OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights reserv
ed. | 5 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights reserv
ed. |
6 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org> | 6 * Copyright (C) 2008 Nikolas Zimmermann <zimmermann@kde.org> |
7 * | 7 * |
8 * This library is free software; you can redistribute it and/or | 8 * This library is free software; you can redistribute it and/or |
9 * modify it under the terms of the GNU Library General Public | 9 * modify it under the terms of the GNU Library General Public |
10 * License as published by the Free Software Foundation; either | 10 * License as published by the Free Software Foundation; either |
(...skipping 306 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
317 if (!m_isExternalScript && (!shouldBypassMainWorldCSP && !csp->allowInlineSc
ript(elementDocument->url(), m_startLineNumber))) | 317 if (!m_isExternalScript && (!shouldBypassMainWorldCSP && !csp->allowInlineSc
ript(elementDocument->url(), m_startLineNumber))) |
318 return; | 318 return; |
319 | 319 |
320 if (m_isExternalScript) { | 320 if (m_isExternalScript) { |
321 ScriptResource* resource = m_resource ? m_resource.get() : sourceCode.re
source(); | 321 ScriptResource* resource = m_resource ? m_resource.get() : sourceCode.re
source(); |
322 if (resource && !resource->mimeTypeAllowedByNosniff()) { | 322 if (resource && !resource->mimeTypeAllowedByNosniff()) { |
323 contextDocument->addConsoleMessage(ConsoleMessage::create(SecurityMe
ssageSource, ErrorMessageLevel, "Refused to execute script from '" + resource->u
rl().elidedString() + "' because its MIME type ('" + resource->mimeType() + "')
is not executable, and strict MIME type checking is enabled.")); | 323 contextDocument->addConsoleMessage(ConsoleMessage::create(SecurityMe
ssageSource, ErrorMessageLevel, "Refused to execute script from '" + resource->u
rl().elidedString() + "' because its MIME type ('" + resource->mimeType() + "')
is not executable, and strict MIME type checking is enabled.")); |
324 return; | 324 return; |
325 } | 325 } |
326 | 326 |
327 // FIXME: On failure, SRI should probably provide an error message for t
he console. | |
328 if (!SubresourceIntegrity::CheckSubresourceIntegrity(*m_element, sourceC
ode.source(), sourceCode.resource()->url())) | 327 if (!SubresourceIntegrity::CheckSubresourceIntegrity(*m_element, sourceC
ode.source(), sourceCode.resource()->url())) |
329 return; | 328 return; |
330 } | 329 } |
331 | 330 |
332 // FIXME: Can this be moved earlier in the function? | 331 // FIXME: Can this be moved earlier in the function? |
333 // Why are we ever attempting to execute scripts without a frame? | 332 // Why are we ever attempting to execute scripts without a frame? |
334 if (!frame) | 333 if (!frame) |
335 return; | 334 return; |
336 | 335 |
337 const bool isImportedScript = contextDocument != elementDocument; | 336 const bool isImportedScript = contextDocument != elementDocument; |
(...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
451 if (isHTMLScriptLoader(element)) | 450 if (isHTMLScriptLoader(element)) |
452 return toHTMLScriptElement(element)->loader(); | 451 return toHTMLScriptElement(element)->loader(); |
453 | 452 |
454 if (isSVGScriptLoader(element)) | 453 if (isSVGScriptLoader(element)) |
455 return toSVGScriptElement(element)->loader(); | 454 return toSVGScriptElement(element)->loader(); |
456 | 455 |
457 return 0; | 456 return 0; |
458 } | 457 } |
459 | 458 |
460 } | 459 } |
OLD | NEW |