| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
| 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
| 4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
| 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) | 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) |
| 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All | 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All |
| 7 * rights reserved. | 7 * rights reserved. |
| 8 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. | 8 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. |
| 9 * (http://www.torchmobile.com/) | 9 * (http://www.torchmobile.com/) |
| 10 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. | 10 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. |
| (...skipping 3880 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3891 } | 3891 } |
| 3892 | 3892 |
| 3893 void Document::CloneDataFromDocument(const Document& other) { | 3893 void Document::CloneDataFromDocument(const Document& other) { |
| 3894 SetCompatibilityMode(other.GetCompatibilityMode()); | 3894 SetCompatibilityMode(other.GetCompatibilityMode()); |
| 3895 SetEncodingData(other.encoding_data_); | 3895 SetEncodingData(other.encoding_data_); |
| 3896 SetContextFeatures(other.GetContextFeatures()); | 3896 SetContextFeatures(other.GetContextFeatures()); |
| 3897 SetSecurityOrigin(other.GetSecurityOrigin()->IsolatedCopy()); | 3897 SetSecurityOrigin(other.GetSecurityOrigin()->IsolatedCopy()); |
| 3898 SetMimeType(other.contentType()); | 3898 SetMimeType(other.contentType()); |
| 3899 } | 3899 } |
| 3900 | 3900 |
| 3901 bool Document::IsSecureContextImpl( | 3901 bool Document::IsSecureContextImpl() const { |
| 3902 const SecureContextCheck privilege_context_check) const { | |
| 3903 // There may be exceptions for the secure context check defined for certain | 3902 // There may be exceptions for the secure context check defined for certain |
| 3904 // schemes. The exceptions are applied only to the special scheme and to | 3903 // schemes. The exceptions are applied only to the special scheme and to |
| 3905 // sandboxed URLs from those origins, but *not* to any children. | 3904 // sandboxed URLs from those origins, but *not* to any children. |
| 3906 // | 3905 // |
| 3907 // For example: | 3906 // For example: |
| 3908 // <iframe src="http://host"> | 3907 // <iframe src="http://host"> |
| 3909 // <iframe src="scheme-has-exception://host"></iframe> | 3908 // <iframe src="scheme-has-exception://host"></iframe> |
| 3910 // <iframe sandbox src="scheme-has-exception://host"></iframe> | 3909 // <iframe sandbox src="scheme-has-exception://host"></iframe> |
| 3911 // </iframe> | 3910 // </iframe> |
| 3912 // both inner iframes pass this check, assuming that the scheme | 3911 // both inner iframes pass this check, assuming that the scheme |
| (...skipping 15 matching lines...) Expand all Loading... |
| 3928 // | 3927 // |
| 3929 // In all cases, a frame must be potentially trustworthy in addition to | 3928 // In all cases, a frame must be potentially trustworthy in addition to |
| 3930 // having an exception listed in order for the exception to be granted. | 3929 // having an exception listed in order for the exception to be granted. |
| 3931 if (!GetSecurityOrigin()->IsPotentiallyTrustworthy()) | 3930 if (!GetSecurityOrigin()->IsPotentiallyTrustworthy()) |
| 3932 return false; | 3931 return false; |
| 3933 | 3932 |
| 3934 if (SchemeRegistry::SchemeShouldBypassSecureContextCheck( | 3933 if (SchemeRegistry::SchemeShouldBypassSecureContextCheck( |
| 3935 GetSecurityOrigin()->Protocol())) | 3934 GetSecurityOrigin()->Protocol())) |
| 3936 return true; | 3935 return true; |
| 3937 | 3936 |
| 3938 if (privilege_context_check == kStandardSecureContextCheck) { | 3937 if (!frame_) |
| 3939 if (!frame_) | 3938 return true; |
| 3940 return true; | 3939 Frame* parent = frame_->Tree().Parent(); |
| 3941 Frame* parent = frame_->Tree().Parent(); | 3940 while (parent) { |
| 3942 while (parent) { | 3941 if (!parent->GetSecurityContext() |
