| Index: Source/platform/weborigin/SecurityOrigin.h
|
| diff --git a/Source/platform/weborigin/SecurityOrigin.h b/Source/platform/weborigin/SecurityOrigin.h
|
| index b43766449a1e9bd62f1a6648c8a8731bc0312ca3..e070c2713877a9954558aa8b15f3607117a13ef2 100644
|
| --- a/Source/platform/weborigin/SecurityOrigin.h
|
| +++ b/Source/platform/weborigin/SecurityOrigin.h
|
| @@ -113,6 +113,13 @@ public:
|
| // display content from the user's files system.
|
| bool canDisplay(const KURL&) const;
|
|
|
| + // A "secure origin" as defined by [1] are those that load resources either
|
| + // from the local machine (necessarily trusted) or over the network from a
|
| + // cryptographically-authenticated server.
|
| + //
|
| + // [1] http://www.chromium.org/Home/chromium-security/security-faq#TOC-Which-origins-are-secure-
|
| + bool canAccessFeatureRequiringSecureOrigin() const;
|
| +
|
| // Returns true if this SecurityOrigin can load local resources, such
|
| // as images, iframes, and style sheets, and can link to local URLs.
|
| // For example, call this function before creating an iframe to a
|
| @@ -131,7 +138,7 @@ public:
|
| // with older versions of WebKit.
|
| void grantLoadLocalResources();
|
|
|
| - // Explicitly grant the ability to access very other SecurityOrigin.
|
| + // Explicitly grant the ability to access every other SecurityOrigin.
|
| //
|
| // WARNING: This is an extremely powerful ability. Use with caution!
|
| void grantUniversalAccess();
|
|
|
Chromium Code Reviews
Issue 299253003:
[webcrypto] Only allow crypto.subtle.* to be used from "secure origins". (Closed)
Base URL: svn://svn.chromium.org/blink/trunk