Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(254)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/dom/ScriptLoader.h

Issue 47923008: Block execution of failed 'crossorigin' <script>s. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Rebased Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « Source/core/css/resolver/StyleResourceLoader.cpp ('k') | Source/core/dom/ScriptLoader.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org> 2 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org>
3 * 3 *
4 * This library is free software; you can redistribute it and/or 4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Library General Public 5 * modify it under the terms of the GNU Library General Public
6 * License as published by the Free Software Foundation; either 6 * License as published by the Free Software Foundation; either
7 * version 2 of the License, or (at your option) any later version. 7 * version 2 of the License, or (at your option) any later version.
8 * 8 *
9 * This library is distributed in the hope that it will be useful, 9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after
43 Element* element() const { return m_element; } 43 Element* element() const { return m_element; }
44 44
45 enum LegacyTypeSupport { DisallowLegacyTypeInTypeAttribute, AllowLegacyTypeI nTypeAttribute }; 45 enum LegacyTypeSupport { DisallowLegacyTypeInTypeAttribute, AllowLegacyTypeI nTypeAttribute };
46 bool prepareScript(const TextPosition& scriptStartPosition = TextPosition::m inimumPosition(), LegacyTypeSupport = DisallowLegacyTypeInTypeAttribute); 46 bool prepareScript(const TextPosition& scriptStartPosition = TextPosition::m inimumPosition(), LegacyTypeSupport = DisallowLegacyTypeInTypeAttribute);
47 47
48 String scriptCharset() const { return m_characterEncoding; } 48 String scriptCharset() const { return m_characterEncoding; }
49 String scriptContent() const; 49 String scriptContent() const;
50 void executeScript(const ScriptSourceCode&); 50 void executeScript(const ScriptSourceCode&);
51 void execute(ScriptResource*); 51 void execute(ScriptResource*);
52 52
53 // Check if potentially cross-origin enabled script is accessible
54 // prior to execution. Returns 'false' if not accessible, signalling
55 // that callers must not dispatch load events as the cross-origin
56 // fetch failed.
57 bool executePotentiallyCrossOriginScript(const ScriptSourceCode&);
58
53 // XML parser calls these 59 // XML parser calls these
54 void dispatchLoadEvent(); 60 void dispatchLoadEvent();
55 void dispatchErrorEvent(); 61 void dispatchErrorEvent();
56 bool isScriptTypeSupported(LegacyTypeSupport) const; 62 bool isScriptTypeSupported(LegacyTypeSupport) const;
57 63
58 bool haveFiredLoadEvent() const { return m_haveFiredLoad; } 64 bool haveFiredLoadEvent() const { return m_haveFiredLoad; }
59 bool willBeParserExecuted() const { return m_willBeParserExecuted; } 65 bool willBeParserExecuted() const { return m_willBeParserExecuted; }
60 bool readyToBeParserExecuted() const { return m_readyToBeParserExecuted; } 66 bool readyToBeParserExecuted() const { return m_readyToBeParserExecuted; }
61 bool willExecuteWhenDocumentFinishedParsing() const { return m_willExecuteWh enDocumentFinishedParsing; } 67 bool willExecuteWhenDocumentFinishedParsing() const { return m_willExecuteWh enDocumentFinishedParsing; }
62 ResourcePtr<ScriptResource> resource() { return m_resource; } 68 ResourcePtr<ScriptResource> resource() { return m_resource; }
63 69
64 void setHaveFiredLoadEvent(bool haveFiredLoad) { m_haveFiredLoad = haveFired Load; } 70 void setHaveFiredLoadEvent(bool haveFiredLoad) { m_haveFiredLoad = haveFired Load; }
65 bool isParserInserted() const { return m_parserInserted; } 71 bool isParserInserted() const { return m_parserInserted; }
66 bool alreadyStarted() const { return m_alreadyStarted; } 72 bool alreadyStarted() const { return m_alreadyStarted; }
67 bool forceAsync() const { return m_forceAsync; } 73 bool forceAsync() const { return m_forceAsync; }
74 bool isPotentiallyCORSEnabled() const { return m_isPotentiallyCORSEnabled; }
68 75
69 // Helper functions used by our parent classes. 76 // Helper functions used by our parent classes.
70 void didNotifySubtreeInsertionsToDocument(); 77 void didNotifySubtreeInsertionsToDocument();
71 void childrenChanged(); 78 void childrenChanged();
72 void handleSourceAttribute(const String& sourceUrl); 79 void handleSourceAttribute(const String& sourceUrl);
73 void handleAsyncAttribute(); 80 void handleAsyncAttribute();
74 81
75 private: 82 private:
76 ScriptLoader(Element*, bool createdByParser, bool isEvaluated); 83 ScriptLoader(Element*, bool createdByParser, bool isEvaluated);
77 84
(...skipping 13 matching lines...) Expand all
91 WTF::OrdinalNumber m_startLineNumber; 98 WTF::OrdinalNumber m_startLineNumber;
92 bool m_parserInserted : 1; 99 bool m_parserInserted : 1;
93 bool m_isExternalScript : 1; 100 bool m_isExternalScript : 1;
94 bool m_alreadyStarted : 1; 101 bool m_alreadyStarted : 1;
95 bool m_haveFiredLoad : 1; 102 bool m_haveFiredLoad : 1;
96 bool m_willBeParserExecuted : 1; // Same as "The parser will handle executin g the script." 103 bool m_willBeParserExecuted : 1; // Same as "The parser will handle executin g the script."
97 bool m_readyToBeParserExecuted : 1; 104 bool m_readyToBeParserExecuted : 1;
98 bool m_willExecuteWhenDocumentFinishedParsing : 1; 105 bool m_willExecuteWhenDocumentFinishedParsing : 1;
99 bool m_forceAsync : 1; 106 bool m_forceAsync : 1;
100 bool m_willExecuteInOrder : 1; 107 bool m_willExecuteInOrder : 1;
108 bool m_isPotentiallyCORSEnabled : 1;
101 String m_characterEncoding; 109 String m_characterEncoding;
102 String m_fallbackCharacterEncoding; 110 String m_fallbackCharacterEncoding;
103 }; 111 };
104 112
105 ScriptLoader* toScriptLoaderIfPossible(Element*); 113 ScriptLoader* toScriptLoaderIfPossible(Element*);
106 114
107 inline PassOwnPtr<ScriptLoader> ScriptLoader::create(Element* element, bool crea tedByParser, bool isEvaluated) 115 inline PassOwnPtr<ScriptLoader> ScriptLoader::create(Element* element, bool crea tedByParser, bool isEvaluated)
108 { 116 {
109 return adoptPtr(new ScriptLoader(element, createdByParser, isEvaluated)); 117 return adoptPtr(new ScriptLoader(element, createdByParser, isEvaluated));
110 } 118 }
111 119
112 } 120 }
113 121
114 122
115 #endif 123 #endif
OLDNEW
« no previous file with comments | « Source/core/css/resolver/StyleResourceLoader.cpp ('k') | Source/core/dom/ScriptLoader.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698