OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2009 Google Inc. All rights reserved. | 2 * Copyright (C) 2009 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
127 void ApplicationCacheHost::SelectCacheWithoutManifest() { | 127 void ApplicationCacheHost::SelectCacheWithoutManifest() { |
128 if (host_) | 128 if (host_) |
129 host_->SelectCacheWithoutManifest(); | 129 host_->SelectCacheWithoutManifest(); |
130 } | 130 } |
131 | 131 |
132 void ApplicationCacheHost::SelectCacheWithManifest(const KURL& manifest_url) { | 132 void ApplicationCacheHost::SelectCacheWithManifest(const KURL& manifest_url) { |
133 DCHECK(document_loader_); | 133 DCHECK(document_loader_); |
134 | 134 |
135 LocalFrame* frame = document_loader_->GetFrame(); | 135 LocalFrame* frame = document_loader_->GetFrame(); |
136 Document* document = frame->GetDocument(); | 136 Document* document = frame->GetDocument(); |
| 137 if (document->IsSandboxed(kSandboxOrigin) || |
| 138 document->GetSecurityOrigin()->HasSuborigin()) { |
| 139 // Prevent sandboxes and suborigins from establishing application caches. |
| 140 SelectCacheWithoutManifest(); |
| 141 return; |
| 142 } |
137 if (document->IsSecureContext()) { | 143 if (document->IsSecureContext()) { |
138 UseCounter::Count(document, | 144 UseCounter::Count(document, |
139 UseCounter::kApplicationCacheManifestSelectSecureOrigin); | 145 UseCounter::kApplicationCacheManifestSelectSecureOrigin); |
140 UseCounter::CountCrossOriginIframe( | 146 UseCounter::CountCrossOriginIframe( |
141 *document, UseCounter::kApplicationCacheManifestSelectSecureOrigin); | 147 *document, UseCounter::kApplicationCacheManifestSelectSecureOrigin); |
142 } else { | 148 } else { |
143 Deprecation::CountDeprecation( | 149 Deprecation::CountDeprecation( |
144 document, UseCounter::kApplicationCacheManifestSelectInsecureOrigin); | 150 document, UseCounter::kApplicationCacheManifestSelectInsecureOrigin); |
145 Deprecation::CountDeprecationCrossOriginIframe( | 151 Deprecation::CountDeprecationCrossOriginIframe( |
146 *document, UseCounter::kApplicationCacheManifestSelectInsecureOrigin); | 152 *document, UseCounter::kApplicationCacheManifestSelectInsecureOrigin); |
(...skipping 200 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
347 NotifyApplicationCache(kErrorEvent, 0, 0, reason, url.GetString(), status, | 353 NotifyApplicationCache(kErrorEvent, 0, 0, reason, url.GetString(), status, |
348 message); | 354 message); |
349 } | 355 } |
350 | 356 |
351 DEFINE_TRACE(ApplicationCacheHost) { | 357 DEFINE_TRACE(ApplicationCacheHost) { |
352 visitor->Trace(dom_application_cache_); | 358 visitor->Trace(dom_application_cache_); |
353 visitor->Trace(document_loader_); | 359 visitor->Trace(document_loader_); |
354 } | 360 } |
355 | 361 |
356 } // namespace blink | 362 } // namespace blink |
OLD | NEW |