Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(203)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sky/engine/bindings-dart/common/BindingSecurity.cpp

Issue 918273002: Remove bindings-dart (Closed) Base URL: git@github.com:domokit/mojo.git@master
Patch Set: Created 5 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sky/engine/bindings-dart/common/BindingSecurity.h ('k') | sky/engine/bindings-dart/common/DeleteResult.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 /*
2 * Copyright (C) 2009 Google Inc. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are
6 * met:
7 *
8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above
11 * copyright notice, this list of conditions and the following disclaimer
12 * in the documentation and/or other materials provided with the
13 * distribution.
14 * * Neither the name of Google Inc. nor the names of its
15 * contributors may be used to endorse or promote products derived from
16 * this software without specific prior written permission.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 */
30
31 #include "config.h"
32 #include "bindings/common/BindingSecurity.h"
33
34 #include "bindings/common/ScriptState.h"
35 #include "core/dom/Document.h"
36 #include "core/html/HTMLFrameElementBase.h"
37 #include "core/frame/LocalDOMWindow.h"
38 #include "core/frame/LocalFrame.h"
39 #include "core/frame/Settings.h"
40 #include "core/html/HTMLFrameElementBase.h"
41 #include "platform/weborigin/SecurityOrigin.h"
42
43 namespace blink {
44
45 static bool isDocumentAccessibleFromDOMWindow(Document* targetDocument, LocalDOM Window* callingWindow)
46 {
47 if (!targetDocument)
48 return false;
49
50 if (!callingWindow)
51 return false;
52
53 if (callingWindow->document()->securityOrigin()->canAccess(targetDocument->s ecurityOrigin()))
54 return true;
55
56 return false;
57 }
58
59 static bool canAccessDocument(ScriptState* scriptState, Document* targetDocument , ExceptionState& exceptionState)
60 {
61 LocalDOMWindow* callingWindow = scriptState->callingDOMWindow();
62 if (isDocumentAccessibleFromDOMWindow(targetDocument, callingWindow))
63 return true;
64
65 if (targetDocument->domWindow())
66 exceptionState.throwSecurityError(targetDocument->domWindow()->sanitized CrossDomainAccessErrorMessage(callingWindow), targetDocument->domWindow()->cross DomainAccessErrorMessage(callingWindow));
67 return false;
68 }
69
70 static bool canAccessDocument(ScriptState* scriptState, Document* targetDocument , SecurityReportingOption reportingOption = ReportSecurityError)
71 {
72 LocalDOMWindow* callingWindow = scriptState->callingDOMWindow();
73 if (isDocumentAccessibleFromDOMWindow(targetDocument, callingWindow))
74 return true;
75
76 if (reportingOption == ReportSecurityError && targetDocument->domWindow()) {
77 if (LocalFrame* frame = targetDocument->frame())
78 frame->domWindow()->printErrorMessage(targetDocument->domWindow()->c rossDomainAccessErrorMessage(callingWindow));
79 }
80
81 return false;
82 }
83
84 bool BindingSecurity::shouldAllowAccessToFrame(ScriptState* scriptState, Frame* target, SecurityReportingOption reportingOption)
85 {
86 if (!target || !target->isLocalFrame())
87 return false;
88 return canAccessDocument(scriptState, toLocalFrame(target)->document(), repo rtingOption);
89 }
90
91 bool BindingSecurity::shouldAllowAccessToFrame(ScriptState* scriptState, Frame* target, ExceptionState& exceptionState)
92 {
93 if (!target || !target->isLocalFrame())
94 return false;
95 return canAccessDocument(scriptState, toLocalFrame(target)->document(), exce ptionState);
96 }
97
98 bool BindingSecurity::shouldAllowAccessToNode(ScriptState* scriptState, Node* ta rget, ExceptionState& exceptionState)
99 {
100 return target && canAccessDocument(scriptState, &target->document(), excepti onState);
101 }
102
103 }
OLDNEW
« no previous file with comments | « sky/engine/bindings-dart/common/BindingSecurity.h ('k') | sky/engine/bindings-dart/common/DeleteResult.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698