Chromium Code Reviews Chromium Code Reviews
Issue 392993005:
Custom handlers should throw SecurityError exception if the URL's origin differs from the document'… (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2011, Google Inc. All rights reserved. | 2 * Copyright (C) 2011, Google Inc. All rights reserved. |
| 3 * Copyright (C) 2014, Samsung Electronics. All rights reserved. | 3 * Copyright (C) 2014, Samsung Electronics. All rights reserved. |
| 4 * | 4 * |
| 5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
| 6 * modification, are permitted provided that the following conditions are met: | 6 * modification, are permitted provided that the following conditions are met: |
| 7 * | 7 * |
| 8 * 1. Redistributions of source code must retain the above copyright | 8 * 1. Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * 2. Redistributions in binary form must reproduce the above copyright | 10 * 2. Redistributions in binary form must reproduce the above copyright |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 61 "tel", | 61 "tel", |
| 62 "urn", | 62 "urn", |
| 63 "webcal", | 63 "webcal", |
| 64 "wtai", | 64 "wtai", |
| 65 "xmpp", | 65 "xmpp", |
| 66 }; | 66 }; |
| 67 for (size_t i = 0; i < WTF_ARRAY_LENGTH(protocols); ++i) | 67 for (size_t i = 0; i < WTF_ARRAY_LENGTH(protocols); ++i) |
| 68 protocolWhitelist->add(protocols[i]); | 68 protocolWhitelist->add(protocols[i]); |
| 69 } | 69 } |
| 70 | 70 |
| 71 static bool verifyCustomHandlerURL(const KURL& baseURL, const String& url, Excep tionState& exceptionState) | 71 static bool verifyCustomHandlerURL(const Document& document, const String& url, ExceptionState& exceptionState) |
| 72 { | 72 { |
| 73 // The specification requires that it is a SyntaxError if the "%s" token is | 73 // The specification requires that it is a SyntaxError if the "%s" token is |
| 74 // not present. | 74 // not present. |
| 75 static const char token[] = "%s"; | 75 static const char token[] = "%s"; |
| 76 int index = url.find(token); | 76 int index = url.find(token); |
| 77 if (-1 == index) { | 77 if (-1 == index) { |
| 78 exceptionState.throwDOMException(SyntaxError, "The url provided ('" + ur l + "') does not contain '%s'."); | 78 exceptionState.throwDOMException(SyntaxError, "The url provided ('" + ur l + "') does not contain '%s'."); |
| 79 return false; | 79 return false; |
| 80 } | 80 } |
| 81 | 81 |
| 82 // It is also a SyntaxError if the custom handler URL, as created by removin g | 82 // It is also a SyntaxError if the custom handler URL, as created by removin g |
| 83 // the "%s" token and prepending the base url, does not resolve. | 83 // the "%s" token and prepending the base url, does not resolve. |
| 84 String newURL = url; | 84 String newURL = url; |
| 85 newURL.remove(index, WTF_ARRAY_LENGTH(token) - 1); | 85 newURL.remove(index, WTF_ARRAY_LENGTH(token) - 1); |
| 86 | 86 |
| 87 KURL baseURL = document.baseURL(); | |
| 87 KURL kurl(baseURL, newURL); | 88 KURL kurl(baseURL, newURL); |
| 88 | 89 |
| 89 if (kurl.isEmpty() || !kurl.isValid()) { | 90 if (kurl.isEmpty() || !kurl.isValid()) { |
| 90 exceptionState.throwDOMException(SyntaxError, "The custom handler URL cr eated by removing '%s' and prepending '" + baseURL.string() + "' is invalid."); | 91 exceptionState.throwDOMException(SyntaxError, "The custom handler URL cr eated by removing '%s' and prepending '" + baseURL.string() + "' is invalid."); |
| 91 return false; | 92 return false; |
| 92 } | 93 } |
| 93 | 94 |
| 95 // The specification says that the API throws SecurityError exception if the URL's origin differs from the document's origin. | |
| 96 if (!document.securityOrigin()->canRequest(kurl)) { | |
