OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2007, 2008 Apple Inc. All rights reserved. | 2 * Copyright (C) 2007, 2008 Apple Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * | 7 * |
8 * 1. Redistributions of source code must retain the above copyright | 8 * 1. Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * 2. Redistributions in binary form must reproduce the above copyright | 10 * 2. Redistributions in binary form must reproduce the above copyright |
(...skipping 126 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
137 // Returns true if drawing an image from this URL taints a canvas from | 137 // Returns true if drawing an image from this URL taints a canvas from |
138 // this security origin. For example, call this function before | 138 // this security origin. For example, call this function before |
139 // drawing an image onto an HTML canvas element with the drawImage API. | 139 // drawing an image onto an HTML canvas element with the drawImage API. |
140 bool taintsCanvas(const KURL&) const; | 140 bool taintsCanvas(const KURL&) const; |
141 | 141 |
142 // Returns true if |document| can display content from the given URL (e.g., | 142 // Returns true if |document| can display content from the given URL (e.g., |
143 // in an iframe or as an image). For example, web sites generally cannot | 143 // in an iframe or as an image). For example, web sites generally cannot |
144 // display content from the user's files system. | 144 // display content from the user's files system. |
145 bool canDisplay(const KURL&) const; | 145 bool canDisplay(const KURL&) const; |
146 | 146 |
| 147 bool canNavigateInTopFrame(const KURL&) const; |
| 148 |
147 // Returns true if the origin loads resources either from the local | 149 // Returns true if the origin loads resources either from the local |
148 // machine or over the network from a | 150 // machine or over the network from a |
149 // cryptographically-authenticated origin, as described in | 151 // cryptographically-authenticated origin, as described in |
150 // https://w3c.github.io/webappsec/specs/powerfulfeatures/#is-origin-trustwort
hy. | 152 // https://w3c.github.io/webappsec/specs/powerfulfeatures/#is-origin-trustwort
hy. |
151 bool isPotentiallyTrustworthy() const; | 153 bool isPotentiallyTrustworthy() const; |
152 | 154 |
153 // Returns a human-readable error message describing that a non-secure | 155 // Returns a human-readable error message describing that a non-secure |
154 // origin's access to a feature is denied. | 156 // origin's access to a feature is denied. |
155 static String isPotentiallyTrustworthyErrorMessage(); | 157 static String isPotentiallyTrustworthyErrorMessage(); |
156 | 158 |
(...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
307 bool m_universalAccess; | 309 bool m_universalAccess; |
308 bool m_domainWasSetInDOM; | 310 bool m_domainWasSetInDOM; |
309 bool m_canLoadLocalResources; | 311 bool m_canLoadLocalResources; |
310 bool m_blockLocalAccessFromLocalOrigin; | 312 bool m_blockLocalAccessFromLocalOrigin; |
311 bool m_isUniqueOriginPotentiallyTrustworthy; | 313 bool m_isUniqueOriginPotentiallyTrustworthy; |
312 }; | 314 }; |
313 | 315 |
314 } // namespace blink | 316 } // namespace blink |
315 | 317 |
316 #endif // SecurityOrigin_h | 318 #endif // SecurityOrigin_h |
OLD | NEW |