Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(31)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/WebCore/loader/DocumentWriter.cpp

Issue 8083016: Merge 96260 - JavaScript generated documents don't inherit the cookie URL (Closed) Base URL: http://svn.webkit.org/repository/webkit/branches/chromium/874/
Patch Set: Created 9 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « Source/WebCore/loader/DocumentWriter.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2010. Adam Barth. All rights reserved. 2 * Copyright (C) 2010. Adam Barth. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 7 *
8 * 1. Redistributions of source code must retain the above copyright 8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright 10 * 2. Redistributions in binary form must reproduce the above copyright
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after
60 , m_encodingWasChosenByUser(false) 60 , m_encodingWasChosenByUser(false)
61 { 61 {
62 } 62 }
63 63
64 // This is only called by ScriptController::executeIfJavaScriptURL 64 // This is only called by ScriptController::executeIfJavaScriptURL
65 // and always contains the result of evaluating a javascript: url. 65 // and always contains the result of evaluating a javascript: url.
66 // This is the <iframe src="javascript:'html'"> case. 66 // This is the <iframe src="javascript:'html'"> case.
67 void DocumentWriter::replaceDocument(const String& source) 67 void DocumentWriter::replaceDocument(const String& source)
68 { 68 {
69 m_frame->loader()->stopAllLoaders(); 69 m_frame->loader()->stopAllLoaders();
70 begin(m_frame->document()->url(), true, m_frame->document()->securityOrigin( )); 70 begin(m_frame->document()->url(), true, InheritSecurityOrigin);
71 71
72 if (!source.isNull()) { 72 if (!source.isNull()) {
73 if (!m_hasReceivedSomeData) { 73 if (!m_hasReceivedSomeData) {
74 m_hasReceivedSomeData = true; 74 m_hasReceivedSomeData = true;
75 m_frame->document()->setCompatibilityMode(Document::NoQuirksMode); 75 m_frame->document()->setCompatibilityMode(Document::NoQuirksMode);
76 } 76 }
77 77
78 // FIXME: This should call DocumentParser::appendBytes instead of append 78 // FIXME: This should call DocumentParser::appendBytes instead of append
79 // to support RawDataDocumentParsers. 79 // to support RawDataDocumentParsers.
80 if (DocumentParser* parser = m_frame->document()->parser()) 80 if (DocumentParser* parser = m_frame->document()->parser())
(...skipping 18 matching lines...) Expand all
99 99
100 PassRefPtr<Document> DocumentWriter::createDocument(const KURL& url) 100 PassRefPtr<Document> DocumentWriter::createDocument(const KURL& url)
101 { 101 {
102 if (!m_frame->loader()->stateMachine()->isDisplayingInitialEmptyDocument() & & m_frame->loader()->client()->shouldUsePluginDocument(m_mimeType)) 102 if (!m_frame->loader()->stateMachine()->isDisplayingInitialEmptyDocument() & & m_frame->loader()->client()->shouldUsePluginDocument(m_mimeType))
103 return PluginDocument::create(m_frame, url); 103 return PluginDocument::create(m_frame, url);
104 if (!m_frame->loader()->client()->hasHTMLView()) 104 if (!m_frame->loader()->client()->hasHTMLView())
105 return PlaceholderDocument::create(m_frame, url); 105 return PlaceholderDocument::create(m_frame, url);
106 return DOMImplementation::createDocument(m_mimeType, m_frame, url, m_frame-> inViewSourceMode()); 106 return DOMImplementation::createDocument(m_mimeType, m_frame, url, m_frame-> inViewSourceMode());
107 } 107 }
108 108
109 void DocumentWriter::begin(const KURL& urlReference, bool dispatch, SecurityOrig in* origin) 109 void DocumentWriter::begin(const KURL& urlReference, bool dispatch, SecurityOrig inSource originSource)
110 { 110 {
111 // We need to take a reference to the security origin because |clear| 111 RefPtr<Document> oldDocument = m_frame->document();
112 // might destroy the document that owns it.
113 RefPtr<SecurityOrigin> forcedSecurityOrigin = origin;
114 112
115 // We grab a local copy of the URL because it's easy for callers to supply 113 // We grab a local copy of the URL because it's easy for callers to supply
116 // a URL that will be deallocated during the execution of this function. 114 // a URL that will be deallocated during the execution of this function.
