OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights | 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights |
3 * reserved. | 3 * reserved. |
4 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) | 4 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) |
5 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. | 5 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. |
6 * (http://www.torchmobile.com/) | 6 * (http://www.torchmobile.com/) |
7 * Copyright (C) 2008 Alp Toker <alp@atoker.com> | 7 * Copyright (C) 2008 Alp Toker <alp@atoker.com> |
8 * Copyright (C) Research In Motion Limited 2009. All rights reserved. | 8 * Copyright (C) Research In Motion Limited 2009. All rights reserved. |
9 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> | 9 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> |
10 * Copyright (C) 2011 Google Inc. All rights reserved. | 10 * Copyright (C) 2011 Google Inc. All rights reserved. |
(...skipping 1642 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1653 ContentSecurityPolicyDisposition shouldCheckMainWorldContentSecurityPolicy, | 1653 ContentSecurityPolicyDisposition shouldCheckMainWorldContentSecurityPolicy, |
1654 NavigationType type, | 1654 NavigationType type, |
1655 NavigationPolicy policy, | 1655 NavigationPolicy policy, |
1656 FrameLoadType frameLoadType, | 1656 FrameLoadType frameLoadType, |
1657 bool isClientRedirect, | 1657 bool isClientRedirect, |
1658 HTMLFormElement* form) { | 1658 HTMLFormElement* form) { |
1659 // Don't ask if we are loading an empty URL. | 1659 // Don't ask if we are loading an empty URL. |
1660 if (request.url().isEmpty() || substituteData.isValid()) | 1660 if (request.url().isEmpty() || substituteData.isValid()) |
1661 return NavigationPolicyCurrentTab; | 1661 return NavigationPolicyCurrentTab; |
1662 | 1662 |
| 1663 Settings* settings = m_frame->settings(); |
| 1664 bool browserSideNavigationEnabled = |
| 1665 settings && settings->getBrowserSideNavigationEnabled(); |
| 1666 |
1663 // If we're loading content into |m_frame| (NavigationPolicyCurrentTab), check | 1667 // If we're loading content into |m_frame| (NavigationPolicyCurrentTab), check |
1664 // against the parent's Content Security Policy and kill the load if that | 1668 // against the parent's Content Security Policy and kill the load if that |
1665 // check fails, unless we should bypass the main world's CSP. | 1669 // check fails, unless we should bypass the main world's CSP. |
1666 if (policy == NavigationPolicyCurrentTab && | 1670 if (policy == NavigationPolicyCurrentTab && |
1667 shouldCheckMainWorldContentSecurityPolicy == CheckContentSecurityPolicy) { | 1671 shouldCheckMainWorldContentSecurityPolicy == CheckContentSecurityPolicy && |
| 1672 // TODO(arthursonzogni): 'frame-src' check is disabled on the |
| 1673 // renderer side with browser-side-navigation, but is enforced on the |
| 1674 // browser side. See http://crbug.com/692595 for understanding why it |
| 1675 // can't be enforced on both sides instead. |
| 1676 !browserSideNavigationEnabled) { |
1668 Frame* parentFrame = m_frame->tree().parent(); | 1677 Frame* parentFrame = m_frame->tree().parent(); |
1669 if (parentFrame) { | 1678 if (parentFrame) { |
1670 ContentSecurityPolicy* parentPolicy = | 1679 ContentSecurityPolicy* parentPolicy = |
1671 parentFrame->securityContext()->contentSecurityPolicy(); | 1680 parentFrame->securityContext()->contentSecurityPolicy(); |
