OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2009 Google Inc. All rights reserved. | 2 * Copyright (C) 2009 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 22 matching lines...) Expand all Loading... |
33 #include "bindings/core/v8/ExceptionState.h" | 33 #include "bindings/core/v8/ExceptionState.h" |
34 #include "bindings/core/v8/V8BindingForCore.h" | 34 #include "bindings/core/v8/V8BindingForCore.h" |
35 #include "bindings/core/v8/V8Location.h" | 35 #include "bindings/core/v8/V8Location.h" |
36 #include "bindings/core/v8/V8Window.h" | 36 #include "bindings/core/v8/V8Window.h" |
37 #include "core/dom/Document.h" | 37 #include "core/dom/Document.h" |
38 #include "core/frame/DOMWindow.h" | 38 #include "core/frame/DOMWindow.h" |
39 #include "core/frame/LocalDOMWindow.h" | 39 #include "core/frame/LocalDOMWindow.h" |
40 #include "core/frame/LocalFrame.h" | 40 #include "core/frame/LocalFrame.h" |
41 #include "core/frame/Location.h" | 41 #include "core/frame/Location.h" |
42 #include "core/frame/Settings.h" | 42 #include "core/frame/Settings.h" |
| 43 #include "core/frame/UseCounter.h" |
43 #include "core/html/HTMLFrameElementBase.h" | 44 #include "core/html/HTMLFrameElementBase.h" |
44 #include "core/workers/MainThreadWorkletGlobalScope.h" | 45 #include "core/workers/MainThreadWorkletGlobalScope.h" |
45 #include "platform/bindings/WrapperCreationSecurityCheck.h" | 46 #include "platform/bindings/WrapperCreationSecurityCheck.h" |
46 #include "platform/weborigin/SecurityOrigin.h" | 47 #include "platform/weborigin/SecurityOrigin.h" |
47 | 48 |
48 namespace blink { | 49 namespace blink { |
49 | 50 |
50 namespace { | 51 namespace { |
51 | 52 |
52 bool CanAccessWindowInternal(const LocalDOMWindow* accessing_window, | 53 bool CanAccessWindowInternal(const LocalDOMWindow* accessing_window, |
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
126 ExceptionState& exception_state) { | 127 ExceptionState& exception_state) { |
127 DCHECK(target); | 128 DCHECK(target); |
128 | 129 |
129 // TODO(https://crbug.com/723057): This is intended to match the legacy | 130 // TODO(https://crbug.com/723057): This is intended to match the legacy |
130 // behavior of when access checks revolved around Frame pointers rather than | 131 // behavior of when access checks revolved around Frame pointers rather than |
131 // DOMWindow pointers. This prevents web-visible behavior changes, since the | 132 // DOMWindow pointers. This prevents web-visible behavior changes, since the |
132 // previous implementation had to follow the back pointer to the Frame, and | 133 // previous implementation had to follow the back pointer to the Frame, and |
133 // would have to early return when it was null. | 134 // would have to early return when it was null. |
134 if (!target->GetFrame()) | 135 if (!target->GetFrame()) |
135 return false; | 136 return false; |
| 137 bool can_access = CanAccessWindow(accessing_window, target, exception_state); |
136 | 138 |
137 return CanAccessWindow(accessing_window, target, exception_state); | 139 if (!can_access) { |
| 140 UseCounter::Count(accessing_window->GetFrame(), |
| 141 UseCounter::kCrossOriginPropertyAccess); |
| 142 if (target->opener() == accessing_window) { |
| 143 UseCounter::Count(accessing_window->GetFrame(), |
| 144 UseCounter::kCrossOriginPropertyAccessFromOpener); |
| 145 } |
| 146 } |
| 147 |
| 148 return can_access; |
138 } | 149 } |
139 | 150 |
140 bool BindingSecurity::ShouldAllowAccessTo( | 151 bool BindingSecurity::ShouldAllowAccessTo( |
141 const LocalDOMWindow* accessing_window, | 152 const LocalDOMWindow* accessing_window, |
142 const DOMWindow* target, | 153 const DOMWindow* target, |
143 ErrorReportOption reporting_option) { | 154 ErrorReportOption reporting_option) { |
144 DCHECK(target); | 155 DCHECK(target); |
145 | 156 |
146 // TODO(https://crbug.com/723057): This is intended to match the legacy | 157 // TODO(https://crbug.com/723057): This is intended to match the legacy |
147 // behavior of when access checks revolved around Frame pointers rather than | 158 // behavior of when access checks revolved around Frame pointers rather than |
148 // DOMWindow pointers. This prevents web-visible behavior changes, since the | 159 // DOMWindow pointers. This prevents web-visible behavior changes, since the |
149 // previous implementation had to follow the back pointer to the Frame, and | 160 // previous implementation had to follow the back pointer to the Frame, and |
150 // would have to early return when it was null. | 161 // would have to early return when it was null. |
151 if (!target->GetFrame()) | 162 if (!target->GetFrame()) |
152 return false; | 163 return false; |
153 | 164 |
154 return CanAccessWindow(accessing_window, target, reporting_option); | 165 bool can_access = CanAccessWindow(accessing_window, target, reporting_option); |
| 166 |
| 167 if (!can_access) { |
| 168 UseCounter::Count(accessing_window->GetFrame(), |
| 169 UseCounter::kCrossOriginPropertyAccess); |
| 170 if (target->opener() == accessing_window) { |
| 171 UseCounter::Count(accessing_window->GetFrame(), |
| 172 UseCounter::kCrossOriginPropertyAccessFromOpener); |
| 173 } |
| 174 } |
| 175 |
| 176 return can_access; |
155 } | 177 } |
156 | 178 |
157 bool BindingSecurity::ShouldAllowAccessTo( | 179 bool BindingSecurity::ShouldAllowAccessTo( |
