| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2006, 2007, 2008 Apple Inc. All rights reserved. | 2 * Copyright (C) 2006, 2007, 2008 Apple Inc. All rights reserved. |
| 3 * Copyright (C) 2011 Google Inc. All rights reserved. | 3 * Copyright (C) 2011 Google Inc. All rights reserved. |
| 4 * | 4 * |
| 5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
| 6 * modification, are permitted provided that the following conditions | 6 * modification, are permitted provided that the following conditions |
| 7 * are met: | 7 * are met: |
| 8 * | 8 * |
| 9 * 1. Redistributions of source code must retain the above copyright | 9 * 1. Redistributions of source code must retain the above copyright |
| 10 * notice, this list of conditions and the following disclaimer. | 10 * notice, this list of conditions and the following disclaimer. |
| (...skipping 780 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 791 ArchiveResource* main_resource = | 791 ArchiveResource* main_resource = |
| 792 fetcher_->CreateArchive(main_resource_.Get()); | 792 fetcher_->CreateArchive(main_resource_.Get()); |
| 793 if (!main_resource) | 793 if (!main_resource) |
| 794 return false; | 794 return false; |
| 795 // The origin is the MHTML file, we need to set the base URL to the document | 795 // The origin is the MHTML file, we need to set the base URL to the document |
| 796 // encoded in the MHTML so relative URLs are resolved properly. | 796 // encoded in the MHTML so relative URLs are resolved properly. |
| 797 EnsureWriter(main_resource->MimeType(), main_resource->Url()); | 797 EnsureWriter(main_resource->MimeType(), main_resource->Url()); |
| 798 if (!frame_) | 798 if (!frame_) |
| 799 return false; | 799 return false; |
| 800 | 800 |
| 801 // The Document has now been created. | 801 // The MHTML page is loaded in full sandboxing mode with the only |
| 802 frame_->GetDocument()->EnforceSandboxFlags(kSandboxAll); | 802 // exception to open new top-level windows. Since the MHTML page stays in a |
| 803 // unquie origin with script execution disabled, the risk to navigate to |
| 804 // 'blob:'' and 'filesystem:'' URLs that allow code execution in the page's |
| 805 // "real" origin is mitigated. |
| 806 frame_->GetDocument()->EnforceSandboxFlags( |
| 807 kSandboxAll & |
| 808 ~(kSandboxPopups | kSandboxPropagatesToAuxiliaryBrowsingContexts)); |
| 803 | 809 |
| 804 CommitData(main_resource->Data()->Data(), main_resource->Data()->size()); | 810 CommitData(main_resource->Data()->Data(), main_resource->Data()->size()); |
| 805 return true; | 811 return true; |
| 806 } | 812 } |
| 807 | 813 |
| 808 const AtomicString& DocumentLoader::ResponseMIMEType() const { | 814 const AtomicString& DocumentLoader::ResponseMIMEType() const { |
| 809 return response_.MimeType(); | 815 return response_.MimeType(); |
| 810 } | 816 } |
| 811 | 817 |
| 812 const KURL& DocumentLoader::UnreachableURL() const { | 818 const KURL& DocumentLoader::UnreachableURL() const { |
| (...skipping 273 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1086 InstallNewDocumentReason::kJavascriptURL, | 1092 InstallNewDocumentReason::kJavascriptURL, |
| 1087 kForceSynchronousParsing, KURL()); | 1093 kForceSynchronousParsing, KURL()); |
| 1088 if (!source.IsNull()) | 1094 if (!source.IsNull()) |
| 1089 writer_->AppendReplacingData(source); | 1095 writer_->AppendReplacingData(source); |
| 1090 EndWriting(); | 1096 EndWriting(); |
| 1091 } | 1097 } |
| 1092 | 1098 |
| 1093 DEFINE_WEAK_IDENTIFIER_MAP(DocumentLoader); | 1099 DEFINE_WEAK_IDENTIFIER_MAP(DocumentLoader); |
| 1094 | 1100 |
| 1095 } // namespace blink | 1101 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2837053004:
Allows MHTM page to open a popup (Closed)