| 97 exceptionState.throwSecurityError("Can only register custom handler in t he document's origin."); | |
| 98 return false; | |
| 99 } | |
| 100 | |
| 94 return true; | 101 return true; |
| 95 } | 102 } |
| 96 | 103 |
| 97 static bool isProtocolWhitelisted(const String& scheme) | 104 static bool isProtocolWhitelisted(const String& scheme) |
| 98 { | 105 { |
| 99 if (!protocolWhitelist) | 106 if (!protocolWhitelist) |
| 100 initProtocolHandlerWhitelist(); | 107 initProtocolHandlerWhitelist(); |
| 101 | 108 |
| 102 StringBuilder builder; | 109 StringBuilder builder; |
| 103 unsigned length = scheme.length(); | 110 unsigned length = scheme.length(); |
| (...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 142 PassOwnPtrWillBeRawPtr<NavigatorContentUtils> NavigatorContentUtils::create(Pass OwnPtr<NavigatorContentUtilsClient> client) | 149 PassOwnPtrWillBeRawPtr<NavigatorContentUtils> NavigatorContentUtils::create(Pass OwnPtr<NavigatorContentUtilsClient> client) |
| 143 { | 150 { |
| 144 return adoptPtrWillBeNoop(new NavigatorContentUtils(client)); | 151 return adoptPtrWillBeNoop(new NavigatorContentUtils(client)); |
| 145 } | 152 } |
| 146 | 153 |
| 147 void NavigatorContentUtils::registerProtocolHandler(Navigator& navigator, const String& scheme, const String& url, const String& title, ExceptionState& exceptio nState) | 154 void NavigatorContentUtils::registerProtocolHandler(Navigator& navigator, const String& scheme, const String& url, const String& title, ExceptionState& exceptio nState) |
| 148 { | 155 { |
| 149 if (!navigator.frame()) | 156 if (!navigator.frame()) |
| 150 return; | 157 return; |
| 151 | 158 |
| 152 ASSERT(navigator.frame()->document()); | 159 Document* document = navigator.frame()->document(); |
| 153 KURL baseURL = navigator.frame()->document()->baseURL(); | 160 ASSERT(document); |
| 154 | 161 |
| 155 if (!verifyCustomHandlerURL(baseURL, url, exceptionState)) | 162 if (!verifyCustomHandlerURL(*document, url, exceptionState)) |
| 156 return; | 163 return; |
| 157 | 164 |
| 158 if (!verifyCustomHandlerScheme(scheme, exceptionState)) | 165 if (!verifyCustomHandlerScheme(scheme, exceptionState)) |
| 159 return; | 166 return; |
| 160 | 167 |
| 168 KURL baseURL = document->baseURL(); | |
|
gyuyoung-inactive
2014/07/21 00:30:20
Should we use "baseURL" local variable ? This loca
| |
| 161 ASSERT(navigator.frame()->page()); | 169 ASSERT(navigator.frame()->page()); |
| 162 NavigatorContentUtils::from(*navigator.frame()->page())->client()->registerP rotocolHandler(scheme, baseURL, KURL(ParsedURLString, url), title); | 170 NavigatorContentUtils::from(*navigator.frame()->page())->client()->registerP rotocolHandler(scheme, baseURL, KURL(ParsedURLString, url), title); |
| 163 } | 171 } |
| 164 | 172 |
| 165 static String customHandlersStateString(const NavigatorContentUtilsClient::Custo mHandlersState state) | 173 static String customHandlersStateString(const NavigatorContentUtilsClient::Custo mHandlersState state) |
| 166 { | 174 { |
| 167 DEFINE_STATIC_LOCAL(const String, newHandler, ("new")); | 175 DEFINE_STATIC_LOCAL(const String, newHandler, ("new")); |
| 168 DEFINE_STATIC_LOCAL(const String, registeredHandler, ("registered")); | 176 DEFINE_STATIC_LOCAL(const String, registeredHandler, ("registered")); |
| 169 DEFINE_STATIC_LOCAL(const String, declinedHandler, ("declined")); | 177 DEFINE_STATIC_LOCAL(const String, declinedHandler, ("declined")); |
| 170 | 178 |
| (...skipping 15 matching lines...) Expand all Loading... | |
| 186 DEFINE_STATIC_LOCAL(const String, declined, ("declined")); | 194 DEFINE_STATIC_LOCAL(const String, declined, ("declined")); |
| 187 | 195 |
| 188 if (!navigator.frame()) | 196 if (!navigator.frame()) |
