| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights | 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights |
| 3 * reserved. | 3 * reserved. |
| 4 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) | 4 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) |
| 5 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. | 5 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. |
| 6 * (http://www.torchmobile.com/) | 6 * (http://www.torchmobile.com/) |
| 7 * Copyright (C) 2008 Alp Toker <alp@atoker.com> | 7 * Copyright (C) 2008 Alp Toker <alp@atoker.com> |
| 8 * Copyright (C) Research In Motion Limited 2009. All rights reserved. | 8 * Copyright (C) Research In Motion Limited 2009. All rights reserved. |
| 9 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> | 9 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> |
| 10 * Copyright (C) 2011 Google Inc. All rights reserved. | 10 * Copyright (C) 2011 Google Inc. All rights reserved. |
| (...skipping 973 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 984 | 984 |
| 985 KURL url = request.resourceRequest().url(); | 985 KURL url = request.resourceRequest().url(); |
| 986 if (m_frame->script().executeScriptIfJavaScriptURL(url, nullptr)) | 986 if (m_frame->script().executeScriptIfJavaScriptURL(url, nullptr)) |
| 987 return false; | 987 return false; |
| 988 | 988 |
| 989 if (!request.originDocument()->getSecurityOrigin()->canDisplay(url)) { | 989 if (!request.originDocument()->getSecurityOrigin()->canDisplay(url)) { |
| 990 reportLocalLoadFailed(m_frame, url.elidedString()); | 990 reportLocalLoadFailed(m_frame, url.elidedString()); |
| 991 return false; | 991 return false; |
| 992 } | 992 } |
| 993 | 993 |
| 994 if (m_frame->isMainFrame() && |
| 995 !request.originDocument()->getSecurityOrigin()->canNavigateInTopFrame( |
| 996 url)) { |
| 997 reportTopLevelNavigationFailed(m_frame, url.elidedString()); |
| 998 return false; |
| 999 } |
| 1000 |
| 994 if (!request.form() && request.frameName().isEmpty()) | 1001 if (!request.form() && request.frameName().isEmpty()) |
| 995 request.setFrameName(m_frame->document()->baseTarget()); | 1002 request.setFrameName(m_frame->document()->baseTarget()); |
| 996 return true; | 1003 return true; |
| 997 } | 1004 } |
| 998 | 1005 |
| 999 static bool shouldNavigateTargetFrame(NavigationPolicy policy) { | 1006 static bool shouldNavigateTargetFrame(NavigationPolicy policy) { |
| 1000 switch (policy) { | 1007 switch (policy) { |
| 1001 case NavigationPolicyCurrentTab: | 1008 case NavigationPolicyCurrentTab: |
| 1002 return true; | 1009 return true; |
| 1003 | 1010 |
| (...skipping 221 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1225 void FrameLoader::reportLocalLoadFailed(LocalFrame* frame, const String& url) { | 1232 void FrameLoader::reportLocalLoadFailed(LocalFrame* frame, const String& url) { |
| 1226 DCHECK(!url.isEmpty()); | 1233 DCHECK(!url.isEmpty()); |
| 1227 if (!frame) | 1234 if (!frame) |
| 1228 return; | 1235 return; |
| 1229 | 1236 |
| 1230 frame->document()->addConsoleMessage( | 1237 frame->document()->addConsoleMessage( |
| 1231 ConsoleMessage::create(SecurityMessageSource, ErrorMessageLevel, | 1238 ConsoleMessage::create(SecurityMessageSource, ErrorMessageLevel, |
| 1232 "Not allowed to load local resource: " + url)); | 1239 "Not allowed to load local resource: " + url)); |
| 1233 } | 1240 } |
| 1234 | 1241 |
| 1242 void FrameLoader::reportTopLevelNavigationFailed(LocalFrame* frame, |
| 1243 const String& url) { |
| 1244 DCHECK(!url.isEmpty()); |
| 1245 if (!frame) |
| 1246 return; |
| 1247 |
| 1248 frame->document()->addConsoleMessage(ConsoleMessage::create( |
| 1249 SecurityMessageSource, ErrorMessageLevel, |
| 1250 "Not allowed to top-level navigate to resource: " + url)); |
| 1251 } |
| 1252 |
| 1235 void FrameLoader::stopAllLoaders() { | 1253 void FrameLoader::stopAllLoaders() { |
| 1236 if (m_frame->document()->pageDismissalEventBeingDispatched() != | 1254 if (m_frame->document()->pageDismissalEventBeingDispatched() != |
| 1237 Document::NoDismissal) | 1255 Document::NoDismissal) |
| 1238 return; | 1256 return; |
| 1239 | 1257 |
| 1240 // If this method is called from within this method, infinite recursion can | 1258 // If this method is called from within this method, infinite recursion can |
| 1241 // occur (3442218). Avoid this. | 1259 // occur (3442218). Avoid this. |
| 1242 if (m_inStopAllLoaders) | 1260 if (m_inStopAllLoaders) |
| 1243 return; | 1261 return; |
| 1244 | 1262 |
| (...skipping 736 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1981 frameLoadRequest.clientRedirect()); | 1999 frameLoadRequest.clientRedirect()); |
| 1982 | 2000 |
| 1983 loader->setLoadType(loadType); | 2001 loader->setLoadType(loadType); |
| 1984 loader->setNavigationType(navigationType); | 2002 loader->setNavigationType(navigationType); |
| 1985 loader->setReplacesCurrentHistoryItem(loadType == | 2003 loader->setReplacesCurrentHistoryItem(loadType == |
| 1986 FrameLoadTypeReplaceCurrentItem); | 2004 FrameLoadTypeReplaceCurrentItem); |
| 1987 return loader; | 2005 return loader; |
| 1988 } | 2006 } |
| 1989 | 2007 |
| 1990 } // namespace blink | 2008 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2702503002:
Block renderer-initiated main frame navigations to data URLs (Closed)
