| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2013 Google, Inc. All Rights Reserved. | 2 * Copyright (C) 2013 Google, Inc. All Rights Reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 10 matching lines...) Expand all Loading... |
| 21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | 21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 24 */ | 24 */ |
| 25 | 25 |
| 26 #include "config.h" | 26 #include "config.h" |
| 27 #include "core/html/parser/XSSAuditorDelegate.h" | 27 #include "core/html/parser/XSSAuditorDelegate.h" |
| 28 | 28 |
| 29 #include "core/dom/Document.h" | 29 #include "core/dom/Document.h" |
| 30 #include "core/frame/LocalFrame.h" | 30 #include "core/frame/LocalFrame.h" |
| 31 #include "core/inspector/ConsoleMessage.h" |
| 31 #include "core/loader/DocumentLoader.h" | 32 #include "core/loader/DocumentLoader.h" |
| 32 #include "core/loader/FrameLoader.h" | 33 #include "core/loader/FrameLoader.h" |
| 33 #include "core/loader/FrameLoaderClient.h" | 34 #include "core/loader/FrameLoaderClient.h" |
| 34 #include "core/loader/PingLoader.h" | 35 #include "core/loader/PingLoader.h" |
| 35 #include "platform/JSONValues.h" | 36 #include "platform/JSONValues.h" |
| 36 #include "platform/network/FormData.h" | 37 #include "platform/network/FormData.h" |
| 37 #include "platform/weborigin/SecurityOrigin.h" | 38 #include "platform/weborigin/SecurityOrigin.h" |
| 38 #include "wtf/text/StringBuilder.h" | 39 #include "wtf/text/StringBuilder.h" |
| 39 | 40 |
| 40 namespace WebCore { | 41 namespace WebCore { |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 91 RefPtr<JSONObject> reportObject = JSONObject::create(); | 92 RefPtr<JSONObject> reportObject = JSONObject::create(); |
| 92 reportObject->setObject("xss-report", reportDetails.release()); | 93 reportObject->setObject("xss-report", reportDetails.release()); |
| 93 | 94 |
| 94 return FormData::create(reportObject->toJSONString().utf8().data()); | 95 return FormData::create(reportObject->toJSONString().utf8().data()); |
| 95 } | 96 } |
| 96 | 97 |
| 97 void XSSAuditorDelegate::didBlockScript(const XSSInfo& xssInfo) | 98 void XSSAuditorDelegate::didBlockScript(const XSSInfo& xssInfo) |
| 98 { | 99 { |
| 99 ASSERT(isMainThread()); | 100 ASSERT(isMainThread()); |
| 100 | 101 |
| 101 m_document->addConsoleMessage(JSMessageSource, ErrorMessageLevel, xssInfo.bu
ildConsoleError()); | 102 m_document->addConsoleMessage(ConsoleMessage::create(JSMessageSource, ErrorM
essageLevel, xssInfo.buildConsoleError())); |
| 102 | 103 |
| 103 // stopAllLoaders can detach the LocalFrame, so protect it. | 104 // stopAllLoaders can detach the LocalFrame, so protect it. |
| 104 RefPtr<LocalFrame> protect(m_document->frame()); | 105 RefPtr<LocalFrame> protect(m_document->frame()); |
| 105 FrameLoader& frameLoader = m_document->frame()->loader(); | 106 FrameLoader& frameLoader = m_document->frame()->loader(); |
| 106 if (xssInfo.m_didBlockEntirePage) | 107 if (xssInfo.m_didBlockEntirePage) |
| 107 frameLoader.stopAllLoaders(); | 108 frameLoader.stopAllLoaders(); |
| 108 | 109 |
| 109 if (!m_didSendNotifications) { | 110 if (!m_didSendNotifications) { |
| 110 m_didSendNotifications = true; | 111 m_didSendNotifications = true; |
| 111 | 112 |
| 112 frameLoader.client()->didDetectXSS(m_document->url(), xssInfo.m_didBlock
EntirePage); | 113 frameLoader.client()->didDetectXSS(m_document->url(), xssInfo.m_didBlock
EntirePage); |
| 113 | 114 |
| 114 if (!m_reportURL.isEmpty()) | 115 if (!m_reportURL.isEmpty()) |
| 115 PingLoader::sendViolationReport(m_document->frame(), m_reportURL, ge
nerateViolationReport(xssInfo), PingLoader::XSSAuditorViolationReport); | 116 PingLoader::sendViolationReport(m_document->frame(), m_reportURL, ge
nerateViolationReport(xssInfo), PingLoader::XSSAuditorViolationReport); |
| 116 } | 117 } |
| 117 | 118 |
| 118 if (xssInfo.m_didBlockEntirePage) | 119 if (xssInfo.m_didBlockEntirePage) |
| 119 m_document->frame()->navigationScheduler().scheduleLocationChange(m_docu
ment, SecurityOrigin::urlWithUniqueSecurityOrigin(), Referrer()); | 120 m_document->frame()->navigationScheduler().scheduleLocationChange(m_docu
ment, SecurityOrigin::urlWithUniqueSecurityOrigin(), Referrer()); |
| 120 } | 121 } |
| 121 | 122 |
| 122 } // namespace WebCore | 123 } // namespace WebCore |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 376213002:
DevTools: Make FrameConsole methods accept ConsoleMessage objects. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@scriptFailedToParse