158 const LocalDOMWindow* accessing_window, | 180 const LocalDOMWindow* accessing_window, |
159 const Location* target, | 181 const Location* target, |
160 ExceptionState& exception_state) { | 182 ExceptionState& exception_state) { |
161 DCHECK(target); | 183 DCHECK(target); |
162 | 184 |
163 // TODO(https://crbug.com/723057): This is intended to match the legacy | 185 // TODO(https://crbug.com/723057): This is intended to match the legacy |
164 // behavior of when access checks revolved around Frame pointers rather than | 186 // behavior of when access checks revolved around Frame pointers rather than |
165 // DOMWindow pointers. This prevents web-visible behavior changes, since the | 187 // DOMWindow pointers. This prevents web-visible behavior changes, since the |
166 // previous implementation had to follow the back pointer to the Frame, and | 188 // previous implementation had to follow the back pointer to the Frame, and |
167 // would have to early return when it was null. | 189 // would have to early return when it was null. |
168 if (!target->DomWindow()->GetFrame()) | 190 if (!target->DomWindow()->GetFrame()) |
169 return false; | 191 return false; |
170 | 192 |
171 return CanAccessWindow(accessing_window, target->DomWindow(), | 193 bool can_access = |
172 exception_state); | 194 CanAccessWindow(accessing_window, target->DomWindow(), exception_state); |
| 195 |
| 196 if (!can_access) { |
| 197 UseCounter::Count(accessing_window->GetFrame(), |
| 198 UseCounter::kCrossOriginPropertyAccess); |
| 199 if (target->DomWindow()->opener() == accessing_window) { |
| 200 UseCounter::Count(accessing_window->GetFrame(), |
| 201 UseCounter::kCrossOriginPropertyAccessFromOpener); |
| 202 } |
| 203 } |
| 204 |
| 205 return can_access; |
173 } | 206 } |
174 | 207 |
175 bool BindingSecurity::ShouldAllowAccessTo( | 208 bool BindingSecurity::ShouldAllowAccessTo( |
176 const LocalDOMWindow* accessing_window, | 209 const LocalDOMWindow* accessing_window, |
177 const Location* target, | 210 const Location* target, |
178 ErrorReportOption reporting_option) { | 211 ErrorReportOption reporting_option) { |
179 DCHECK(target); | 212 DCHECK(target); |
180 | 213 |
181 // TODO(https://crbug.com/723057): This is intended to match the legacy | 214 // TODO(https://crbug.com/723057): This is intended to match the legacy |
182 // behavior of when access checks revolved around Frame pointers rather than | 215 // behavior of when access checks revolved around Frame pointers rather than |
183 // DOMWindow pointers. This prevents web-visible behavior changes, since the | 216 // DOMWindow pointers. This prevents web-visible behavior changes, since the |
184 // previous implementation had to follow the back pointer to the Frame, and | 217 // previous implementation had to follow the back pointer to the Frame, and |
185 // would have to early return when it was null. | 218 // would have to early return when it was null. |
186 if (!target->DomWindow()->GetFrame()) | 219 if (!target->DomWindow()->GetFrame()) |
187 return false; | 220 return false; |
188 | 221 |
189 return CanAccessWindow(accessing_window, target->DomWindow(), | 222 bool can_access = |
190 reporting_option); | 223 CanAccessWindow(accessing_window, target->DomWindow(), reporting_option); |
| 224 |
| 225 if (!can_access) { |
| 226 UseCounter::Count(accessing_window->GetFrame(), |
| 227 UseCounter::kCrossOriginPropertyAccess); |
| 228 if (target->DomWindow()->opener() == accessing_window) { |
| 229 UseCounter::Count(accessing_window->GetFrame(), |
| 230 UseCounter::kCrossOriginPropertyAccessFromOpener); |
| 231 } |
| 232 } |
| 233 |
| 234 return can_access; |
191 } | 235 } |
192 | 236 |
193 bool BindingSecurity::ShouldAllowAccessTo( | 237 bool BindingSecurity::ShouldAllowAccessTo( |
194 const LocalDOMWindow* accessing_window, | 238 const LocalDOMWindow* accessing_window, |
195 const Node* target, | 239 const Node* target, |
196 ExceptionState& exception_state) { | 240 ExceptionState& exception_state) { |
197 if (!target) | 241 if (!target) |
198 return false; | 242 return false; |
199 return CanAccessWindow(accessing_window, target->GetDocument().domWindow(), | 243 return CanAccessWindow(accessing_window, target->GetDocument().domWindow(), |
200 exception_state); | 244 exception_state); |
(...skipping 141 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
342 // TODO(dcheng): Add ContextType, interface name, and property name as | 386 // TODO(dcheng): Add ContextType, interface name, and property name as |
343 // arguments, so the generated exception can be more descriptive. | 387 // arguments, so the generated exception can be more descriptive. |
344 ExceptionState exception_state(isolate, ExceptionState::kUnknownContext, | 388 ExceptionState exception_state(isolate, ExceptionState::kUnknownContext, |
345 nullptr, nullptr); | 389 nullptr, nullptr); |
346 exception_state.ThrowSecurityError( | 390 exception_state.ThrowSecurityError( |
347 target->SanitizedCrossDomainAccessErrorMessage(CurrentDOMWindow(isolate)), | 391 target->SanitizedCrossDomainAccessErrorMessage(CurrentDOMWindow(isolate)), |
348 target->CrossDomainAccessErrorMessage(CurrentDOMWindow(isolate))); | 392 target->CrossDomainAccessErrorMessage(CurrentDOMWindow(isolate))); |
349 } | 393 } |
350 | 394 |
351 } // namespace blink | 395 } // namespace blink |
OLD | NEW |