| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2012 Google Inc. All rights reserved. | 2 * Copyright (C) 2012 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 51 } | 51 } |
| 52 | 52 |
| 53 bool canRunInsecureContent(SecurityOrigin* securityOrigin, const KURL& url)
const | 53 bool canRunInsecureContent(SecurityOrigin* securityOrigin, const KURL& url)
const |
| 54 { | 54 { |
| 55 return canRunInsecureContentInternal(securityOrigin, url, MixedContentCh
ecker::Execution); | 55 return canRunInsecureContentInternal(securityOrigin, url, MixedContentCh
ecker::Execution); |
| 56 } | 56 } |
| 57 | 57 |
| 58 bool canSubmitToInsecureForm(SecurityOrigin*, const KURL&) const; | 58 bool canSubmitToInsecureForm(SecurityOrigin*, const KURL&) const; |
| 59 bool canConnectInsecureWebSocket(SecurityOrigin*, const KURL&) const; | 59 bool canConnectInsecureWebSocket(SecurityOrigin*, const KURL&) const; |
| 60 bool canFrameInsecureContent(SecurityOrigin*, const KURL&) const; | 60 bool canFrameInsecureContent(SecurityOrigin*, const KURL&) const; |
| 61 |
| 62 // Returns true if |url| is insecure, while |origin|'s protocol is HTTPS. |
| 61 static bool isMixedContent(SecurityOrigin*, const KURL&); | 63 static bool isMixedContent(SecurityOrigin*, const KURL&); |
| 62 | 64 |
| 65 // Returns true if |url| is a reserved IP address, and |origin| isn't. |
| 66 static bool isMixedRealm(SecurityOrigin*, const KURL&); |
| 67 |
| 63 private: | 68 private: |
| 64 enum MixedContentType { | 69 enum MixedContentType { |
| 65 Display, | 70 Display, |
| 66 Execution, | 71 Execution, |
| 67 WebSocket, | 72 WebSocket, |
| 68 Submission | 73 Submission |
| 69 }; | 74 }; |
| 70 | 75 |
| 71 // FIXME: This should probably have a separate client from FrameLoader. | 76 // FIXME: This should probably have a separate client from FrameLoader. |
| 72 FrameLoaderClient* client() const; | 77 FrameLoaderClient* client() const; |
| 73 | 78 |
| 74 bool canDisplayInsecureContentInternal(SecurityOrigin*, const KURL&, const M
ixedContentType) const; | 79 bool canDisplayInsecureContentInternal(SecurityOrigin*, const KURL&, const M
ixedContentType) const; |
| 75 | 80 |
| 76 bool canRunInsecureContentInternal(SecurityOrigin*, const KURL&, const Mixed
ContentType) const; | 81 bool canRunInsecureContentInternal(SecurityOrigin*, const KURL&, const Mixed
ContentType) const; |
| 77 | 82 |
| 78 void logWarning(bool allowed, const KURL& i, const MixedContentType) const; | 83 void logWarning(bool allowed, const KURL& i, const MixedContentType) const; |
| 79 | 84 |
| 80 LocalFrame* m_frame; | 85 LocalFrame* m_frame; |
| 81 }; | 86 }; |
| 82 | 87 |
| 83 } // namespace blink | 88 } // namespace blink |
| 84 | 89 |
| 85 #endif // MixedContentChecker_h | 90 #endif // MixedContentChecker_h |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 417153004:
Treat reserved IP addresses as mixed content. (Closed)
Base URL: svn://svn.chromium.org/blink/trunk