Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(630)

Side by Side Diff: Source/WebCore/loader/FrameLoader.cpp

Issue 8198008: Merge 96610 - Resource loader should block HTTP redirects to local resources (Closed) Base URL: http://svn.webkit.org/repository/webkit/branches/chromium/874/
Patch Set: Created 9 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserv ed. 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserv ed.
3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) 3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies)
4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/) 4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/)
5 * Copyright (C) 2008 Alp Toker <alp@atoker.com> 5 * Copyright (C) 2008 Alp Toker <alp@atoker.com>
6 * Copyright (C) Research In Motion Limited 2009. All rights reserved. 6 * Copyright (C) Research In Motion Limited 2009. All rights reserved.
7 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> 7 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com>
8 * 8 *
9 * Redistribution and use in source and binary forms, with or without 9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions 10 * modification, are permitted provided that the following conditions
(...skipping 1106 matching lines...) Expand 10 before | Expand all | Expand 10 after
1117 } 1117 }
1118 1118
1119 void FrameLoader::setupForReplace() 1119 void FrameLoader::setupForReplace()
1120 { 1120 {
1121 setState(FrameStateProvisional); 1121 setState(FrameStateProvisional);
1122 m_provisionalDocumentLoader = m_documentLoader; 1122 m_provisionalDocumentLoader = m_documentLoader;
1123 m_documentLoader = 0; 1123 m_documentLoader = 0;
1124 detachChildren(); 1124 detachChildren();
1125 } 1125 }
1126 1126
1127 // This is a hack to allow keep navigation to http/https feeds working. To remov e this
1128 // we need to introduce new API akin to registerURLSchemeAsLocal, that registers a
1129 // protocols navigation policy.
1130 static bool isFeedWithNestedProtocolInHTTPFamily(const KURL& url)
1131 {
1132 const String& urlString = url.string();
1133 if (!urlString.startsWith("feed", false))
1134 return false;
1135
1136 return urlString.startsWith("feed://", false)
1137 || urlString.startsWith("feed:http:", false) || urlString.startsWith("fe ed:https:", false)
1138 || urlString.startsWith("feeds:http:", false) || urlString.startsWith("f eeds:https:", false)
1139 || urlString.startsWith("feedsearch:http:", false) || urlString.startsWi th("feedsearch:https:", false);
1140 }
1141
1142 void FrameLoader::loadFrameRequest(const FrameLoadRequest& request, bool lockHis tory, bool lockBackForwardList, 1127 void FrameLoader::loadFrameRequest(const FrameLoadRequest& request, bool lockHis tory, bool lockBackForwardList,
1143 PassRefPtr<Event> event, PassRefPtr<FormState> formState, ReferrerPolicy ref errerPolicy) 1128 PassRefPtr<Event> event, PassRefPtr<FormState> formState, ReferrerPolicy ref errerPolicy)
1144 { 1129 {
1145 // Protect frame from getting blown away inside dispatchBeforeLoadEvent in l oadWithDocumentLoader. 1130 // Protect frame from getting blown away inside dispatchBeforeLoadEvent in l oadWithDocumentLoader.
1146 RefPtr<Frame> protect(m_frame); 1131 RefPtr<Frame> protect(m_frame);
1147 1132
1148 KURL url = request.resourceRequest().url(); 1133 KURL url = request.resourceRequest().url();
1149 1134
1150 ASSERT(m_frame->document()); 1135 ASSERT(m_frame->document());
1151 // FIXME: Should we move the isFeedWithNestedProtocolInHTTPFamily logic insi de SecurityOrigin::canDisplay? 1136 if (!request.requester()->canDisplay(url)) {
1152 if (!isFeedWithNestedProtocolInHTTPFamily(url) && !request.requester()->canD isplay(url)) {
1153 reportLocalLoadFailed(m_frame, url.string()); 1137 reportLocalLoadFailed(m_frame, url.string());
1154 return; 1138 return;
1155 } 1139 }
1156 1140
1157 String referrer; 1141 String referrer;
1158 String argsReferrer = request.resourceRequest().httpReferrer(); 1142 String argsReferrer = request.resourceRequest().httpReferrer();
1159 if (!argsReferrer.isEmpty()) 1143 if (!argsReferrer.isEmpty())
1160 referrer = argsReferrer; 1144 referrer = argsReferrer;
1161 else 1145 else
1162 referrer = m_outgoingReferrer; 1146 referrer = m_outgoingReferrer;
(...skipping 2168 matching lines...) Expand 10 before | Expand all | Expand 10 after
3331 windowRect.setHeight(features.height + (windowRect.height() - pageSize.h eight())); 3315 windowRect.setHeight(features.height + (windowRect.height() - pageSize.h eight()));
3332 page->chrome()->setWindowRect(windowRect); 3316 page->chrome()->setWindowRect(windowRect);
3333 3317
3334 page->chrome()->show(); 3318 page->chrome()->show();
3335 3319
3336 created = true; 3320 created = true;
3337 return frame; 3321 return frame;
3338 } 3322 }
3339 3323
3340 } // namespace WebCore 3324 } // namespace WebCore
OLDNEW
« no previous file with comments | « LayoutTests/http/tests/security/resources/file-redirect-target.html ('k') | Source/WebCore/loader/MainResourceLoader.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698