Chromium Code Reviews Chromium Code Reviews
Issue 91353002:
CSP 1.1: Implement the 'frame-ancestors' directive. (Closed)
Base URL: svn://svn.chromium.org/blink/trunk| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserv ed. | 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserv ed. |
| 3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) | 3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) |
| 4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/) | 4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/) |
| 5 * Copyright (C) 2008 Alp Toker <alp@atoker.com> | 5 * Copyright (C) 2008 Alp Toker <alp@atoker.com> |
| 6 * Copyright (C) Research In Motion Limited 2009. All rights reserved. | 6 * Copyright (C) Research In Motion Limited 2009. All rights reserved. |
| 7 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> | 7 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> |
| 8 * Copyright (C) 2011 Google Inc. All rights reserved. | 8 * Copyright (C) 2011 Google Inc. All rights reserved. |
| 9 * | 9 * |
| 10 * Redistribution and use in source and binary forms, with or without | 10 * Redistribution and use in source and binary forms, with or without |
| (...skipping 343 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 354 m_frame->document()->setReadyState(Document::Loading); | 354 m_frame->document()->setReadyState(Document::Loading); |
| 355 | 355 |
| 356 if (m_provisionalItem && m_loadType == FrameLoadTypeBackForward) | 356 if (m_provisionalItem && m_loadType == FrameLoadTypeBackForward) |
| 357 m_frame->domWindow()->statePopped(m_provisionalItem->stateObject()); | 357 m_frame->domWindow()->statePopped(m_provisionalItem->stateObject()); |
| 358 | 358 |
| 359 if (dispatch) | 359 if (dispatch) |
| 360 dispatchDidClearWindowObjectsInAllWorlds(); | 360 dispatchDidClearWindowObjectsInAllWorlds(); |
| 361 | 361 |
| 362 m_frame->document()->initContentSecurityPolicy(m_documentLoader ? ContentSec urityPolicyResponseHeaders(m_documentLoader->response()) : ContentSecurityPolicy ResponseHeaders()); | 362 m_frame->document()->initContentSecurityPolicy(m_documentLoader ? ContentSec urityPolicyResponseHeaders(m_documentLoader->response()) : ContentSecurityPolicy ResponseHeaders()); |
| 363 | 363 |
| 364 if (!m_frame->document()->contentSecurityPolicy()->allowAncestors(m_frame)) { | |
| 365 // load event and stopAllLoaders can detach the Frame, so protect it. | |
|
Nate Chapin
2014/01/21 18:24:22
The contents of this if() should probably be a hel
Mike West
2014/01/22 10:08:46
Done.
| |
| 366 RefPtr<Frame> protect(m_frame); | |
| 367 | |
| 368 // Move the page to a unique origin. | |
| 369 m_frame->document()->enforceSandboxFlags(SandboxOrigin); | |
| 370 | |
| 371 // Fire a load event, as timing attacks would otherwise reveal that the | |
| 372 // frame was blocked. This way, it looks like every other cross-origin | |
| 373 // page. | |
| 374 if (HTMLFrameOwnerElement* ownerElement = m_frame->ownerElement()) | |
| 375 ownerElement->dispatchEvent(Event::create(EventTypeNames::load)); | |
| 376 | |
| 377 stopAllLoaders(); | |
|
Nate Chapin
2014/01/21 18:24:22
If a navigation was triggered during the load even
Mike West
2014/01/22 10:08:46
Hrm. Probably not. I'll reverse the order.
| |
| 378 clear(); | |
|
Nate Chapin
2014/01/21 18:24:22
Do you really need clear() here? It was just calle
Mike West
2014/01/22 10:08:46
Done.
| |
| 379 return; | |
| 380 } | |
| 381 | |
| 382 | |
| 364 Settings* settings = m_frame->document()->settings(); | 383 Settings* settings = m_frame->document()->settings(); |
| 365 if (settings) { | 384 if (settings) { |
| 366 m_frame->document()->fetcher()->setImagesEnabled(settings->imagesEnabled ()); | 385 m_frame->document()->fetcher()->setImagesEnabled(settings->imagesEnabled ()); |
| 367 m_frame->document()->fetcher()->setAutoLoadImages(settings->loadsImagesA utomatically()); | 386 m_frame->document()->fetcher()->setAutoLoadImages(settings->loadsImagesA utomatically()); |
| 368 } | 387 } |
| 369 | 388 |
| 370 if (m_documentLoader) { | 389 if (m_documentLoader) { |
| 371 const AtomicString& dnsPrefetchControl = m_documentLoader->response().ht tpHeaderField("X-DNS-Prefetch-Control"); | 390 const AtomicString& dnsPrefetchControl = m_documentLoader->response().ht tpHeaderField("X-DNS-Prefetch-Control"); |
| 372 if (!dnsPrefetchControl.isEmpty()) | 391 if (!dnsPrefetchControl.isEmpty()) |
| 373 m_frame->document()->parseDNSPrefetchControlHeader(dnsPrefetchContro l); | 392 m_frame->document()->parseDNSPrefetchControlHeader(dnsPrefetchContro l); |
| (...skipping 1089 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1463 { | 1482 { |
| 1464 SandboxFlags flags = m_forcedSandboxFlags; | 1483 SandboxFlags flags = m_forcedSandboxFlags; |
| 1465 if (Frame* parentFrame = m_frame->tree().parent()) | 1484 if (Frame* parentFrame = m_frame->tree().parent()) |
| 1466 flags |= parentFrame->document()->sandboxFlags(); | 1485 flags |= parentFrame->document()->sandboxFlags(); |
| 1467 if (HTMLFrameOwnerElement* ownerElement = m_frame->ownerElement()) | 1486 if (HTMLFrameOwnerElement* ownerElement = m_frame->ownerElement()) |
| 1468 flags |= ownerElement->sandboxFlags(); | 1487 flags |= ownerElement->sandboxFlags(); |
| 1469 return flags; | 1488 return flags; |
| 1470 } | 1489 } |
| 1471 | 1490 |
| 1472 } // namespace WebCore | 1491 } // namespace WebCore |
| OLD | NEW |
