OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 1999-2001 Harri Porten (porten@kde.org) | 2 * Copyright (C) 1999-2001 Harri Porten (porten@kde.org) |
3 * Copyright (C) 2001 Peter Kelly (pmk@post.com) | 3 * Copyright (C) 2001 Peter Kelly (pmk@post.com) |
4 * Copyright (C) 2006, 2007, 2008 Apple Inc. All rights reserved. | 4 * Copyright (C) 2006, 2007, 2008 Apple Inc. All rights reserved. |
5 * | 5 * |
6 * This library is free software; you can redistribute it and/or | 6 * This library is free software; you can redistribute it and/or |
7 * modify it under the terms of the GNU Lesser General Public | 7 * modify it under the terms of the GNU Lesser General Public |
8 * License as published by the Free Software Foundation; either | 8 * License as published by the Free Software Foundation; either |
9 * version 2 of the License, or (at your option) any later version. | 9 * version 2 of the License, or (at your option) any later version. |
10 * | 10 * |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
83 | 83 |
84 // We need to hold onto the Frame here because executing script can | 84 // We need to hold onto the Frame here because executing script can |
85 // destroy the frame. | 85 // destroy the frame. |
86 RefPtr<Frame> protector(m_frame); | 86 RefPtr<Frame> protector(m_frame); |
87 | 87 |
88 const int javascriptSchemeLength = sizeof("javascript:") - 1; | 88 const int javascriptSchemeLength = sizeof("javascript:") - 1; |
89 | 89 |
90 String decodedURL = decodeURLEscapeSequences(url.string()); | 90 String decodedURL = decodeURLEscapeSequences(url.string()); |
91 ScriptValue result; | 91 ScriptValue result; |
92 if (xssAuditor()->canEvaluateJavaScriptURL(decodedURL)) | 92 if (xssAuditor()->canEvaluateJavaScriptURL(decodedURL)) |
93 result = executeScript(decodedURL.substring(javascriptSchemeLength), pro
cessingUserGesture(), AllowXSS); | 93 result = executeScript(decodedURL.substring(javascriptSchemeLength), fal
se, AllowXSS); |
94 | 94 |
95 // If executing script caused this frame to be removed from the page, we | 95 // If executing script caused this frame to be removed from the page, we |
96 // don't want to try to replace its document! | 96 // don't want to try to replace its document! |
97 if (!m_frame->page()) | 97 if (!m_frame->page()) |
98 return true; | 98 return true; |
99 | 99 |
100 String scriptResult; | 100 String scriptResult; |
101 #if USE(JSC) | 101 #if USE(JSC) |
102 JSDOMWindowShell* shell = windowShell(mainThreadNormalWorld()); | 102 JSDOMWindowShell* shell = windowShell(mainThreadNormalWorld()); |
103 JSC::ExecState* exec = shell->window()->globalExec(); | 103 JSC::ExecState* exec = shell->window()->globalExec(); |
104 if (!result.getString(exec, scriptResult)) | 104 if (!result.getString(exec, scriptResult)) |
105 return true; | 105 return true; |
106 #else | 106 #else |
107 if (!result.getString(scriptResult)) | 107 if (!result.getString(scriptResult)) |
108 return true; | 108 return true; |
109 #endif | 109 #endif |
110 | 110 |
111 // FIXME: We should always replace the document, but doing so | 111 // FIXME: We should always replace the document, but doing so |
112 // synchronously can cause crashes: | 112 // synchronously can cause crashes: |
113 // http://bugs.webkit.org/show_bug.cgi?id=16782 | 113 // http://bugs.webkit.org/show_bug.cgi?id=16782 |
114 if (shouldReplaceDocumentIfJavaScriptURL == ReplaceDocumentIfJavaScriptURL) | 114 if (shouldReplaceDocumentIfJavaScriptURL == ReplaceDocumentIfJavaScriptURL) |
115 m_frame->loader()->writer()->replaceDocument(scriptResult); | 115 m_frame->loader()->writer()->replaceDocument(scriptResult); |
116 | 116 |
117 return true; | 117 return true; |
118 } | 118 } |
119 | 119 |
120 } // namespace WebCore | 120 } // namespace WebCore |
OLD | NEW |