Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(257)

Side by Side Diff: Source/WebCore/bindings/generic/BindingSecurityBase.cpp

Issue 7569017: Merge 91957 (Closed) Base URL: http://svn.webkit.org/repository/webkit/branches/chromium/782/
Patch Set: Created 9 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2009 Google Inc. All rights reserved. 2 * Copyright (C) 2009 Google Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are 5 * modification, are permitted provided that the following conditions are
6 * met: 6 * met:
7 * 7 *
8 * * Redistributions of source code must retain the above copyright 8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above 10 * * Redistributions in binary form must reproduce the above
(...skipping 30 matching lines...) Expand all
41 DOMWindow* BindingSecurityBase::getDOMWindow(Frame* frame) 41 DOMWindow* BindingSecurityBase::getDOMWindow(Frame* frame)
42 { 42 {
43 return frame->domWindow(); 43 return frame->domWindow();
44 } 44 }
45 45
46 Frame* BindingSecurityBase::getFrame(Node* node) 46 Frame* BindingSecurityBase::getFrame(Node* node)
47 { 47 {
48 return node->document()->frame(); 48 return node->document()->frame();
49 } 49 }
50 50
51 // Same origin policy implementation: 51 bool BindingSecurityBase::canAccess(DOMWindow* activeWindow, DOMWindow* targetWi ndow)
52 //
53 // Same origin policy prevents JS code from domain A from accessing JS & DOM
54 // objects in a different domain B. There are exceptions and several objects
55 // are accessible by cross-domain code. For example, the window.frames object
56 // is accessible by code from a different domain, but window.document is not.
57 //
58 // The JS binding code sets security check callbacks on a function template,
59 // and accessing instances of the template calls the callback function.
60 // The callback function enforces the same origin policy.
61 //
62 // Callback functions are expensive. Binding code should use a security token
63 // string to do fast access checks for the common case where source and target
64 // are in the same domain. A security token is a string object that represents
65 // the protocol/url/port of a domain.
66 //
67 // There are special cases where security token matching is not enough.
68 // For example, JS can set its domain to a super domain by calling
69 // document.setDomain(...). In these cases, the binding code can reset
70 // a context's security token to its global object so that the fast access
71 // check will always fail.
72
73 // Helper to check if the current execution context can access a target frame.
74 // First it checks same domain policy using the lexical context.
75 //
76 // This is equivalent to KJS::Window::allowsAccessFrom(ExecState*).
77 bool BindingSecurityBase::canAccess(DOMWindow* activeWindow,
78 DOMWindow* targetWindow)
79 { 52 {
80 ASSERT(targetWindow); 53 ASSERT(targetWindow);
81
82 String message;
83
84 if (activeWindow == targetWindow) 54 if (activeWindow == targetWindow)
85 return true; 55 return true;
86 56
87 if (!activeWindow) 57 if (!activeWindow)
88 return false; 58 return false;
89 59
90 const SecurityOrigin* activeSecurityOrigin = activeWindow->securityOrigin(); 60 SecurityOrigin* activeSecurityOrigin = activeWindow->securityOrigin();
91 const SecurityOrigin* targetSecurityOrigin = targetWindow->securityOrigin(); 61 SecurityOrigin* targetSecurityOrigin = targetWindow->securityOrigin();
92 62
93 // We have seen crashes were the security origin of the target has not been 63 // We have seen crashes were the security origin of the target has not been
94 // initialized. Defend against that. 64 // initialized. Defend against that.
95 if (!targetSecurityOrigin) 65 if (!targetSecurityOrigin)
96 return false; 66 return false;
97 67
98 if (activeSecurityOrigin->canAccess(targetSecurityOrigin)) 68 if (activeSecurityOrigin->canAccess(targetSecurityOrigin))
99 return true; 69 return true;
100 70
101 // Allow access to a "about:blank" page if the dynamic context is a
102 // detached context of the same frame as the blank page.
103 if (targetSecurityOrigin->isEmpty() && activeWindow->frame() == targetWindow ->frame())
104 return true;
105
106 return false; 71 return false;
107 } 72 }
108 73
109 } // namespace WebCore 74 }
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698