Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(127)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/page/History.cpp

Issue 26216003: Fix History.{push,replace}State handling of null 'url' argument (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Created 7 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « LayoutTests/http/tests/navigation/resources/replacestate-base-no-url-argument.html ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2007 Apple Inc. All rights reserved. 2 * Copyright (C) 2007 Apple Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 1. Redistributions of source code must retain the above copyright 7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer. 8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright 9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the 10 * notice, this list of conditions and the following disclaimer in the
(...skipping 114 matching lines...) Expand 10 before | Expand all | Expand 10 after
125 return; 125 return;
126 126
127 if (!activeDocument->canNavigate(m_frame)) 127 if (!activeDocument->canNavigate(m_frame))
128 return; 128 return;
129 129
130 m_frame->navigationScheduler()->scheduleHistoryNavigation(distance); 130 m_frame->navigationScheduler()->scheduleHistoryNavigation(distance);
131 } 131 }
132 132
133 KURL History::urlForState(const String& urlString) 133 KURL History::urlForState(const String& urlString)
134 { 134 {
135 KURL baseURL = m_frame->document()->baseURL(); 135 Document* document = m_frame->document();
136
137 if (urlString.isNull())
138 return document->url();
136 if (urlString.isEmpty()) 139 if (urlString.isEmpty())
137 return baseURL; 140 return document->baseURL();
138 141
139 return KURL(baseURL, urlString); 142 return KURL(document->baseURL(), urlString);
140 } 143 }
141 144
142 void History::stateObjectAdded(PassRefPtr<SerializedScriptValue> data, const Str ing& /* title */, const String& urlString, SameDocumentNavigationSource sameDocu mentNavigationSource, ExceptionState& es) 145 void History::stateObjectAdded(PassRefPtr<SerializedScriptValue> data, const Str ing& /* title */, const String& urlString, SameDocumentNavigationSource sameDocu mentNavigationSource, ExceptionState& es)
143 { 146 {
144 if (!m_frame || !m_frame->page()) 147 if (!m_frame || !m_frame->page())
145 return; 148 return;
146 149
147 KURL fullURL = urlForState(urlString); 150 KURL fullURL = urlForState(urlString);
148 if (!fullURL.isValid() || !m_frame->document()->securityOrigin()->canRequest (fullURL)) { 151 if (!fullURL.isValid() || !m_frame->document()->securityOrigin()->canRequest (fullURL)) {
149 // We can safely expose the URL to JavaScript, as a) no redirection take s place: JavaScript already had this URL, b) JavaScript can only access a same-o rigin History object. 152 // We can safely expose the URL to JavaScript, as a) no redirection take s place: JavaScript already had this URL, b) JavaScript can only access a same-o rigin History object.
150 es.throwSecurityError("A history state object with URL '" + fullURL.elid edString() + "' cannot be created in a document with origin '" + m_frame->docume nt()->securityOrigin()->toString() + "'."); 153 es.throwSecurityError("A history state object with URL '" + fullURL.elid edString() + "' cannot be created in a document with origin '" + m_frame->docume nt()->securityOrigin()->toString() + "'.");
151 return; 154 return;
152 } 155 }
153 m_frame->loader()->updateForSameDocumentNavigation(fullURL, sameDocumentNavi gationSource, data, FrameLoader::DoNotUpdateBackForwardList); 156 m_frame->loader()->updateForSameDocumentNavigation(fullURL, sameDocumentNavi gationSource, data, FrameLoader::DoNotUpdateBackForwardList);
154 } 157 }
155 158
156 } // namespace WebCore 159 } // namespace WebCore
OLDNEW
« no previous file with comments | « LayoutTests/http/tests/navigation/resources/replacestate-base-no-url-argument.html ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698