OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2006, 2007, 2008, 2009 Apple Inc. All rights reserved. | 2 * Copyright (C) 2006, 2007, 2008, 2009 Apple Inc. All rights reserved. |
3 * Copyright (C) 2008 Torch Mobile Inc. All rights reserved. (http://www.torchmo
bile.com/) | 3 * Copyright (C) 2008 Torch Mobile Inc. All rights reserved. (http://www.torchmo
bile.com/) |
4 * | 4 * |
5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
6 * modification, are permitted provided that the following conditions | 6 * modification, are permitted provided that the following conditions |
7 * are met: | 7 * are met: |
8 * | 8 * |
9 * 1. Redistributions of source code must retain the above copyright | 9 * 1. Redistributions of source code must retain the above copyright |
10 * notice, this list of conditions and the following disclaimer. | 10 * notice, this list of conditions and the following disclaimer. |
(...skipping 164 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
175 // deferrals plays less of a part in this function in preventing the bad beh
avior deferring | 175 // deferrals plays less of a part in this function in preventing the bad beh
avior deferring |
176 // callbacks is meant to prevent. | 176 // callbacks is meant to prevent. |
177 ASSERT(!newRequest.isNull()); | 177 ASSERT(!newRequest.isNull()); |
178 | 178 |
179 // The additional processing can do anything including possibly removing the
last | 179 // The additional processing can do anything including possibly removing the
last |
180 // reference to this object; one example of this is 3266216. | 180 // reference to this object; one example of this is 3266216. |
181 RefPtr<MainResourceLoader> protect(this); | 181 RefPtr<MainResourceLoader> protect(this); |
182 | 182 |
183 ASSERT(documentLoader()->timing()->fetchStart); | 183 ASSERT(documentLoader()->timing()->fetchStart); |
184 if (!redirectResponse.isNull()) { | 184 if (!redirectResponse.isNull()) { |
| 185 // If the redirecting url is not allowed to display content from the tar
get origin, |
| 186 // then block the redirect. |
| 187 RefPtr<SecurityOrigin> redirectingOrigin = SecurityOrigin::create(redire
ctResponse.url()); |
| 188 if (!redirectingOrigin->canDisplay(newRequest.url())) { |
| 189 FrameLoader::reportLocalLoadFailed(m_frame.get(), newRequest.url().s
tring()); |
| 190 cancel(); |
| 191 return; |
| 192 } |
| 193 |
185 DocumentLoadTiming* documentLoadTiming = documentLoader()->timing(); | 194 DocumentLoadTiming* documentLoadTiming = documentLoader()->timing(); |
186 | 195 |
187 // Check if the redirected url is allowed to access the redirecting url'
s timing information. | 196 // Check if the redirected url is allowed to access the redirecting url'
s timing information. |
188 RefPtr<SecurityOrigin> securityOrigin = SecurityOrigin::create(newReques
t.url()); | 197 RefPtr<SecurityOrigin> securityOrigin = SecurityOrigin::create(newReques
t.url()); |
189 if (!securityOrigin->canRequest(redirectResponse.url())) | 198 if (!securityOrigin->canRequest(redirectResponse.url())) |
190 documentLoadTiming->hasCrossOriginRedirect = true; | 199 documentLoadTiming->hasCrossOriginRedirect = true; |
191 | 200 |
192 documentLoadTiming->redirectCount++; | 201 documentLoadTiming->redirectCount++; |
193 if (!documentLoadTiming->redirectStart) | 202 if (!documentLoadTiming->redirectStart) |
194 documentLoadTiming->redirectStart = documentLoadTiming->fetchStart; | 203 documentLoadTiming->redirectStart = documentLoadTiming->fetchStart; |
(...skipping 442 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
637 startDataLoadTimer(); | 646 startDataLoadTimer(); |
638 else { | 647 else { |
639 ResourceRequest r(m_initialRequest); | 648 ResourceRequest r(m_initialRequest); |
640 m_initialRequest = ResourceRequest(); | 649 m_initialRequest = ResourceRequest(); |
641 loadNow(r); | 650 loadNow(r); |
642 } | 651 } |
643 } | 652 } |
644 } | 653 } |
645 | 654 |
646 } | 655 } |
OLD | NEW |