| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/web_contents/web_contents_impl.h" | 5 #include "content/browser/web_contents/web_contents_impl.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include <cmath> | 9 #include <cmath> |
| 10 #include <utility> | 10 #include <utility> |
| (...skipping 585 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 596 | 596 |
| 597 WebContentsImpl* WebContentsImpl::CreateWithOpener( | 597 WebContentsImpl* WebContentsImpl::CreateWithOpener( |
| 598 const WebContents::CreateParams& params, | 598 const WebContents::CreateParams& params, |
| 599 FrameTreeNode* opener) { | 599 FrameTreeNode* opener) { |
| 600 TRACE_EVENT0("browser", "WebContentsImpl::CreateWithOpener"); | 600 TRACE_EVENT0("browser", "WebContentsImpl::CreateWithOpener"); |
| 601 WebContentsImpl* new_contents = new WebContentsImpl(params.browser_context); | 601 WebContentsImpl* new_contents = new WebContentsImpl(params.browser_context); |
| 602 | 602 |
| 603 FrameTreeNode* new_root = new_contents->GetFrameTree()->root(); | 603 FrameTreeNode* new_root = new_contents->GetFrameTree()->root(); |
| 604 | 604 |
| 605 if (opener) { | 605 if (opener) { |
| 606 new_root->SetOriginalOpener(opener); | 606 // For the "original opener", track the opener's main frame instead, because |
| 607 // if the opener is a subframe, the opener tracking could be easily bypassed |
| 608 // by spawning from a subframe and deleting the subframe. |
| 609 // https://crbug.com/705316 |
| 610 new_root->SetOriginalOpener(opener->frame_tree()->root()); |
| 611 |
| 607 if (!params.opener_suppressed) { | 612 if (!params.opener_suppressed) { |
| 608 new_root->SetOpener(opener); | 613 new_root->SetOpener(opener); |
| 609 new_contents->created_with_opener_ = true; | 614 new_contents->created_with_opener_ = true; |
| 610 } | 615 } |
| 611 } | 616 } |
| 612 | 617 |
| 613 // If the opener is sandboxed, a new popup must inherit the opener's sandbox | 618 // If the opener is sandboxed, a new popup must inherit the opener's sandbox |
| 614 // flags, and these flags take effect immediately. An exception is if the | 619 // flags, and these flags take effect immediately. An exception is if the |
| 615 // opener's sandbox flags lack the PropagatesToAuxiliaryBrowsingContexts | 620 // opener's sandbox flags lack the PropagatesToAuxiliaryBrowsingContexts |
| 616 // bit (which is controlled by the "allow-popups-to-escape-sandbox" token). | 621 // bit (which is controlled by the "allow-popups-to-escape-sandbox" token). |
| (...skipping 4803 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 5420 RenderViewHost* render_view_host = RenderViewHost::From(render_widget_host); | 5425 RenderViewHost* render_view_host = RenderViewHost::From(render_widget_host); |
| 5421 if (!render_view_host) | 5426 if (!render_view_host) |
| 5422 continue; | 5427 continue; |
| 5423 render_view_host_set.insert(render_view_host); | 5428 render_view_host_set.insert(render_view_host); |
| 5424 } | 5429 } |
| 5425 for (RenderViewHost* render_view_host : render_view_host_set) | 5430 for (RenderViewHost* render_view_host : render_view_host_set) |
| 5426 render_view_host->OnWebkitPreferencesChanged(); | 5431 render_view_host->OnWebkitPreferencesChanged(); |
| 5427 } | 5432 } |
| 5428 | 5433 |
| 5429 } // namespace content | 5434 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2778113003:
Fix popunders spawned from a subframe. (Closed)
