OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2010 Google Inc. All rights reserved. | 2 * Copyright (C) 2010 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
44 : ActiveDOMObject(context) | 44 : ActiveDOMObject(context) |
45 { | 45 { |
46 } | 46 } |
47 | 47 |
48 AbstractWorker::~AbstractWorker() | 48 AbstractWorker::~AbstractWorker() |
49 { | 49 { |
50 } | 50 } |
51 | 51 |
52 KURL AbstractWorker::resolveURL(const String& url, ExceptionState& exceptionStat
e) | 52 KURL AbstractWorker::resolveURL(const String& url, ExceptionState& exceptionStat
e) |
53 { | 53 { |
54 if (url.isEmpty()) { | |
55 exceptionState.throwDOMException(SyntaxError, "Failed to create a worker
: an empty URL was provided."); | |
56 return KURL(); | |
57 } | |
58 | |
59 // FIXME: This should use the dynamic global scope (bug #27887) | 54 // FIXME: This should use the dynamic global scope (bug #27887) |
60 KURL scriptURL = executionContext()->completeURL(url); | 55 KURL scriptURL = executionContext()->completeURL(url); |
61 if (!scriptURL.isValid()) { | 56 if (!scriptURL.isValid()) { |
62 exceptionState.throwDOMException(SyntaxError, "Failed to create a worker
: '" + url + "' is not a valid URL."); | 57 exceptionState.throwDOMException(SyntaxError, "Failed to create a worker
: '" + url + "' is not a valid URL."); |
63 return KURL(); | 58 return KURL(); |
64 } | 59 } |
65 | 60 |
66 // We can safely expose the URL in the following exceptions, as these checks
happen synchronously before redirection. JavaScript receives no new information
. | 61 // We can safely expose the URL in the following exceptions, as these checks
happen synchronously before redirection. JavaScript receives no new information
. |
67 if (!executionContext()->securityOrigin()->canRequest(scriptURL)) { | 62 if (!executionContext()->securityOrigin()->canRequest(scriptURL)) { |
68 exceptionState.throwSecurityError("Failed to create a worker: script at
'" + scriptURL.elidedString() + "' cannot be accessed from origin '" + execution
Context()->securityOrigin()->toString() + "'."); | 63 exceptionState.throwSecurityError("Failed to create a worker: script at
'" + scriptURL.elidedString() + "' cannot be accessed from origin '" + execution
Context()->securityOrigin()->toString() + "'."); |
69 return KURL(); | 64 return KURL(); |
70 } | 65 } |
71 | 66 |
72 if (executionContext()->contentSecurityPolicy() && !executionContext()->cont
entSecurityPolicy()->allowScriptFromSource(scriptURL)) { | 67 if (executionContext()->contentSecurityPolicy() && !executionContext()->cont
entSecurityPolicy()->allowScriptFromSource(scriptURL)) { |
73 exceptionState.throwSecurityError("Failed to create a worker: access to
the script at '" + scriptURL.elidedString() + "' is denied by the document's Con
tent Security Policy."); | 68 exceptionState.throwSecurityError("Failed to create a worker: access to
the script at '" + scriptURL.elidedString() + "' is denied by the document's Con
tent Security Policy."); |
74 return KURL(); | 69 return KURL(); |
75 } | 70 } |
76 | 71 |
77 return scriptURL; | 72 return scriptURL; |
78 } | 73 } |
79 | 74 |
80 } // namespace WebCore | 75 } // namespace WebCore |
OLD | NEW |