanski <1Stein@gmx.de> 6 * 2000 Stefan Schimanski <1Stein@gmx.de>
7 * 2001 George Staikos <staikos@kde.org> 7 * 2001 George Staikos <staikos@kde.org>
8 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All 8 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All
9 * rights reserved. 9 * rights reserved.
10 * Copyright (C) 2005 Alexey Proskuryakov <ap@nypop.com> 10 * Copyright (C) 2005 Alexey Proskuryakov <ap@nypop.com>
(...skipping 174 matching lines...) Expand 10 before | Expand all | Expand 10 after
185 targetFrame == tree().top()) { 185 targetFrame == tree().top()) {
186 DEFINE_STATIC_LOCAL(EnumerationHistogram, framebustHistogram, 186 DEFINE_STATIC_LOCAL(EnumerationHistogram, framebustHistogram,
187 ("WebCore.Framebust", 4)); 187 ("WebCore.Framebust", 4));
188 const unsigned userGestureBit = 0x1; 188 const unsigned userGestureBit = 0x1;
189 const unsigned allowedBit = 0x2; 189 const unsigned allowedBit = 0x2;
190 unsigned framebustParams = 0; 190 unsigned framebustParams = 0;
191 UseCounter::count(&targetFrame, UseCounter::TopNavigationFromSubFrame); 191 UseCounter::count(&targetFrame, UseCounter::TopNavigationFromSubFrame);
192 192
193 if (hasUserGesture) 193 if (hasUserGesture)
194 framebustParams |= userGestureBit; 194 framebustParams |= userGestureBit;
195 if (isAllowedNavigation)
196 framebustParams |= allowedBit;
197 framebustHistogram.count(framebustParams);
198
195 if (sandboxed) { // Sandboxed with 'allow-top-navigation'. 199 if (sandboxed) { // Sandboxed with 'allow-top-navigation'.
196 UseCounter::count(&targetFrame, UseCounter::TopNavInSandboxWithPerm); 200 UseCounter::count(&targetFrame, UseCounter::TopNavInSandboxWithPerm);
197 if (!hasUserGesture) { 201 if (!hasUserGesture) {
198 UseCounter::count(&targetFrame, 202 UseCounter::count(&targetFrame,
199 UseCounter::TopNavInSandboxWithPermButNoGesture); 203 UseCounter::TopNavInSandboxWithPermButNoGesture);
204 String message =
205 "Navigating the top-level window from a sandboxed iframe with "
206 "'allow-top-navigation' will soon require that the iframe has "
207 "received a user gesture. See "
208 "https://www.chromestatus.com/features/5629582019395584.";
209 printNavigationWarning(targetFrame, message.latin1().data());
200 } 210 }
211 return true;
201 } 212 }
202 213
203 if (isAllowedNavigation)
204 framebustParams |= allowedBit;
205 framebustHistogram.count(framebustParams);
206 if (hasUserGesture || isAllowedNavigation) 214 if (hasUserGesture || isAllowedNavigation)
207 return true; 215 return true;
208 // Frame-busting used to be generally allowed in most situations, but may 216 // Frame-busting used to be generally allowed in most situations, but may
209 // now blocked if the document initiating the navigation has never received 217 // now blocked if the document initiating the navigation has never received
210 // a user gesture. 218 // a user gesture.
211 if (!RuntimeEnabledFeatures:: 219 if (!RuntimeEnabledFeatures::
212 framebustingNeedsSameOriginOrUserGestureEnabled()) { 220 framebustingNeedsSameOriginOrUserGestureEnabled()) {
213 String targetFrameDescription = 221 String message =
214 targetFrame.isLocalFrame() 222 "Navigating the top-level window from a cross-origin "
215 ? "with URL '" + 223 "iframe will soon require that the iframe has received "
216 toLocalFrame(targetFrame).document()->url().getString() + 224 "a user gesture. See "
217 "'" 225 "https://www.chromestatus.com/features/"
218 : "with origin '" + 226 "5851021045661696.";
219 targetFrame.securityContext() 227 printNavigationWarning(targetFrame, message.latin1().data());
220 ->getSecurityOrigin()
221 ->toString() +
222 "'";
223 String message = "Frame with URL '" +
224 toLocalFrame(this)->document()->url().getString() +
225 "' attempted to navigate its top-level window " +
226 targetFrameDescription +
227 ". Navigating the top-level window from a cross-origin "
228 "iframe will soon require that the iframe has received "
229 "a user gesture. See "
230 "https://www.chromestatus.com/features/"
231 "5851021045661696.";
232 printNavigationWarning(message);
233 return true; 228 return true;
234 } 229 }
235 errorReason = 230 errorReason =
236 "The frame attempting navigation is targeting its top-level window, " 231 "The frame attempting navigation is targeting its top-level window, "
237 "but is neither same-origin with its target nor has it received a " 232 "but is neither same-origin with its target nor has it received a "
238 "user gesture. See " 233 "user gesture. See "
239 "https://www.chromestatus.com/features/5851021045661696."; 234 "https://www.chromestatus.com/features/5851021045661696.";
240 printNavigationErrorMessage(targetFrame, errorReason.latin1().data()); 235 printNavigationErrorMessage(targetFrame, errorReason.latin1().data());
241 if (isLocalFrame()) { 236 if (isLocalFrame()) {
242 toLocalFrame(this)->navigationScheduler().schedulePageBlock( 237 toLocalFrame(this)->navigationScheduler().schedulePageBlock(
(...skipping 143 matching lines...) Expand 10 before | Expand all | Expand 10 after
386 381
387 ASSERT(page()); 382 ASSERT(page());
388 383
389 if (m_owner) 384 if (m_owner)
390 m_owner->setContentFrame(*this); 385 m_owner->setContentFrame(*this);
391 else 386 else
392 page()->setMainFrame(this); 387 page()->setMainFrame(this);
393 } 388 }
394 389
395 } // namespace blink 390 } // namespace blink
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/core/frame/Frame.h ('k') | third_party/WebKit/Source/core/frame/LocalFrame.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698