Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(316)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/Source/core/frame/Frame.cpp

Issue 2617313002: Add deprecation message for top navigations from sandbox w/ 'allow-top-navigation' but no gesture (Closed)
Patch Set: Add the deprecation message to fix the broken tests in LayoutTests/fast/frames/. Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « third_party/WebKit/Source/core/frame/Frame.h ('k') | third_party/WebKit/Source/core/frame/LocalFrame.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/Source/core/frame/Frame.cpp
diff --git a/third_party/WebKit/Source/core/frame/Frame.cpp b/third_party/WebKit/Source/core/frame/Frame.cpp
index 6f7a7402da5898e23d8477e1302556579c2b8883..d52abcb5a605860717dc5a5323c37f00bcc83efb 100644
--- a/third_party/WebKit/Source/core/frame/Frame.cpp
+++ b/third_party/WebKit/Source/core/frame/Frame.cpp
@@ -192,17 +192,25 @@ bool Frame::canNavigate(const Frame& targetFrame) {
if (hasUserGesture)
framebustParams |= userGestureBit;
+ if (isAllowedNavigation)
+ framebustParams |= allowedBit;
+ framebustHistogram.count(framebustParams);
+
if (sandboxed) { // Sandboxed with 'allow-top-navigation'.
UseCounter::count(&targetFrame, UseCounter::TopNavInSandboxWithPerm);
if (!hasUserGesture) {
UseCounter::count(&targetFrame,
UseCounter::TopNavInSandboxWithPermButNoGesture);
+ String message =
+ "Navigating the top-level window from a sandboxed iframe with "
+ "'allow-top-navigation' will soon require that the iframe has "
+ "received a user gesture. See "
+ "https://www.chromestatus.com/features/5629582019395584.";
+ printNavigationWarning(targetFrame, message.latin1().data());
}
+ return true;
}
- if (isAllowedNavigation)
- framebustParams |= allowedBit;
- framebustHistogram.count(framebustParams);
if (hasUserGesture || isAllowedNavigation)
return true;
// Frame-busting used to be generally allowed in most situations, but may
@@ -210,26 +218,13 @@ bool Frame::canNavigate(const Frame& targetFrame) {
// a user gesture.
if (!RuntimeEnabledFeatures::
framebustingNeedsSameOriginOrUserGestureEnabled()) {
- String targetFrameDescription =
- targetFrame.isLocalFrame()
- ? "with URL '" +
- toLocalFrame(targetFrame).document()->url().getString() +
- "'"
- : "with origin '" +
- targetFrame.securityContext()
- ->getSecurityOrigin()
- ->toString() +
- "'";
- String message = "Frame with URL '" +
- toLocalFrame(this)->document()->url().getString() +
- "' attempted to navigate its top-level window " +
- targetFrameDescription +
- ". Navigating the top-level window from a cross-origin "
- "iframe will soon require that the iframe has received "
- "a user gesture. See "
- "https://www.chromestatus.com/features/"
- "5851021045661696.";
- printNavigationWarning(message);
+ String message =
+ "Navigating the top-level window from a cross-origin "
+ "iframe will soon require that the iframe has received "
+ "a user gesture. See "
+ "https://www.chromestatus.com/features/"
+ "5851021045661696.";
+ printNavigationWarning(targetFrame, message.latin1().data());
return true;
}
errorReason =
« no previous file with comments | « third_party/WebKit/Source/core/frame/Frame.h ('k') | third_party/WebKit/Source/core/frame/LocalFrame.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698