Index: third_party/WebKit/Source/modules/payments/PaymentRequestEvent.cpp |
diff --git a/third_party/WebKit/Source/modules/payments/PaymentRequestEvent.cpp b/third_party/WebKit/Source/modules/payments/PaymentRequestEvent.cpp |
index 748de28bfa536339d42abb6323929f6bd6341052..72d8a63fe3e68db1e04711cea28126772781a890 100644 |
--- a/third_party/WebKit/Source/modules/payments/PaymentRequestEvent.cpp |
+++ b/third_party/WebKit/Source/modules/payments/PaymentRequestEvent.cpp |
@@ -4,7 +4,14 @@ |
#include "modules/payments/PaymentRequestEvent.h" |
+#include "bindings/core/v8/ScriptPromiseResolver.h" |
+#include "core/dom/DOMException.h" |
+#include "core/workers/WorkerGlobalScope.h" |
+#include "core/workers/WorkerLocation.h" |
#include "modules/serviceworkers/RespondWithObserver.h" |
+#include "modules/serviceworkers/ServiceWorkerGlobalScopeClient.h" |
+#include "modules/serviceworkers/ServiceWorkerWindowClientCallback.h" |
+#include "platform/wtf/PtrUtil.h" |
#include "platform/wtf/text/AtomicString.h" |
namespace blink { |
@@ -53,6 +60,51 @@ const String& PaymentRequestEvent::instrumentKey() const { |
return instrument_key_; |
} |
+ScriptPromise PaymentRequestEvent::openWindow(ScriptState* script_state, |
+ const String& url) { |
+ ScriptPromiseResolver* resolver = ScriptPromiseResolver::Create(script_state); |
+ ScriptPromise promise = resolver->Promise(); |
+ ExecutionContext* context = ExecutionContext::From(script_state); |
+ |
+ KURL parsed_url_to_open = |
+ KURL(ToWorkerGlobalScope(context)->location()->Url(), url); |
+ if (!parsed_url_to_open.IsValid()) { |
+ resolver->Reject(V8ThrowException::CreateTypeError( |
+ script_state->GetIsolate(), "'" + url + "' is not a valid URL.")); |
+ return promise; |
+ } |
+ |
+ if (!context->GetSecurityOrigin()->CanDisplay(parsed_url_to_open)) { |
+ resolver->Reject(V8ThrowException::CreateTypeError( |
+ script_state->GetIsolate(), |
+ "'" + parsed_url_to_open.ElidedString() + "' cannot be opened.")); |
+ return promise; |
+ } |
+ |
+ if (!context->GetSecurityOrigin()->CanAccess( |
+ SecurityOrigin::Create(parsed_url_to_open).Get())) { |
+ resolver->Reject(DOMException::Create( |
+ kSecurityError, |
+ "'" + parsed_url_to_open.ElidedString() + "' is not allowed.")); |
+ return promise; |
+ } |
please use gerrit instead
2017/06/01 17:50:37
Which one of these checks prevents a SW from https
gogerald1
2017/06/02 03:33:11
CanAccess
|
+ |
+ if (!context->IsWindowInteractionAllowed()) { |
+ resolver->Reject(DOMException::Create(kInvalidAccessError, |
+ "Not allowed to open a window.")); |
+ return promise; |
+ } |
+ context->ConsumeWindowInteraction(); |
+ |
+ // TODO(gogerald): Use full url instead of origin for redirect_url to figure |
+ // out the exact payment request web page, like used in createPopupCustomTab |
+ // in TabDelegate.java for Android. |
+ ServiceWorkerGlobalScopeClient::From(context)->OpenWindowForPaymentHandle( |
please use gerrit instead
2017/06/01 17:50:37
OpenWindowForPaymentHandler -- need "r" at the end
gogerald1
2017/06/02 03:33:11
Done.
|
+ KURL(kParsedURLString, top_level_origin_), parsed_url_to_open, |
+ WTF::MakeUnique<NavigateClientCallback>(resolver)); |
+ return promise; |
+} |
+ |
void PaymentRequestEvent::respondWith(ScriptState* script_state, |
ScriptPromise script_promise, |
ExceptionState& exception_state) { |