| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2009 Google Inc. All rights reserved. | 2 * Copyright (C) 2009 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 127 void ApplicationCacheHost::SelectCacheWithoutManifest() { | 127 void ApplicationCacheHost::SelectCacheWithoutManifest() { |
| 128 if (host_) | 128 if (host_) |
| 129 host_->SelectCacheWithoutManifest(); | 129 host_->SelectCacheWithoutManifest(); |
| 130 } | 130 } |
| 131 | 131 |
| 132 void ApplicationCacheHost::SelectCacheWithManifest(const KURL& manifest_url) { | 132 void ApplicationCacheHost::SelectCacheWithManifest(const KURL& manifest_url) { |
| 133 DCHECK(document_loader_); | 133 DCHECK(document_loader_); |
| 134 | 134 |
| 135 LocalFrame* frame = document_loader_->GetFrame(); | 135 LocalFrame* frame = document_loader_->GetFrame(); |
| 136 Document* document = frame->GetDocument(); | 136 Document* document = frame->GetDocument(); |
| 137 if (document->IsSandboxed(kSandboxOrigin) || |
| 138 document->GetSecurityOrigin()->HasSuborigin()) { |
| 139 // Prevent sandboxes and suborigins from establishing application caches. |
| 140 SelectCacheWithoutManifest(); |
| 141 return; |
| 142 } |
| 137 if (document->IsSecureContext()) { | 143 if (document->IsSecureContext()) { |
| 138 UseCounter::Count(document, | 144 UseCounter::Count(document, |
| 139 UseCounter::kApplicationCacheManifestSelectSecureOrigin); | 145 UseCounter::kApplicationCacheManifestSelectSecureOrigin); |
| 140 UseCounter::CountCrossOriginIframe( | 146 UseCounter::CountCrossOriginIframe( |
| 141 *document, UseCounter::kApplicationCacheManifestSelectSecureOrigin); | 147 *document, UseCounter::kApplicationCacheManifestSelectSecureOrigin); |
| 142 } else { | 148 } else { |
| 143 Deprecation::CountDeprecation( | 149 Deprecation::CountDeprecation( |
| 144 document, UseCounter::kApplicationCacheManifestSelectInsecureOrigin); | 150 document, UseCounter::kApplicationCacheManifestSelectInsecureOrigin); |
| 145 Deprecation::CountDeprecationCrossOriginIframe( | 151 Deprecation::CountDeprecationCrossOriginIframe( |
| 146 *document, UseCounter::kApplicationCacheManifestSelectInsecureOrigin); | 152 *document, UseCounter::kApplicationCacheManifestSelectInsecureOrigin); |
| (...skipping 200 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 347 NotifyApplicationCache(kErrorEvent, 0, 0, reason, url.GetString(), status, | 353 NotifyApplicationCache(kErrorEvent, 0, 0, reason, url.GetString(), status, |
| 348 message); | 354 message); |
| 349 } | 355 } |
| 350 | 356 |
| 351 DEFINE_TRACE(ApplicationCacheHost) { | 357 DEFINE_TRACE(ApplicationCacheHost) { |
| 352 visitor->Trace(dom_application_cache_); | 358 visitor->Trace(dom_application_cache_); |
| 353 visitor->Trace(document_loader_); | 359 visitor->Trace(document_loader_); |
| 354 } | 360 } |
| 355 | 361 |
| 356 } // namespace blink | 362 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2813123002:
Prevent appcache creation from suborigins and sandboxed pages. (Closed)
