Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(86)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/page/EventSource.cpp

Issue 785933005: Check that ExecutionContext and LocalFrame pointers are not null before getting shouldBypassMainWor… (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Fixed expectation file. Was empty Created 6 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « LayoutTests/http/tests/websocket/resources/construct-in-detached-frame.html ('k') | Source/modules/websockets/DOMWebSocket.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2009, 2012 Ericsson AB. All rights reserved. 2 * Copyright (C) 2009, 2012 Ericsson AB. All rights reserved.
3 * Copyright (C) 2010 Apple Inc. All rights reserved. 3 * Copyright (C) 2010 Apple Inc. All rights reserved.
4 * Copyright (C) 2011, Code Aurora Forum. All rights reserved. 4 * Copyright (C) 2011, Code Aurora Forum. All rights reserved.
5 * 5 *
6 * Redistribution and use in source and binary forms, with or without 6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions 7 * modification, are permitted provided that the following conditions
8 * are met: 8 * are met:
9 * 9 *
10 * 1. Redistributions of source code must retain the above copyright 10 * 1. Redistributions of source code must retain the above copyright
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after
80 return nullptr; 80 return nullptr;
81 } 81 }
82 82
83 KURL fullURL = context->completeURL(url); 83 KURL fullURL = context->completeURL(url);
84 if (!fullURL.isValid()) { 84 if (!fullURL.isValid()) {
85 exceptionState.throwDOMException(SyntaxError, "Cannot open an EventSourc e to '" + url + "'. The URL is invalid."); 85 exceptionState.throwDOMException(SyntaxError, "Cannot open an EventSourc e to '" + url + "'. The URL is invalid.");
86 return nullptr; 86 return nullptr;
87 } 87 }
88 88
89 // FIXME: Convert this to check the isolated world's Content Security Policy once webkit.org/b/104520 is solved. 89 // FIXME: Convert this to check the isolated world's Content Security Policy once webkit.org/b/104520 is solved.
90 bool shouldBypassMainWorldCSP = false; 90 if (!ContentSecurityPolicy::shouldBypassMainWorld(context) && !context->cont entSecurityPolicy()->allowConnectToSource(fullURL)) {
91 if (context->isDocument()) {
92 Document* document = toDocument(context);
93 shouldBypassMainWorldCSP = document->frame()->script().shouldBypassMainW orldCSP();
94 }
95 if (!shouldBypassMainWorldCSP && !context->contentSecurityPolicy()->allowCon nectToSource(fullURL)) {
96 // We can safely expose the URL to JavaScript, as this exception is gene rate synchronously before any redirects take place. 91 // We can safely expose the URL to JavaScript, as this exception is gene rate synchronously before any redirects take place.
97 exceptionState.throwSecurityError("Refused to connect to '" + fullURL.el idedString() + "' because it violates the document's Content Security Policy."); 92 exceptionState.throwSecurityError("Refused to connect to '" + fullURL.el idedString() + "' because it violates the document's Content Security Policy.");
98 return nullptr; 93 return nullptr;
99 } 94 }
100 95
101 RefPtrWillBeRawPtr<EventSource> source = adoptRefWillBeNoop(new EventSource( context, fullURL, eventSourceInit)); 96 RefPtrWillBeRawPtr<EventSource> source = adoptRefWillBeNoop(new EventSource( context, fullURL, eventSourceInit));
102 97
103 source->scheduleInitialConnect(); 98 source->scheduleInitialConnect();
104 source->suspendIfNeeded(); 99 source->suspendIfNeeded();
105 100
(...skipping 327 matching lines...) Expand 10 before | Expand all | Expand 10 after
433 428
434 PassRefPtrWillBeRawPtr<MessageEvent> EventSource::createMessageEvent() 429 PassRefPtrWillBeRawPtr<MessageEvent> EventSource::createMessageEvent()
435 { 430 {
436 RefPtrWillBeRawPtr<MessageEvent> event = MessageEvent::create(); 431 RefPtrWillBeRawPtr<MessageEvent> event = MessageEvent::create();
437 event->initMessageEvent(m_eventName.isEmpty() ? EventTypeNames::message : m_ eventName, false, false, SerializedScriptValueFactory::instance().create(String( m_data)), m_eventStreamOrigin, m_lastEventId, 0, nullptr); 432 event->initMessageEvent(m_eventName.isEmpty() ? EventTypeNames::message : m_ eventName, false, false, SerializedScriptValueFactory::instance().create(String( m_data)), m_eventStreamOrigin, m_lastEventId, 0, nullptr);
438 m_data.clear(); 433 m_data.clear();
439 return event.release(); 434 return event.release();
440 } 435 }
441 436
442 } // namespace blink 437 } // namespace blink
OLDNEW
« no previous file with comments | « LayoutTests/http/tests/websocket/resources/construct-in-detached-frame.html ('k') | Source/modules/websockets/DOMWebSocket.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698