| 3943 if (!parent->GetSecurityContext() | 3942 ->GetSecurityOrigin() |
| 3944 ->GetSecurityOrigin() | 3943 ->IsPotentiallyTrustworthy()) |
| 3945 ->IsPotentiallyTrustworthy()) | 3944 return false; |
| 3946 return false; | 3945 parent = parent->Tree().Parent(); |
| 3947 parent = parent->Tree().Parent(); | |
| 3948 } | |
| 3949 } | 3946 } |
| 3950 return true; | 3947 return true; |
| 3951 } | 3948 } |
| 3952 | 3949 |
| 3953 StyleSheetList& Document::StyleSheets() { | 3950 StyleSheetList& Document::StyleSheets() { |
| 3954 if (!style_sheet_list_) | 3951 if (!style_sheet_list_) |
| 3955 style_sheet_list_ = StyleSheetList::Create(this); | 3952 style_sheet_list_ = StyleSheetList::Create(this); |
| 3956 return *style_sheet_list_; | 3953 return *style_sheet_list_; |
| 3957 } | 3954 } |
| 3958 | 3955 |
| (...skipping 2563 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 6522 list->InvalidateCacheForAttribute(attr_name); | 6519 list->InvalidateCacheForAttribute(attr_name); |
| 6523 } | 6520 } |
| 6524 | 6521 |
| 6525 void Document::PlatformColorsChanged() { | 6522 void Document::PlatformColorsChanged() { |
| 6526 if (!IsActive()) | 6523 if (!IsActive()) |
| 6527 return; | 6524 return; |
| 6528 | 6525 |
| 6529 GetStyleEngine().PlatformColorsChanged(); | 6526 GetStyleEngine().PlatformColorsChanged(); |
| 6530 } | 6527 } |
| 6531 | 6528 |
| 6532 bool Document::IsSecureContext( | 6529 bool Document::IsSecureContext(String& error_message) const { |
| 6533 String& error_message, | 6530 if (!IsSecureContext()) { |
| 6534 const SecureContextCheck privilege_context_check) const { | |
| 6535 if (!IsSecureContext(privilege_context_check)) { | |
| 6536 error_message = SecurityOrigin::IsPotentiallyTrustworthyErrorMessage(); | 6531 error_message = SecurityOrigin::IsPotentiallyTrustworthyErrorMessage(); |
| 6537 return false; | 6532 return false; |
| 6538 } | 6533 } |
| 6539 return true; | 6534 return true; |
| 6540 } | 6535 } |
| 6541 | 6536 |
| 6542 bool Document::IsSecureContext( | 6537 bool Document::IsSecureContext() const { |
| 6543 const SecureContextCheck privilege_context_check) const { | 6538 bool is_secure = IsSecureContextImpl(); |
| 6544 bool is_secure = IsSecureContextImpl(privilege_context_check); | |
| 6545 if (GetSandboxFlags() != kSandboxNone) { | 6539 if (GetSandboxFlags() != kSandboxNone) { |
| 6546 UseCounter::Count( | 6540 UseCounter::Count( |
| 6547 *this, is_secure | 6541 *this, is_secure |
| 6548 ? UseCounter::kSecureContextCheckForSandboxedOriginPassed | 6542 ? UseCounter::kSecureContextCheckForSandboxedOriginPassed |
| 6549 : UseCounter::kSecureContextCheckForSandboxedOriginFailed); | 6543 : UseCounter::kSecureContextCheckForSandboxedOriginFailed); |
| 6550 } | 6544 } |
| 6551 UseCounter::Count(*this, is_secure ? UseCounter::kSecureContextCheckPassed | 6545 UseCounter::Count(*this, is_secure ? UseCounter::kSecureContextCheckPassed |
| 6552 : UseCounter::kSecureContextCheckFailed); | 6546 : UseCounter::kSecureContextCheckFailed); |
| 6553 return is_secure; | 6547 return is_secure; |
| 6554 } | 6548 } |
| (...skipping 180 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 6735 } | 6729 } |
| 6736 | 6730 |
| 6737 void showLiveDocumentInstances() { | 6731 void showLiveDocumentInstances() { |
| 6738 WeakDocumentSet& set = liveDocumentSet(); | 6732 WeakDocumentSet& set = liveDocumentSet(); |
| 6739 fprintf(stderr, "There are %u documents currently alive:\n", set.size()); | 6733 fprintf(stderr, "There are %u documents currently alive:\n", set.size()); |
| 6740 for (blink::Document* document : set) | 6734 for (blink::Document* document : set) |
| 6741 fprintf(stderr, "- Document %p URL: %s\n", document, | 6735 fprintf(stderr, "- Document %p URL: %s\n", document, |
| 6742 document->Url().GetString().Utf8().data()); | 6736 document->Url().GetString().Utf8().data()); |
| 6743 } | 6737 } |
| 6744 #endif | 6738 #endif |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2838603002:
Added [SecureContext] to the subtle attribute (Closed)
