OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
5 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009 Apple Inc. All rights reserv
ed. | 5 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009 Apple Inc. All rights reserv
ed. |
6 * (C) 2006 Alexey Proskuryakov (ap@nypop.com) | 6 * (C) 2006 Alexey Proskuryakov (ap@nypop.com) |
7 * | 7 * |
8 * This library is free software; you can redistribute it and/or | 8 * This library is free software; you can redistribute it and/or |
9 * modify it under the terms of the GNU Library General Public | 9 * modify it under the terms of the GNU Library General Public |
10 * License as published by the Free Software Foundation; either | 10 * License as published by the Free Software Foundation; either |
(...skipping 19 matching lines...) Expand all Loading... |
30 #include "bindings/v8/ScriptController.h" | 30 #include "bindings/v8/ScriptController.h" |
31 #include "bindings/v8/ScriptEventListener.h" | 31 #include "bindings/v8/ScriptEventListener.h" |
32 #include "core/dom/Attribute.h" | 32 #include "core/dom/Attribute.h" |
33 #include "core/dom/Document.h" | 33 #include "core/dom/Document.h" |
34 #include "core/dom/ElementTraversal.h" | 34 #include "core/dom/ElementTraversal.h" |
35 #include "core/dom/IdTargetObserverRegistry.h" | 35 #include "core/dom/IdTargetObserverRegistry.h" |
36 #include "core/events/AutocompleteErrorEvent.h" | 36 #include "core/events/AutocompleteErrorEvent.h" |
37 #include "core/events/Event.h" | 37 #include "core/events/Event.h" |
38 #include "core/events/GenericEventQueue.h" | 38 #include "core/events/GenericEventQueue.h" |
39 #include "core/events/ScopedEventQueue.h" | 39 #include "core/events/ScopedEventQueue.h" |
| 40 #include "core/frame/DOMWindow.h" |
| 41 #include "core/frame/LocalFrame.h" |
| 42 #include "core/frame/UseCounter.h" |
| 43 #include "core/frame/csp/ContentSecurityPolicy.h" |
40 #include "core/html/HTMLCollection.h" | 44 #include "core/html/HTMLCollection.h" |
41 #include "core/html/HTMLDialogElement.h" | 45 #include "core/html/HTMLDialogElement.h" |
42 #include "core/html/HTMLImageElement.h" | 46 #include "core/html/HTMLImageElement.h" |
43 #include "core/html/HTMLInputElement.h" | 47 #include "core/html/HTMLInputElement.h" |
44 #include "core/html/HTMLObjectElement.h" | 48 #include "core/html/HTMLObjectElement.h" |
45 #include "core/html/RadioNodeList.h" | 49 #include "core/html/RadioNodeList.h" |
46 #include "core/html/forms/FormController.h" | 50 #include "core/html/forms/FormController.h" |
47 #include "core/loader/FrameLoader.h" | 51 #include "core/loader/FrameLoader.h" |
48 #include "core/loader/FrameLoaderClient.h" | 52 #include "core/loader/FrameLoaderClient.h" |
49 #include "core/frame/DOMWindow.h" | 53 #include "core/loader/MixedContentChecker.h" |
50 #include "core/frame/LocalFrame.h" | |
51 #include "core/frame/UseCounter.h" | |
52 #include "core/frame/csp/ContentSecurityPolicy.h" | |
53 #include "core/rendering/RenderTextControl.h" | 54 #include "core/rendering/RenderTextControl.h" |
54 #include "platform/UserGestureIndicator.h" | 55 #include "platform/UserGestureIndicator.h" |
| 56 #include "wtf/text/AtomicString.h" |
55 | 57 |
56 using namespace std; | 58 using namespace std; |
57 | 59 |
58 namespace WebCore { | 60 namespace WebCore { |
59 | 61 |
60 using namespace HTMLNames; | 62 using namespace HTMLNames; |
61 | 63 |
62 HTMLFormElement::HTMLFormElement(Document& document) | 64 HTMLFormElement::HTMLFormElement(Document& document) |
63 : HTMLElement(formTag, document) | 65 : HTMLElement(formTag, document) |
64 #if !ENABLE(OILPAN) | 66 #if !ENABLE(OILPAN) |
(...skipping 320 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
385 ASSERT(submission->state()); | 387 ASSERT(submission->state()); |
386 if (submission->action().isEmpty()) | 388 if (submission->action().isEmpty()) |
387 return; | 389 return; |
388 if (document().isSandboxed(SandboxForms)) { | 390 if (document().isSandboxed(SandboxForms)) { |
389 // FIXME: This message should be moved off the console once a solution t
o https://bugs.webkit.org/show_bug.cgi?id=103274 exists. | 391 // FIXME: This message should be moved off the console once a solution t
o https://bugs.webkit.org/show_bug.cgi?id=103274 exists. |
390 document().addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, "
Blocked form submission to '" + submission->action().elidedString() + "' because
the form's frame is sandboxed and the 'allow-forms' permission is not set."); | 392 document().addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, "
Blocked form submission to '" + submission->action().elidedString() + "' because
the form's frame is sandboxed and the 'allow-forms' permission is not set."); |
391 return; | 393 return; |
392 } | 394 } |
393 | 395 |
394 if (protocolIsJavaScript(submission->action())) { | 396 if (protocolIsJavaScript(submission->action())) { |
395 if (!document().contentSecurityPolicy()->allowFormAction(KURL(submission
->action()))) | 397 if (!document().contentSecurityPolicy()->allowFormAction(submission->act
ion())) |
396 return; | 398 return; |
397 document().frame()->script().executeScriptIfJavaScriptURL(submission->ac
