Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(540)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/core/dom/Document.cpp

Issue 2657263002: Experiment with blocking script inside fragment-parser-inserted `<iframe srcdoc>`.
Patch Set: Bitwise logic is hard. Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/Source/core/dom/Document.h ('k') | third_party/WebKit/Source/core/dom/ScriptLoader.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org)
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) 3 * (C) 1999 Antti Koivisto (koivisto@kde.org)
4 * (C) 2001 Dirk Mueller (mueller@kde.org) 4 * (C) 2001 Dirk Mueller (mueller@kde.org)
5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org)
6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All
7 * rights reserved. 7 * rights reserved.
8 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. 8 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved.
9 * (http://www.torchmobile.com/) 9 * (http://www.torchmobile.com/)
10 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. 10 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved.
(...skipping 440 matching lines...) Expand 10 before | Expand all | Expand 10 after
451 m_hasXMLDeclaration(0), 451 m_hasXMLDeclaration(0),
452 m_designMode(false), 452 m_designMode(false),
453 m_isRunningExecCommand(false), 453 m_isRunningExecCommand(false),
454 m_hasAnnotatedRegions(false), 454 m_hasAnnotatedRegions(false),
455 m_annotatedRegionsDirty(false), 455 m_annotatedRegionsDirty(false),
456 m_documentClasses(documentClasses), 456 m_documentClasses(documentClasses),
457 m_isViewSource(false), 457 m_isViewSource(false),
458 m_sawElementsInKnownNamespaces(false), 458 m_sawElementsInKnownNamespaces(false),
459 m_isSrcdocDocument(false), 459 m_isSrcdocDocument(false),
460 m_isMobileDocument(false), 460 m_isMobileDocument(false),
461 m_isFragmentParserCreatedSrcdoc(false),
461 m_layoutView(0), 462 m_layoutView(0),
462 m_contextDocument(initializer.contextDocument()), 463 m_contextDocument(initializer.contextDocument()),
463 m_hasFullscreenSupplement(false), 464 m_hasFullscreenSupplement(false),
464 m_loadEventDelayCount(0), 465 m_loadEventDelayCount(0),
465 m_loadEventDelayTimer(TaskRunnerHelper::get(TaskType::Networking, this), 466 m_loadEventDelayTimer(TaskRunnerHelper::get(TaskType::Networking, this),
466 this, 467 this,
467 &Document::loadEventDelayTimerFired), 468 &Document::loadEventDelayTimerFired),
468 m_pluginLoadingTimer( 469 m_pluginLoadingTimer(
469 TaskRunnerHelper::get(TaskType::UnspecedLoading, this), 470 TaskRunnerHelper::get(TaskType::UnspecedLoading, this),
470 this, 471 this,
(...skipping 5004 matching lines...) Expand 10 before | Expand all | Expand 10 after
5475 // Some clients do not want local URLs to have access to other local 5476 // Some clients do not want local URLs to have access to other local
5476 // URLs. 5477 // URLs.
5477 getSecurityOrigin()->blockLocalAccessFromLocalOrigin(); 5478 getSecurityOrigin()->blockLocalAccessFromLocalOrigin();
5478 } 5479 }
5479 } 5480 }
5480 } 5481 }
5481 5482
5482 if (initializer.shouldTreatURLAsSrcdocDocument()) { 5483 if (initializer.shouldTreatURLAsSrcdocDocument()) {
5483 m_isSrcdocDocument = true; 5484 m_isSrcdocDocument = true;
5484 setBaseURLOverride(initializer.parentBaseURL()); 5485 setBaseURLOverride(initializer.parentBaseURL());
5486
5487 if (Element* owner = domWindow()->frameElement()) {
5488 HTMLIFrameElement* iframe = toHTMLIFrameElement(owner);
5489 m_isFragmentParserCreatedSrcdoc =
5490 iframe->createdByFragmentParser() ||
5491 iframe->document().isFragmentParserCreatedSrcdoc();
5492 }
5485 } 5493 }
5486 5494
5487 if (getSecurityOrigin()->isUnique() && 5495 if (getSecurityOrigin()->isUnique() &&
5488 SecurityOrigin::create(m_url)->isPotentiallyTrustworthy()) 5496 SecurityOrigin::create(m_url)->isPotentiallyTrustworthy())
5489 getSecurityOrigin()->setUniqueOriginIsPotentiallyTrustworthy(true); 5497 getSecurityOrigin()->setUniqueOriginIsPotentiallyTrustworthy(true);
5490 5498
5491 if (getSecurityOrigin()->hasSuborigin()) 5499 if (getSecurityOrigin()->hasSuborigin())
5492 enforceSuborigin(*getSecurityOrigin()->suborigin()); 5500 enforceSuborigin(*getSecurityOrigin()->suborigin());
5493 } 5501 }
5494 5502
(...skipping 1040 matching lines...) Expand 10 before | Expand all | Expand 10 after
6535 } 6543 }
6536 6544
6537 void showLiveDocumentInstances() { 6545 void showLiveDocumentInstances() {
6538 WeakDocumentSet& set = liveDocumentSet(); 6546 WeakDocumentSet& set = liveDocumentSet();
6539 fprintf(stderr, "There are %u documents currently alive:\n", set.size()); 6547 fprintf(stderr, "There are %u documents currently alive:\n", set.size());
6540 for (Document* document : set) 6548 for (Document* document : set)
6541 fprintf(stderr, "- Document %p URL: %s\n", document, 6549 fprintf(stderr, "- Document %p URL: %s\n", document,
6542 document->url().getString().utf8().data()); 6550 document->url().getString().utf8().data());
6543 } 6551 }
6544 #endif 6552 #endif
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/core/dom/Document.h ('k') | third_party/WebKit/Source/core/dom/ScriptLoader.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698