OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2009, 2012 Ericsson AB. All rights reserved. | 2 * Copyright (C) 2009, 2012 Ericsson AB. All rights reserved. |
3 * Copyright (C) 2010 Apple Inc. All rights reserved. | 3 * Copyright (C) 2010 Apple Inc. All rights reserved. |
4 * Copyright (C) 2011, Code Aurora Forum. All rights reserved. | 4 * Copyright (C) 2011, Code Aurora Forum. All rights reserved. |
5 * | 5 * |
6 * Redistribution and use in source and binary forms, with or without | 6 * Redistribution and use in source and binary forms, with or without |
7 * modification, are permitted provided that the following conditions | 7 * modification, are permitted provided that the following conditions |
8 * are met: | 8 * are met: |
9 * | 9 * |
10 * 1. Redistributions of source code must retain the above copyright | 10 * 1. Redistributions of source code must retain the above copyright |
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
80 return nullptr; | 80 return nullptr; |
81 } | 81 } |
82 | 82 |
83 KURL fullURL = context->completeURL(url); | 83 KURL fullURL = context->completeURL(url); |
84 if (!fullURL.isValid()) { | 84 if (!fullURL.isValid()) { |
85 exceptionState.throwDOMException(SyntaxError, "Cannot open an EventSourc
e to '" + url + "'. The URL is invalid."); | 85 exceptionState.throwDOMException(SyntaxError, "Cannot open an EventSourc
e to '" + url + "'. The URL is invalid."); |
86 return nullptr; | 86 return nullptr; |
87 } | 87 } |
88 | 88 |
89 // FIXME: Convert this to check the isolated world's Content Security Policy
once webkit.org/b/104520 is solved. | 89 // FIXME: Convert this to check the isolated world's Content Security Policy
once webkit.org/b/104520 is solved. |
90 bool shouldBypassMainWorldCSP = false; | 90 if (!ContentSecurityPolicy::shouldBypassMainWorld(context) && !context->cont
entSecurityPolicy()->allowConnectToSource(fullURL)) { |
91 if (context->isDocument()) { | |
92 Document* document = toDocument(context); | |
93 shouldBypassMainWorldCSP = document->frame()->script().shouldBypassMainW
orldCSP(); | |
94 } | |
95 if (!shouldBypassMainWorldCSP && !context->contentSecurityPolicy()->allowCon
nectToSource(fullURL)) { | |
96 // We can safely expose the URL to JavaScript, as this exception is gene
rate synchronously before any redirects take place. | 91 // We can safely expose the URL to JavaScript, as this exception is gene
rate synchronously before any redirects take place. |
97 exceptionState.throwSecurityError("Refused to connect to '" + fullURL.el
idedString() + "' because it violates the document's Content Security Policy."); | 92 exceptionState.throwSecurityError("Refused to connect to '" + fullURL.el
idedString() + "' because it violates the document's Content Security Policy."); |
98 return nullptr; | 93 return nullptr; |
99 } | 94 } |
100 | 95 |
101 RefPtrWillBeRawPtr<EventSource> source = adoptRefWillBeNoop(new EventSource(
context, fullURL, eventSourceInit)); | 96 RefPtrWillBeRawPtr<EventSource> source = adoptRefWillBeNoop(new EventSource(
context, fullURL, eventSourceInit)); |
102 | 97 |
103 source->scheduleInitialConnect(); | 98 source->scheduleInitialConnect(); |
104 source->suspendIfNeeded(); | 99 source->suspendIfNeeded(); |
105 | 100 |
(...skipping 327 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
433 | 428 |
434 PassRefPtrWillBeRawPtr<MessageEvent> EventSource::createMessageEvent() | 429 PassRefPtrWillBeRawPtr<MessageEvent> EventSource::createMessageEvent() |
435 { | 430 { |
436 RefPtrWillBeRawPtr<MessageEvent> event = MessageEvent::create(); | 431 RefPtrWillBeRawPtr<MessageEvent> event = MessageEvent::create(); |
437 event->initMessageEvent(m_eventName.isEmpty() ? EventTypeNames::message : m_
eventName, false, false, SerializedScriptValueFactory::instance().create(String(
m_data)), m_eventStreamOrigin, m_lastEventId, 0, nullptr); | 432 event->initMessageEvent(m_eventName.isEmpty() ? EventTypeNames::message : m_
eventName, false, false, SerializedScriptValueFactory::instance().create(String(
m_data)), m_eventStreamOrigin, m_lastEventId, 0, nullptr); |
438 m_data.clear(); | 433 m_data.clear(); |
439 return event.release(); | 434 return event.release(); |
440 } | 435 } |
441 | 436 |
442 } // namespace blink | 437 } // namespace blink |
OLD | NEW |