OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2007, 2008 Apple Inc. All rights reserved. | 2 * Copyright (C) 2007, 2008 Apple Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * | 7 * |
8 * 1. Redistributions of source code must retain the above copyright | 8 * 1. Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * 2. Redistributions in binary form must reproduce the above copyright | 10 * 2. Redistributions in binary form must reproduce the above copyright |
(...skipping 115 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
126 // Returns true if drawing an image from this URL taints a canvas from | 126 // Returns true if drawing an image from this URL taints a canvas from |
127 // this security origin. For example, call this function before | 127 // this security origin. For example, call this function before |
128 // drawing an image onto an HTML canvas element with the drawImage API. | 128 // drawing an image onto an HTML canvas element with the drawImage API. |
129 bool TaintsCanvas(const KURL&) const; | 129 bool TaintsCanvas(const KURL&) const; |
130 | 130 |
131 // Returns true if |document| can display content from the given URL (e.g., | 131 // Returns true if |document| can display content from the given URL (e.g., |
132 // in an iframe or as an image). For example, web sites generally cannot | 132 // in an iframe or as an image). For example, web sites generally cannot |
133 // display content from the user's files system. | 133 // display content from the user's files system. |
134 bool CanDisplay(const KURL&) const; | 134 bool CanDisplay(const KURL&) const; |
135 | 135 |
| 136 bool CanNavigateInTopFrame(const KURL&) const; |
| 137 |
136 // Returns true if the origin loads resources either from the local | 138 // Returns true if the origin loads resources either from the local |
137 // machine or over the network from a | 139 // machine or over the network from a |
138 // cryptographically-authenticated origin, as described in | 140 // cryptographically-authenticated origin, as described in |
139 // https://w3c.github.io/webappsec/specs/powerfulfeatures/#is-origin-trustwort
hy. | 141 // https://w3c.github.io/webappsec/specs/powerfulfeatures/#is-origin-trustwort
hy. |
140 bool IsPotentiallyTrustworthy() const; | 142 bool IsPotentiallyTrustworthy() const; |
141 | 143 |
142 // Returns a human-readable error message describing that a non-secure | 144 // Returns a human-readable error message describing that a non-secure |
143 // origin's access to a feature is denied. | 145 // origin's access to a feature is denied. |
144 static String IsPotentiallyTrustworthyErrorMessage(); | 146 static String IsPotentiallyTrustworthyErrorMessage(); |
145 | 147 |
(...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
296 bool universal_access_; | 298 bool universal_access_; |
297 bool domain_was_set_in_dom_; | 299 bool domain_was_set_in_dom_; |
298 bool can_load_local_resources_; | 300 bool can_load_local_resources_; |
299 bool block_local_access_from_local_origin_; | 301 bool block_local_access_from_local_origin_; |
300 bool is_unique_origin_potentially_trustworthy_; | 302 bool is_unique_origin_potentially_trustworthy_; |
301 }; | 303 }; |
302 | 304 |
303 } // namespace blink | 305 } // namespace blink |
304 | 306 |
305 #endif // SecurityOrigin_h | 307 #endif // SecurityOrigin_h |
OLD | NEW |