OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 2009 Google Inc. All rights reserved. | 2 * Copyright (C) 2009 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 26 matching lines...) Expand all Loading... | |
37 | 37 |
38 namespace blink { | 38 namespace blink { |
39 | 39 |
40 class DOMWindow; | 40 class DOMWindow; |
41 class EventTarget; | 41 class EventTarget; |
42 class ExceptionState; | 42 class ExceptionState; |
43 class Frame; | 43 class Frame; |
44 class LocalDOMWindow; | 44 class LocalDOMWindow; |
45 class Location; | 45 class Location; |
46 class Node; | 46 class Node; |
47 struct WrapperTypeInfo; | |
47 | 48 |
48 class CORE_EXPORT BindingSecurity { | 49 class CORE_EXPORT BindingSecurity { |
49 STATIC_ONLY(BindingSecurity); | 50 STATIC_ONLY(BindingSecurity); |
50 | 51 |
51 public: | 52 public: |
52 enum class ErrorReportOption { | 53 enum class ErrorReportOption { |
53 DoNotReport, | 54 DoNotReport, |
54 Report, | 55 Report, |
55 }; | 56 }; |
56 | 57 |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
98 const Node* target, | 99 const Node* target, |
99 ExceptionState&); | 100 ExceptionState&); |
100 static bool shouldAllowAccessTo(const LocalDOMWindow* accessingWindow, | 101 static bool shouldAllowAccessTo(const LocalDOMWindow* accessingWindow, |
101 const Node* target, | 102 const Node* target, |
102 ErrorReportOption); | 103 ErrorReportOption); |
103 | 104 |
104 // These overloads should be used only when checking a general access from | 105 // These overloads should be used only when checking a general access from |
105 // one context to another context. For access to a receiver object or | 106 // one context to another context. For access to a receiver object or |
106 // returned object, you should use the above overloads. | 107 // returned object, you should use the above overloads. |
107 static bool shouldAllowAccessToFrame(const LocalDOMWindow* accessingWindow, | 108 static bool shouldAllowAccessToFrame(const LocalDOMWindow* accessingWindow, |
108 const Frame* target, | 109 const Frame& target, |
109 ExceptionState&); | 110 ExceptionState&); |
110 static bool shouldAllowAccessToFrame(const LocalDOMWindow* accessingWindow, | 111 static bool shouldAllowAccessToFrame(const LocalDOMWindow* accessingWindow, |
111 const Frame* target, | 112 const Frame& target, |
112 ErrorReportOption); | 113 ErrorReportOption); |
113 // This overload must be used only for detached windows. | |
114 static bool shouldAllowAccessToDetachedWindow( | |
115 const LocalDOMWindow* accessingWindow, | |
116 const DOMWindow* target, | |
117 ExceptionState&); | |
118 | 114 |
119 static void failedAccessCheckFor(v8::Isolate*, const Frame* target); | 115 static void failedAccessCheckFor(v8::Isolate*, |
116 const WrapperTypeInfo*, | |
117 v8::Local<v8::Object> host); | |
dcheng
2017/03/06 06:59:47
These additional parameters are so we can lookup t
| |
120 | 118 |
121 private: | 119 private: |
122 // Returns true if |accessingWindow| is allowed named access to |targetWindow| | 120 // Returns true if |accessingWindow| is allowed named access to |targetWindow| |
123 // because they're the same origin. Note that named access should be allowed | 121 // because they're the same origin. Note that named access should be allowed |
124 // even if they're cross origin as long as the browsing context name matches | 122 // even if they're cross origin as long as the browsing context name matches |
125 // the browsing context container's name. | 123 // the browsing context container's name. |
126 // | 124 // |
127 // Unlike shouldAllowAccessTo, this function returns true even when | 125 // Unlike shouldAllowAccessTo, this function returns true even when |
128 // |accessingWindow| or |targetWindow| is a RemoteDOMWindow, but remember that | 126 // |accessingWindow| or |targetWindow| is a RemoteDOMWindow, but remember that |
129 // only limited operations are allowed on a RemoteDOMWindow. | 127 // only limited operations are allowed on a RemoteDOMWindow. |
130 // | 128 // |
131 // This function should be only used from V8Window::namedPropertyGetterCustom. | 129 // This function should be only used from V8Window::namedPropertyGetterCustom. |
132 friend class V8Window; | 130 friend class V8Window; |
133 static bool shouldAllowNamedAccessTo(const DOMWindow* accessingWindow, | 131 static bool shouldAllowNamedAccessTo(const DOMWindow* accessingWindow, |
134 const DOMWindow* targetWindow); | 132 const DOMWindow* targetWindow); |
135 }; | 133 }; |
136 | 134 |
137 } // namespace blink | 135 } // namespace blink |
138 | 136 |
139 #endif // BindingSecurity_h | 137 #endif // BindingSecurity_h |
OLD | NEW |