Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(94)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/css/CSSImageValue.cpp

Issue 47923008: Block execution of failed 'crossorigin' <script>s. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Keep OriginRestriction on FetchRequest Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « Source/core/css/CSSImageValue.h ('k') | Source/core/css/resolver/StyleResourceLoader.cpp » ('j') | Source/core/css/resolver/StyleResourceLoader.cpp » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * (C) 1999-2003 Lars Knoll (knoll@kde.org) 2 * (C) 1999-2003 Lars Knoll (knoll@kde.org)
3 * Copyright (C) 2004, 2005, 2006, 2008 Apple Inc. All rights reserved. 3 * Copyright (C) 2004, 2005, 2006, 2008 Apple Inc. All rights reserved.
4 * 4 *
5 * This library is free software; you can redistribute it and/or 5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Library General Public 6 * modify it under the terms of the GNU Library General Public
7 * License as published by the Free Software Foundation; either 7 * License as published by the Free Software Foundation; either
8 * version 2 of the License, or (at your option) any later version. 8 * version 2 of the License, or (at your option) any later version.
9 * 9 *
10 * This library is distributed in the hope that it will be useful, 10 * This library is distributed in the hope that it will be useful,
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after
53 } 53 }
54 54
55 StyleImage* CSSImageValue::cachedOrPendingImage() 55 StyleImage* CSSImageValue::cachedOrPendingImage()
56 { 56 {
57 if (!m_image) 57 if (!m_image)
58 m_image = StylePendingImage::create(this); 58 m_image = StylePendingImage::create(this);
59 59
60 return m_image.get(); 60 return m_image.get();
61 } 61 }
62 62
63 StyleFetchedImage* CSSImageValue::cachedImage(ResourceFetcher* loader, const Res ourceLoaderOptions& options) 63 StyleFetchedImage* CSSImageValue::cachedImage(ResourceFetcher* fetcher, const Re sourceLoaderOptions& options, FetchRequest::OriginRestriction originRestriction)
64 { 64 {
65 ASSERT(loader); 65 ASSERT(fetcher);
66 66
67 if (!m_accessedImage) { 67 if (!m_accessedImage) {
68 m_accessedImage = true; 68 m_accessedImage = true;
69 69
70 FetchRequest request(ResourceRequest(loader->document()->completeURL(m_u rl)), m_initiatorName.isEmpty() ? FetchInitiatorTypeNames::css : m_initiatorName , options); 70 FetchRequest request(ResourceRequest(fetcher->document()->completeURL(m_ url)), m_initiatorName.isEmpty() ? FetchInitiatorTypeNames::css : m_initiatorNam e, options);
71 71
72 if (options.requestOriginPolicy == PotentiallyCrossOriginEnabled) 72 request.setOriginRestriction(originRestriction);
73 updateRequestForAccessControl(request.mutableResourceRequest(), load er->document()->securityOrigin(), options.allowCredentials); 73 if (originRestriction != FetchRequest::RestrictToSameOrigin)
74 updateRequestForAccessControl(request.mutableResourceRequest(), fetc her->document()->securityOrigin(), options.allowCredentials);
74 75
75 if (ResourcePtr<ImageResource> cachedImage = loader->fetchImage(request) ) 76 if (ResourcePtr<ImageResource> cachedImage = fetcher->fetchImage(request ))
76 m_image = StyleFetchedImage::create(cachedImage.get()); 77 m_image = StyleFetchedImage::create(cachedImage.get());
77 } 78 }
78 79
79 return (m_image && m_image->isImageResource()) ? static_cast<StyleFetchedIma ge*>(m_image.get()) : 0; 80 return (m_image && m_image->isImageResource()) ? static_cast<StyleFetchedIma ge*>(m_image.get()) : 0;
80 } 81 }
81 82
82 bool CSSImageValue::hasFailedOrCanceledSubresources() const 83 bool CSSImageValue::hasFailedOrCanceledSubresources() const
83 { 84 {
84 if (!m_image || !m_image->isImageResource()) 85 if (!m_image || !m_image->isImageResource())
85 return false; 86 return false;
(...skipping 20 matching lines...) Expand all
106 uriValue->setCSSOMSafe(); 107 uriValue->setCSSOMSafe();
107 return uriValue.release(); 108 return uriValue.release();
108 } 109 }
109 110
110 bool CSSImageValue::knownToBeOpaque(const RenderObject* renderer) const 111 bool CSSImageValue::knownToBeOpaque(const RenderObject* renderer) const
111 { 112 {
112 return m_image ? m_image->knownToBeOpaque(renderer) : false; 113 return m_image ? m_image->knownToBeOpaque(renderer) : false;
113 } 114 }
114 115
115 } // namespace WebCore 116 } // namespace WebCore
OLDNEW
« no previous file with comments | « Source/core/css/CSSImageValue.h ('k') | Source/core/css/resolver/StyleResourceLoader.cpp » ('j') | Source/core/css/resolver/StyleResourceLoader.cpp » ('J')

Powered by Google App Engine
This is Rietveld 408576698