| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights | 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights |
| 3 * reserved. | 3 * reserved. |
| 4 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) | 4 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) |
| 5 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. | 5 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. |
| 6 * (http://www.torchmobile.com/) | 6 * (http://www.torchmobile.com/) |
| 7 * Copyright (C) 2008 Alp Toker <alp@atoker.com> | 7 * Copyright (C) 2008 Alp Toker <alp@atoker.com> |
| 8 * Copyright (C) Research In Motion Limited 2009. All rights reserved. | 8 * Copyright (C) Research In Motion Limited 2009. All rights reserved. |
| 9 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> | 9 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> |
| 10 * Copyright (C) 2011 Google Inc. All rights reserved. | 10 * Copyright (C) 2011 Google Inc. All rights reserved. |
| (...skipping 730 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 741 | 741 |
| 742 KURL url = request.GetResourceRequest().Url(); | 742 KURL url = request.GetResourceRequest().Url(); |
| 743 if (frame_->GetScriptController().ExecuteScriptIfJavaScriptURL(url, nullptr)) | 743 if (frame_->GetScriptController().ExecuteScriptIfJavaScriptURL(url, nullptr)) |
| 744 return false; | 744 return false; |
| 745 | 745 |
| 746 if (!request.OriginDocument()->GetSecurityOrigin()->CanDisplay(url)) { | 746 if (!request.OriginDocument()->GetSecurityOrigin()->CanDisplay(url)) { |
| 747 ReportLocalLoadFailed(frame_, url.ElidedString()); | 747 ReportLocalLoadFailed(frame_, url.ElidedString()); |
| 748 return false; | 748 return false; |
| 749 } | 749 } |
| 750 | 750 |
| 751 // Block content-initiated, top-frame navigations to data URLs. |
| 752 if (frame_->IsMainFrame() && |
| 753 !request.GetResourceRequest().IsSameDocumentNavigation() && |
| 754 !frame_->Client()->AllowContentInitiatedDataUrlNavigations( |
| 755 request.OriginDocument()->Url()) && |
| 756 !request.OriginDocument()->GetSecurityOrigin()->CanNavigateInTopFrame( |
| 757 url)) { |
| 758 ReportTopLevelNavigationFailed(frame_, url.ElidedString()); |
| 759 return false; |
| 760 } |
| 761 |
| 751 if (!request.Form() && request.FrameName().IsEmpty()) | 762 if (!request.Form() && request.FrameName().IsEmpty()) |
| 752 request.SetFrameName(frame_->GetDocument()->BaseTarget()); | 763 request.SetFrameName(frame_->GetDocument()->BaseTarget()); |
| 753 return true; | 764 return true; |
| 754 } | 765 } |
| 755 | 766 |
| 756 static bool ShouldNavigateTargetFrame(NavigationPolicy policy) { | 767 static bool ShouldNavigateTargetFrame(NavigationPolicy policy) { |
| 757 switch (policy) { | 768 switch (policy) { |
| 758 case kNavigationPolicyCurrentTab: | 769 case kNavigationPolicyCurrentTab: |
| 759 return true; | 770 return true; |
| 760 | 771 |
| (...skipping 219 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 980 void FrameLoader::ReportLocalLoadFailed(LocalFrame* frame, const String& url) { | 991 void FrameLoader::ReportLocalLoadFailed(LocalFrame* frame, const String& url) { |
| 981 DCHECK(!url.IsEmpty()); | 992 DCHECK(!url.IsEmpty()); |
| 982 if (!frame) | 993 if (!frame) |
| 983 return; | 994 return; |
| 984 | 995 |
| 985 frame->GetDocument()->AddConsoleMessage( | 996 frame->GetDocument()->AddConsoleMessage( |
| 986 ConsoleMessage::Create(kSecurityMessageSource, kErrorMessageLevel, | 997 ConsoleMessage::Create(kSecurityMessageSource, kErrorMessageLevel, |
| 987 "Not allowed to load local resource: " + url)); | 998 "Not allowed to load local resource: " + url)); |
| 988 } | 999 } |
| 989 | 1000 |
| 1001 void FrameLoader::ReportTopLevelNavigationFailed(LocalFrame* frame, |
| 1002 const String& url) { |
| 1003 DCHECK(!url.IsEmpty()); |
| 1004 if (!frame) |
| 1005 return; |
| 1006 |
| 1007 frame->GetDocument()->AddConsoleMessage(ConsoleMessage::Create( |
| 1008 kSecurityMessageSource, kErrorMessageLevel, |
| 1009 "Not allowed to top-level navigate to resource: " + url)); |
| 1010 } |
| 1011 |
| 990 void FrameLoader::StopAllLoaders() { | 1012 void FrameLoader::StopAllLoaders() { |
| 991 if (frame_->GetDocument()->PageDismissalEventBeingDispatched() != | 1013 if (frame_->GetDocument()->PageDismissalEventBeingDispatched() != |
| 992 Document::kNoDismissal) | 1014 Document::kNoDismissal) |
| 993 return; | 1015 return; |
| 994 | 1016 |
| 995 // If this method is called from within this method, infinite recursion can | 1017 // If this method is called from within this method, infinite recursion can |
| 996 // occur (3442218). Avoid this. | 1018 // occur (3442218). Avoid this. |
| 997 if (in_stop_all_loaders_) | 1019 if (in_stop_all_loaders_) |
| 998 return; | 1020 return; |
| 999 | 1021 |
| (...skipping 774 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1774 // TODO(japhet): This is needed because the browser process DCHECKs if the | 1796 // TODO(japhet): This is needed because the browser process DCHECKs if the |
| 1775 // first entry we commit in a new frame has replacement set. It's unclear | 1797 // first entry we commit in a new frame has replacement set. It's unclear |
| 1776 // whether the DCHECK is right, investigate removing this special case. | 1798 // whether the DCHECK is right, investigate removing this special case. |
| 1777 bool replace_current_item = load_type == kFrameLoadTypeReplaceCurrentItem && | 1799 bool replace_current_item = load_type == kFrameLoadTypeReplaceCurrentItem && |
| 1778 (!Opener() || !request.Url().IsEmpty()); | 1800 (!Opener() || !request.Url().IsEmpty()); |
| 1779 loader->SetReplacesCurrentHistoryItem(replace_current_item); | 1801 loader->SetReplacesCurrentHistoryItem(replace_current_item); |
| 1780 return loader; | 1802 return loader; |
| 1781 } | 1803 } |
| 1782 | 1804 |
| 1783 } // namespace blink | 1805 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2702503002:
Block renderer-initiated main frame navigations to data URLs (Closed)
