Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(532)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/Source/core/loader/DocumentLoader.cpp

Issue 2795673002: Added UseCounter for clearing browsing context name on cross-origin name (Closed)
Patch Set: Rebase-update Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « third_party/WebKit/Source/core/loader/DocumentLoader.h ('k') | third_party/WebKit/Source/core/loader/FrameLoader.cpp » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/Source/core/loader/DocumentLoader.cpp
diff --git a/third_party/WebKit/Source/core/loader/DocumentLoader.cpp b/third_party/WebKit/Source/core/loader/DocumentLoader.cpp
index b8767260da3b54447598a4982e67326047400931..8ad381f8925769ab2b86e6e5c5b3030caf651936 100644
--- a/third_party/WebKit/Source/core/loader/DocumentLoader.cpp
+++ b/third_party/WebKit/Source/core/loader/DocumentLoader.cpp
@@ -669,6 +669,10 @@ void DocumentLoader::ensureWriter(const AtomicString& mimeType,
if (!m_frame)
return;
+ SecurityOrigin* frameSecurityOrigin = nullptr;
+ if (m_frame->document())
+ frameSecurityOrigin = m_frame->document()->getSecurityOrigin();
+
const AtomicString& encoding = response().textEncodingName();
// Prepare a DocumentInit before clearing the frame, because it may need to
@@ -695,7 +699,7 @@ void DocumentLoader::ensureWriter(const AtomicString& mimeType,
installNewDocument(init, mimeType, encoding,
InstallNewDocumentReason::kNavigation, parsingPolicy,
- overridingURL);
+ overridingURL, frameSecurityOrigin);
m_writer->setDocumentWasLoadedAsPartOfNavigation();
m_frame->document()->maybeHandleHttpRefresh(
m_response.httpHeaderField(HTTPNames::Refresh),
@@ -1030,13 +1034,29 @@ void setFeaturePolicy(Document* document, const String& featurePolicyHeader) {
frame->client()->didSetFeaturePolicyHeader(parsedHeader);
}
+static inline bool shouldClearWindowName(
jochen (gone - plz use gerrit) 2017/04/03 15:24:26 nit. don't add inline
andypaicu 2017/04/04 07:23:39 Done. Also moved function into the DocumentLoader
+ const LocalFrame& frame,
+ SecurityOrigin* frameSecurityOrigin,
+ const Document& newDocument)
+{
+ if (!frameSecurityOrigin)
+ return false;
+ if (!frame.isMainFrame())
+ return false;
+ if (frame.loader().opener())
+ return false;
+
+ return !newDocument.getSecurityOrigin()->isSameSchemeHostPort(frameSecurityOrigin);
+}
+
void DocumentLoader::installNewDocument(
const DocumentInit& init,
const AtomicString& mimeType,
const AtomicString& encoding,
InstallNewDocumentReason reason,
ParserSynchronizationPolicy parsingPolicy,
- const KURL& overridingURL) {
+ const KURL& overridingURL,
+ SecurityOrigin* frameSecurityOrigin) {
DCHECK_EQ(init.frame(), m_frame);
DCHECK(!m_frame->document() || !m_frame->document()->isActive());
DCHECK_EQ(m_frame->tree().childCount(), 0u);
@@ -1045,6 +1065,16 @@ void DocumentLoader::installNewDocument(
m_frame->setDOMWindow(LocalDOMWindow::create(*m_frame));
Document* document = m_frame->domWindow()->installNewDocument(mimeType, init);
+
+ if (shouldClearWindowName(*m_frame, frameSecurityOrigin, *document)) {
+ // TODO(andypaicu): decide if we can do this without breaking functionality
+ // after we get user data. experimentalSetNullName will just record the fact
+ // that the name would be nulled and if the name is accessed after we will fire a UseCounter
+ // This is what would be here if we decided to move forward with this:
+ // m_frame->tree().setName(nullAtom);
+ m_frame->tree().experimentalSetNulledName();
+ }
+
m_frame->page()->chromeClient().installSupplements(*m_frame);
if (!overridingURL.isEmpty())
document->setBaseURLOverride(overridingURL);
@@ -1063,6 +1093,7 @@ void DocumentLoader::installNewDocument(
// are sent in didCommitNavigation().
setFeaturePolicy(document,
m_response.httpHeaderField(HTTPNames::Feature_Policy));
+
frameLoader().dispatchDidClearDocumentOfWindowObject();
}
@@ -1076,11 +1107,12 @@ const AtomicString& DocumentLoader::mimeType() const {
// FrameLoader::replaceDocumentWhileExecutingJavaScriptURL()
void DocumentLoader::replaceDocumentWhileExecutingJavaScriptURL(
const DocumentInit& init,
- const String& source) {
+ const String& source,
+ SecurityOrigin* frameSecurityOrigin) {
installNewDocument(init, mimeType(),
m_writer ? m_writer->encoding() : emptyAtom,
InstallNewDocumentReason::kJavascriptURL,
- ForceSynchronousParsing, KURL());
+ ForceSynchronousParsing, KURL(), frameSecurityOrigin);
if (!source.isNull())
m_writer->appendReplacingData(source);
endWriting();
« no previous file with comments | « third_party/WebKit/Source/core/loader/DocumentLoader.h ('k') | third_party/WebKit/Source/core/loader/FrameLoader.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698