| 189 return declined; | 197 return declined; |
| 190 | 198 |
| 191 Document* document = navigator.frame()->document(); | 199 Document* document = navigator.frame()->document(); |
| 192 ASSERT(document); | 200 ASSERT(document); |
| 193 if (document->activeDOMObjectsAreStopped()) | 201 if (document->activeDOMObjectsAreStopped()) |
| 194 return declined; | 202 return declined; |
| 195 | 203 |
| 196 KURL baseURL = document->baseURL(); | 204 if (!verifyCustomHandlerURL(*document, url, exceptionState)) |
| 197 | |
| 198 if (!verifyCustomHandlerURL(baseURL, url, exceptionState)) | |
| 199 return declined; | 205 return declined; |
| 200 | 206 |
| 201 if (!verifyCustomHandlerScheme(scheme, exceptionState)) | 207 if (!verifyCustomHandlerScheme(scheme, exceptionState)) |
| 202 return declined; | 208 return declined; |
| 203 | 209 |
| 210 KURL baseURL = document->baseURL(); | |
| 204 ASSERT(navigator.frame()->page()); | 211 ASSERT(navigator.frame()->page()); |
| 205 return customHandlersStateString(NavigatorContentUtils::from(*navigator.fram e()->page())->client()->isProtocolHandlerRegistered(scheme, baseURL, KURL(Parsed URLString, url))); | 212 return customHandlersStateString(NavigatorContentUtils::from(*navigator.fram e()->page())->client()->isProtocolHandlerRegistered(scheme, baseURL, KURL(Parsed URLString, url))); |
| 206 } | 213 } |
| 207 | 214 |
| 208 void NavigatorContentUtils::unregisterProtocolHandler(Navigator& navigator, cons t String& scheme, const String& url, ExceptionState& exceptionState) | 215 void NavigatorContentUtils::unregisterProtocolHandler(Navigator& navigator, cons t String& scheme, const String& url, ExceptionState& exceptionState) |
| 209 { | 216 { |
| 210 if (!navigator.frame()) | 217 if (!navigator.frame()) |
| 211 return; | 218 return; |
| 212 | 219 |
| 213 ASSERT(navigator.frame()->document()); | 220 Document* document = navigator.frame()->document(); |
| 214 KURL baseURL = navigator.frame()->document()->baseURL(); | 221 ASSERT(document); |
| 215 | 222 |
| 216 if (!verifyCustomHandlerURL(baseURL, url, exceptionState)) | 223 if (!verifyCustomHandlerURL(*document, url, exceptionState)) |
| 217 return; | 224 return; |
| 218 | 225 |
| 219 if (!verifyCustomHandlerScheme(scheme, exceptionState)) | 226 if (!verifyCustomHandlerScheme(scheme, exceptionState)) |
| 220 return; | 227 return; |
| 221 | 228 |
| 229 KURL baseURL = document->baseURL(); | |
|
gyuyoung-inactive
2014/07/21 00:30:20
ditto.
| |
| 222 ASSERT(navigator.frame()->page()); | 230 ASSERT(navigator.frame()->page()); |
| 223 NavigatorContentUtils::from(*navigator.frame()->page())->client()->unregiste rProtocolHandler(scheme, baseURL, KURL(ParsedURLString, url)); | 231 NavigatorContentUtils::from(*navigator.frame()->page())->client()->unregiste rProtocolHandler(scheme, baseURL, KURL(ParsedURLString, url)); |
| 224 } | 232 } |
| 225 | 233 |
| 226 const char* NavigatorContentUtils::supplementName() | 234 const char* NavigatorContentUtils::supplementName() |
| 227 { | 235 { |
| 228 return "NavigatorContentUtils"; | 236 return "NavigatorContentUtils"; |
| 229 } | 237 } |
| 230 | 238 |
| 231 void provideNavigatorContentUtilsTo(Page& page, PassOwnPtr<NavigatorContentUtils Client> client) | 239 void provideNavigatorContentUtilsTo(Page& page, PassOwnPtr<NavigatorContentUtils Client> client) |
| 232 { | 240 { |
| 233 NavigatorContentUtils::provideTo(page, NavigatorContentUtils::supplementName (), NavigatorContentUtils::create(client)); | 241 NavigatorContentUtils::provideTo(page, NavigatorContentUtils::supplementName (), NavigatorContentUtils::create(client)); |
| 234 } | 242 } |
| 235 | 243 |
| 236 } // namespace WebCore | 244 } // namespace WebCore |
| OLD | NEW |