1672 if (!parentPolicy->allowFrameFromSource(request.url(), | 1681 if (!parentPolicy->allowFrameFromSource(request.url(), |
1673 request.redirectStatus())) { | 1682 request.redirectStatus())) { |
1674 // Fire a load event, as timing attacks would otherwise reveal that the | 1683 // Fire a load event, as timing attacks would otherwise reveal that the |
1675 // frame was blocked. This way, it looks like every other cross-origin | 1684 // frame was blocked. This way, it looks like every other cross-origin |
1676 // page load. | 1685 // page load. |
1677 m_frame->document()->enforceSandboxFlags(SandboxOrigin); | 1686 m_frame->document()->enforceSandboxFlags(SandboxOrigin); |
1678 m_frame->owner()->dispatchLoad(); | 1687 m_frame->owner()->dispatchLoad(); |
1679 return NavigationPolicyIgnore; | 1688 return NavigationPolicyIgnore; |
1680 } | 1689 } |
1681 } | 1690 } |
1682 } | 1691 } |
1683 | 1692 |
1684 bool isFormSubmission = type == NavigationTypeFormSubmitted || | 1693 bool isFormSubmission = type == NavigationTypeFormSubmitted || |
1685 type == NavigationTypeFormResubmitted; | 1694 type == NavigationTypeFormResubmitted; |
1686 if (isFormSubmission && | 1695 if (isFormSubmission && |
1687 !m_frame->document()->contentSecurityPolicy()->allowFormAction( | 1696 !m_frame->document()->contentSecurityPolicy()->allowFormAction( |
1688 request.url(), request.redirectStatus())) { | 1697 request.url(), request.redirectStatus())) { |
1689 return NavigationPolicyIgnore; | 1698 return NavigationPolicyIgnore; |
1690 } | 1699 } |
1691 | 1700 |
1692 bool replacesCurrentHistoryItem = | 1701 bool replacesCurrentHistoryItem = |
1693 frameLoadType == FrameLoadTypeReplaceCurrentItem; | 1702 frameLoadType == FrameLoadTypeReplaceCurrentItem; |
1694 policy = client()->decidePolicyForNavigation(request, loader, type, policy, | 1703 policy = client()->decidePolicyForNavigation( |
1695 replacesCurrentHistoryItem, | 1704 request, loader, type, policy, replacesCurrentHistoryItem, |
1696 isClientRedirect, form); | 1705 isClientRedirect, form, shouldCheckMainWorldContentSecurityPolicy); |
1697 if (policy == NavigationPolicyCurrentTab || | 1706 if (policy == NavigationPolicyCurrentTab || |
1698 policy == NavigationPolicyIgnore || | 1707 policy == NavigationPolicyIgnore || |
1699 policy == NavigationPolicyHandledByClient || | 1708 policy == NavigationPolicyHandledByClient || |
1700 policy == NavigationPolicyHandledByClientForInitialHistory) { | 1709 policy == NavigationPolicyHandledByClientForInitialHistory) { |
1701 return policy; | 1710 return policy; |
1702 } | 1711 } |
1703 | 1712 |
1704 if (!LocalDOMWindow::allowPopUp(*m_frame) && | 1713 if (!LocalDOMWindow::allowPopUp(*m_frame) && |
1705 !UserGestureIndicator::utilizeUserGesture()) | 1714 !UserGestureIndicator::utilizeUserGesture()) |
1706 return NavigationPolicyIgnore; | 1715 return NavigationPolicyIgnore; |
(...skipping 312 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2019 frameLoadRequest.clientRedirect()); | 2028 frameLoadRequest.clientRedirect()); |
2020 | 2029 |
2021 loader->setLoadType(loadType); | 2030 loader->setLoadType(loadType); |
2022 loader->setNavigationType(navigationType); | 2031 loader->setNavigationType(navigationType); |
2023 loader->setReplacesCurrentHistoryItem(loadType == | 2032 loader->setReplacesCurrentHistoryItem(loadType == |
2024 FrameLoadTypeReplaceCurrentItem); | 2033 FrameLoadTypeReplaceCurrentItem); |
2025 return loader; | 2034 return loader; |
2026 } | 2035 } |
2027 | 2036 |
2028 } // namespace blink | 2037 } // namespace blink |
OLD | NEW |