OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserv ed. | 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserv ed. |
3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) | 3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) |
4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/) | 4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/) |
5 * Copyright (C) 2008 Alp Toker <alp@atoker.com> | 5 * Copyright (C) 2008 Alp Toker <alp@atoker.com> |
6 * Copyright (C) Research In Motion Limited 2009. All rights reserved. | 6 * Copyright (C) Research In Motion Limited 2009. All rights reserved. |
7 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> | 7 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> |
8 * Copyright (C) 2011 Google Inc. All rights reserved. | 8 * Copyright (C) 2011 Google Inc. All rights reserved. |
9 * | 9 * |
10 * Redistribution and use in source and binary forms, with or without | 10 * Redistribution and use in source and binary forms, with or without |
(...skipping 343 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
354 m_frame->document()->setReadyState(Document::Loading); | 354 m_frame->document()->setReadyState(Document::Loading); |
355 | 355 |
356 if (m_provisionalItem && m_loadType == FrameLoadTypeBackForward) | 356 if (m_provisionalItem && m_loadType == FrameLoadTypeBackForward) |
357 m_frame->domWindow()->statePopped(m_provisionalItem->stateObject()); | 357 m_frame->domWindow()->statePopped(m_provisionalItem->stateObject()); |
358 | 358 |
359 if (dispatch) | 359 if (dispatch) |
360 dispatchDidClearWindowObjectsInAllWorlds(); | 360 dispatchDidClearWindowObjectsInAllWorlds(); |
361 | 361 |
362 m_frame->document()->initContentSecurityPolicy(m_documentLoader ? ContentSec urityPolicyResponseHeaders(m_documentLoader->response()) : ContentSecurityPolicy ResponseHeaders()); | 362 m_frame->document()->initContentSecurityPolicy(m_documentLoader ? ContentSec urityPolicyResponseHeaders(m_documentLoader->response()) : ContentSecurityPolicy ResponseHeaders()); |
363 | 363 |
364 if (!m_frame->document()->contentSecurityPolicy()->allowAncestors(m_frame)) { | |
365 // load event and stopAllLoaders can detach the Frame, so protect it. | |
Nate Chapin
2014/01/21 18:24:22
The contents of this if() should probably be a hel
Mike West
2014/01/22 10:08:46
Done.
| |
366 RefPtr<Frame> protect(m_frame); | |
367 | |
368 // Move the page to a unique origin. | |
369 m_frame->document()->enforceSandboxFlags(SandboxOrigin); | |
370 | |
371 // Fire a load event, as timing attacks would otherwise reveal that the | |
372 // frame was blocked. This way, it looks like every other cross-origin | |
373 // page. | |
374 if (HTMLFrameOwnerElement* ownerElement = m_frame->ownerElement()) | |
375 ownerElement->dispatchEvent(Event::create(EventTypeNames::load)); | |
376 | |
377 stopAllLoaders(); | |
Nate Chapin
2014/01/21 18:24:22
If a navigation was triggered during the load even
Mike West
2014/01/22 10:08:46
Hrm. Probably not. I'll reverse the order.
| |
378 clear(); | |
Nate Chapin
2014/01/21 18:24:22
Do you really need clear() here? It was just calle
Mike West
2014/01/22 10:08:46
Done.
| |
379 return; | |
380 } | |
381 | |
382 | |
364 Settings* settings = m_frame->document()->settings(); | 383 Settings* settings = m_frame->document()->settings(); |
365 if (settings) { | 384 if (settings) { |
366 m_frame->document()->fetcher()->setImagesEnabled(settings->imagesEnabled ()); | 385 m_frame->document()->fetcher()->setImagesEnabled(settings->imagesEnabled ()); |
367 m_frame->document()->fetcher()->setAutoLoadImages(settings->loadsImagesA utomatically()); | 386 m_frame->document()->fetcher()->setAutoLoadImages(settings->loadsImagesA utomatically()); |
368 } | 387 } |
369 | 388 |
370 if (m_documentLoader) { | 389 if (m_documentLoader) { |
371 const AtomicString& dnsPrefetchControl = m_documentLoader->response().ht tpHeaderField("X-DNS-Prefetch-Control"); | 390 const AtomicString& dnsPrefetchControl = m_documentLoader->response().ht tpHeaderField("X-DNS-Prefetch-Control"); |
372 if (!dnsPrefetchControl.isEmpty()) | 391 if (!dnsPrefetchControl.isEmpty()) |
373 m_frame->document()->parseDNSPrefetchControlHeader(dnsPrefetchContro l); | 392 m_frame->document()->parseDNSPrefetchControlHeader(dnsPrefetchContro l); |
(...skipping 1089 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1463 { | 1482 { |
1464 SandboxFlags flags = m_forcedSandboxFlags; | 1483 SandboxFlags flags = m_forcedSandboxFlags; |
1465 if (Frame* parentFrame = m_frame->tree().parent()) | 1484 if (Frame* parentFrame = m_frame->tree().parent()) |
1466 flags |= parentFrame->document()->sandboxFlags(); | 1485 flags |= parentFrame->document()->sandboxFlags(); |
1467 if (HTMLFrameOwnerElement* ownerElement = m_frame->ownerElement()) | 1486 if (HTMLFrameOwnerElement* ownerElement = m_frame->ownerElement()) |
1468 flags |= ownerElement->sandboxFlags(); | 1487 flags |= ownerElement->sandboxFlags(); |
1469 return flags; | 1488 return flags; |
1470 } | 1489 } |
1471 | 1490 |
1472 } // namespace WebCore | 1491 } // namespace WebCore |
OLD | NEW |