tion()); | 399 document().frame()->script().executeScriptIfJavaScriptURL(submission->ac
tion()); |
398 return; | 400 return; |
399 } | 401 } |
400 | 402 |
401 LocalFrame* targetFrame = document().frame()->loader().findFrameForNavigatio
n(submission->target(), submission->state()->sourceDocument()); | 403 LocalFrame* targetFrame = document().frame()->loader().findFrameForNavigatio
n(submission->target(), submission->state()->sourceDocument()); |
402 if (!targetFrame) { | 404 if (!targetFrame) { |
403 if (!DOMWindow::allowPopUp(*document().frame()) && !UserGestureIndicator
::processingUserGesture()) | 405 if (!DOMWindow::allowPopUp(*document().frame()) && !UserGestureIndicator
::processingUserGesture()) |
404 return; | 406 return; |
405 targetFrame = document().frame(); | 407 targetFrame = document().frame(); |
406 } else { | 408 } else { |
407 submission->clearTarget(); | 409 submission->clearTarget(); |
408 } | 410 } |
409 if (!targetFrame->page()) | 411 if (!targetFrame->page()) |
410 return; | 412 return; |
411 | 413 |
| 414 if (MixedContentChecker::isMixedContent(document().securityOrigin(), submiss
ion->action())) { |
| 415 UseCounter::count(document(), UseCounter::MixedContentFormsSubmitted); |
| 416 if (!document().frame()->loader().mixedContentChecker()->canSubmitToInse
cureForm(document().securityOrigin(), submission->action())) |
| 417 return; |
| 418 } else { |
| 419 UseCounter::count(document(), UseCounter::FormsSubmitted); |
| 420 } |
| 421 |
412 submission->setReferrer(Referrer(document().outgoingReferrer(), document().r
eferrerPolicy())); | 422 submission->setReferrer(Referrer(document().outgoingReferrer(), document().r
eferrerPolicy())); |
413 submission->setOrigin(document().outgoingOrigin()); | 423 submission->setOrigin(document().outgoingOrigin()); |
414 | 424 |
415 targetFrame->navigationScheduler().scheduleFormSubmission(submission); | 425 targetFrame->navigationScheduler().scheduleFormSubmission(submission); |
416 } | 426 } |
417 | 427 |
418 void HTMLFormElement::reset() | 428 void HTMLFormElement::reset() |
419 { | 429 { |
420 LocalFrame* frame = document().frame(); | 430 LocalFrame* frame = document().frame(); |
421 if (m_isInResetFunction || !frame) | 431 if (m_isInResetFunction || !frame) |
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
469 event = AutocompleteErrorEvent::create("invalid"); | 479 event = AutocompleteErrorEvent::create("invalid"); |
470 else | 480 else |
471 ASSERT_NOT_REACHED(); | 481 ASSERT_NOT_REACHED(); |
472 | 482 |
473 event->setTarget(this); | 483 event->setTarget(this); |
474 m_pendingAutocompleteEventsQueue->enqueueEvent(event.release()); | 484 m_pendingAutocompleteEventsQueue->enqueueEvent(event.release()); |
475 } | 485 } |
476 | 486 |
477 void HTMLFormElement::parseAttribute(const QualifiedName& name, const AtomicStri
ng& value) | 487 void HTMLFormElement::parseAttribute(const QualifiedName& name, const AtomicStri
ng& value) |
478 { | 488 { |
479 if (name == actionAttr) | 489 if (name == actionAttr) { |
480 m_attributes.parseAction(value); | 490 m_attributes.parseAction(document(), value); |
481 else if (name == targetAttr) | 491 // If the new action attribute is pointing to insecure "action" location
from a secure page |
| 492 // it is marked as "passive" mixed content. |
| 493 KURL actionURL = m_attributes.action().isEmpty() ? document().url() : m_
attributes.action(); |
| 494 if (MixedContentChecker::isMixedContent(document().securityOrigin(), act
ionURL)) |
| 495 document().frame()->loader().mixedContentChecker()->canSubmitToInsec
ureForm(document().securityOrigin(), actionURL); |
| 496 } else if (name == targetAttr) |
482 m_attributes.setTarget(value); | 497 m_attributes.setTarget(value); |
483 else if (name == methodAttr) | 498 else if (name == methodAttr) |
484 m_attributes.updateMethodType(value); | 499 m_attributes.updateMethodType(value); |
485 else if (name == enctypeAttr) | 500 else if (name == enctypeAttr) |
486 m_attributes.updateEncodingType(value); | 501 m_attributes.updateEncodingType(value); |
487 else if (name == accept_charsetAttr) | 502 else if (name == accept_charsetAttr) |
488 m_attributes.setAcceptCharset(value); | 503 m_attributes.setAcceptCharset(value); |
489 else if (name == onautocompleteAttr) | 504 else if (name == onautocompleteAttr) |
490 setAttributeEventListener(EventTypeNames::autocomplete, createAttributeE
ventListener(this, name, value)); | 505 setAttributeEventListener(EventTypeNames::autocomplete, createAttributeE
ventListener(this, name, value)); |
491 else if (name == onautocompleteerrorAttr) | 506 else if (name == onautocompleteerrorAttr) |
(...skipping 292 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
784 } | 799 } |
785 | 800 |
786 void HTMLFormElement::setDemoted(bool demoted) | 801 void HTMLFormElement::setDemoted(bool demoted) |
787 { | 802 { |
788 if (demoted) | 803 if (demoted) |
789 UseCounter::count(document(), UseCounter::DemotedFormElement); | 804 UseCounter::count(document(), UseCounter::DemotedFormElement); |
790 m_wasDemoted = demoted; | 805 m_wasDemoted = demoted; |
791 } | 806 } |
792 | 807 |
793 } // namespace | 808 } // namespace |
OLD | NEW |