117 // For example, see <https://bugs.webkit.org/show_bug.cgi?id=66360>. 115 // For example, see <https://bugs.webkit.org/show_bug.cgi?id=66360>.
118 KURL url = urlReference; 116 KURL url = urlReference;
119 117
120 // Create a new document before clearing the frame, because it may need to 118 // Create a new document before clearing the frame, because it may need to
121 // inherit an aliased security context. 119 // inherit an aliased security context.
122 RefPtr<Document> document = createDocument(url); 120 RefPtr<Document> document = createDocument(url);
123 121
124 // If the new document is for a Plugin but we're supposed to be sandboxed fr om Plugins, 122 // If the new document is for a Plugin but we're supposed to be sandboxed fr om Plugins,
125 // then replace the document with one whose parser will ignore the incoming data (bug 39323) 123 // then replace the document with one whose parser will ignore the incoming data (bug 39323)
126 if (document->isPluginDocument() && m_frame->loader()->isSandboxed(SandboxPl ugins)) 124 if (document->isPluginDocument() && m_frame->loader()->isSandboxed(SandboxPl ugins))
127 document = SinkDocument::create(m_frame, url); 125 document = SinkDocument::create(m_frame, url);
128 126
129 // FIXME: Do we need to consult the content security policy here about block ed plug-ins? 127 // FIXME: Do we need to consult the content security policy here about block ed plug-ins?
130 128
131 bool resetScripting = !(m_frame->loader()->stateMachine()->isDisplayingIniti alEmptyDocument() && m_frame->document()->securityOrigin()->isSecureTransitionTo (url)); 129 bool resetScripting = !(m_frame->loader()->stateMachine()->isDisplayingIniti alEmptyDocument() && m_frame->document()->securityOrigin()->isSecureTransitionTo (url));
132 m_frame->loader()->clear(resetScripting, resetScripting); 130 m_frame->loader()->clear(resetScripting, resetScripting);
133 clear(); 131 clear();
134 if (resetScripting) 132 if (resetScripting)
135 m_frame->script()->updatePlatformScriptObjects(); 133 m_frame->script()->updatePlatformScriptObjects();
136 134
137 m_frame->loader()->setOutgoingReferrer(url); 135 m_frame->loader()->setOutgoingReferrer(url);
138 m_frame->setDocument(document); 136 m_frame->setDocument(document);
139 137
140 if (m_decoder) 138 if (m_decoder)
141 document->setDecoder(m_decoder.get()); 139 document->setDecoder(m_decoder.get());
142 if (forcedSecurityOrigin) 140 if (originSource == InheritSecurityOrigin) {
143 document->setSecurityOrigin(forcedSecurityOrigin.get()); 141 document->setCookieURL(oldDocument->cookieURL());
142 document->setSecurityOrigin(oldDocument->securityOrigin());
143 }
144 144
145 m_frame->domWindow()->setURL(document->url()); 145 m_frame->domWindow()->setURL(document->url());
146 m_frame->domWindow()->setSecurityOrigin(document->securityOrigin()); 146 m_frame->domWindow()->setSecurityOrigin(document->securityOrigin());
147 147
148 m_frame->loader()->didBeginDocument(dispatch); 148 m_frame->loader()->didBeginDocument(dispatch);
149 149
150 document->implicitOpen(); 150 document->implicitOpen();
151 151
152 // We grab a reference to the parser so that we'll always send data to the 152 // We grab a reference to the parser so that we'll always send data to the
153 // original parser, even if the document acquires a new parser (e.g., via 153 // original parser, even if the document acquires a new parser (e.g., via
(...skipping 109 matching lines...) Expand 10 before | Expand all | Expand 10 after
263 return m_frame->document()->url().isEmpty() ? m_encoding : encoding(); 263 return m_frame->document()->url().isEmpty() ? m_encoding : encoding();
264 } 264 }
265 265
266 void DocumentWriter::setDocumentWasLoadedAsPartOfNavigation() 266 void DocumentWriter::setDocumentWasLoadedAsPartOfNavigation()
267 { 267 {
268 ASSERT(!m_parser->isStopped()); 268 ASSERT(!m_parser->isStopped());
269 m_parser->setDocumentWasLoadedAsPartOfNavigation(); 269 m_parser->setDocumentWasLoadedAsPartOfNavigation();
270 } 270 }
271 271
272 } // namespace WebCore 272 } // namespace WebCore
OLDNEW
« no previous file with comments | « Source/WebCore/loader/DocumentWriter.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698