OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights reserv ed. | 5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights reserv ed. |
6 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org> | 6 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org> |
7 * | 7 * |
8 * This library is free software; you can redistribute it and/or | 8 * This library is free software; you can redistribute it and/or |
9 * modify it under the terms of the GNU Library General Public | 9 * modify it under the terms of the GNU Library General Public |
10 * License as published by the Free Software Foundation; either | 10 * License as published by the Free Software Foundation; either |
(...skipping 290 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
301 if (sourceCode.isEmpty()) | 301 if (sourceCode.isEmpty()) |
302 return; | 302 return; |
303 | 303 |
304 RefPtr<Document> elementDocument = &m_element->document(); | 304 RefPtr<Document> elementDocument = &m_element->document(); |
305 RefPtr<Document> contextDocument = elementDocument->contextDocument().get(); | 305 RefPtr<Document> contextDocument = elementDocument->contextDocument().get(); |
306 if (!contextDocument) | 306 if (!contextDocument) |
307 return; | 307 return; |
308 | 308 |
309 Frame* frame = contextDocument->frame(); | 309 Frame* frame = contextDocument->frame(); |
310 | 310 |
311 bool shouldBypassMainWorldContentSecurityPolicy = (frame && frame->script()- >shouldBypassMainWorldContentSecurityPolicy()) || elementDocument->contentSecuri tyPolicy()->allowScriptNonce(m_element->fastGetAttribute(HTMLNames::nonceAttr)); | 311 bool shouldBypassMainWorldContentSecurityPolicy = (frame && frame->script()- >shouldBypassMainWorldContentSecurityPolicy()) || elementDocument->contentSecuri tyPolicy()->allowScriptNonce(m_element->fastGetAttribute(HTMLNames::nonceAttr)) || elementDocument->contentSecurityPolicy()->allowScriptHash(sourceCode.source() ); |
Mike West
2013/10/16 14:53:02
This is getting pretty ugly. I shouldn't have adde
jww
2013/10/16 21:49:21
I'm a little confused about what you'd like to see
| |
312 | 312 |
313 if (!m_isExternalScript && (!shouldBypassMainWorldContentSecurityPolicy && ! elementDocument->contentSecurityPolicy()->allowInlineScript(elementDocument->url (), m_startLineNumber))) | 313 if (!m_isExternalScript && (!shouldBypassMainWorldContentSecurityPolicy && ! elementDocument->contentSecurityPolicy()->allowInlineScript(elementDocument->url (), m_startLineNumber))) |
314 return; | 314 return; |
315 | 315 |
316 if (m_isExternalScript && m_resource && !m_resource->mimeTypeAllowedByNosnif f()) { | 316 if (m_isExternalScript && m_resource && !m_resource->mimeTypeAllowedByNosnif f()) { |
317 contextDocument->addConsoleMessage(SecurityMessageSource, ErrorMessageLe vel, "Refused to execute script from '" + m_resource->url().elidedString() + "' because its MIME type ('" + m_resource->mimeType() + "') is not executable, and strict MIME type checking is enabled."); | 317 contextDocument->addConsoleMessage(SecurityMessageSource, ErrorMessageLe vel, "Refused to execute script from '" + m_resource->url().elidedString() + "' because its MIME type ('" + m_resource->mimeType() + "') is not executable, and strict MIME type checking is enabled."); |
318 return; | 318 return; |
319 } | 319 } |
320 | 320 |
321 if (frame) { | 321 if (frame) { |
(...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
434 if (isHTMLScriptLoader(element)) | 434 if (isHTMLScriptLoader(element)) |
435 return toHTMLScriptElement(element)->loader(); | 435 return toHTMLScriptElement(element)->loader(); |
436 | 436 |
437 if (isSVGScriptLoader(element)) | 437 if (isSVGScriptLoader(element)) |
438 return toSVGScriptElement(element)->loader(); | 438 return toSVGScriptElement(element)->loader(); |
439 | 439 |
440 return 0; | 440 return 0; |
441 } | 441 } |
442 | 442 |
443 } | 443 } |
OLD | NEW |