Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/page/CreateWindow.cpp

Issue 967423005: <iframe sandbox> should inherit through <a target='_blank'>. (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Fix. Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« Source/core/frame/Frame.cpp ('K') | « Source/core/loader/FrameLoader.cpp ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2006, 2007, 2008, 2010 Apple Inc. All rights reserved. 2 * Copyright (C) 2006, 2007, 2008, 2010 Apple Inc. All rights reserved.
3 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) 3 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies)
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
7 * are met: 7 * are met:
8 * 1. Redistributions of source code must retain the above copyright 8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright 10 * 2. Redistributions in binary form must reproduce the above copyright
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after
44 #include "platform/weborigin/SecurityPolicy.h" 44 #include "platform/weborigin/SecurityPolicy.h"
45 45
46 namespace blink { 46 namespace blink {
47 47
48 static LocalFrame* createWindow(LocalFrame& openerFrame, LocalFrame& lookupFrame , const FrameLoadRequest& request, const WindowFeatures& features, NavigationPol icy policy, ShouldSendReferrer shouldSendReferrer, bool& created) 48 static LocalFrame* createWindow(LocalFrame& openerFrame, LocalFrame& lookupFrame , const FrameLoadRequest& request, const WindowFeatures& features, NavigationPol icy policy, ShouldSendReferrer shouldSendReferrer, bool& created)
49 { 49 {
50 ASSERT(!features.dialog || request.frameName().isEmpty()); 50 ASSERT(!features.dialog || request.frameName().isEmpty());
51 51
52 if (!request.frameName().isEmpty() && request.frameName() != "_blank" && pol icy == NavigationPolicyIgnore) { 52 if (!request.frameName().isEmpty() && request.frameName() != "_blank" && pol icy == NavigationPolicyIgnore) {
53 if (Frame* frame = lookupFrame.findFrameForNavigation(request.frameName( ), openerFrame)) { 53 if (Frame* frame = lookupFrame.findFrameForNavigation(request.frameName( ), openerFrame)) {
54 if (!openerFrame.canNavigate(*frame)) {
55 created = false;
56 return nullptr;
57 }
54 if (request.frameName() != "_self") { 58 if (request.frameName() != "_self") {
55 if (FrameHost* host = frame->host()) { 59 if (FrameHost* host = frame->host()) {
56 if (host == openerFrame.host()) 60 if (host == openerFrame.host())
57 frame->page()->focusController().setFocusedFrame(frame); 61 frame->page()->focusController().setFocusedFrame(frame);
58 else 62 else
59 host->chrome().focus(); 63 host->chrome().focus();
60 } 64 }
61 } 65 }
62 created = false; 66 created = false;
63 // FIXME: Make this work with RemoteFrames. 67 // FIXME: Make this work with RemoteFrames.
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after
112 if (features.heightSet) 116 if (features.heightSet)
113 windowRect.setHeight(features.height + (windowRect.height() - viewportSi ze.height())); 117 windowRect.setHeight(features.height + (windowRect.height() - viewportSi ze.height()));
114 118
115 // Ensure minimum size as well as being within valid screen area. 119 // Ensure minimum size as well as being within valid screen area.
116 IntRect newWindowRect = LocalDOMWindow::adjustWindowRect(frame, windowRect); 120 IntRect newWindowRect = LocalDOMWindow::adjustWindowRect(frame, windowRect);
117 121
118 host->chrome().setWindowRect(newWindowRect); 122 host->chrome().setWindowRect(newWindowRect);
119 host->chrome().show(policy); 123 host->chrome().show(policy);
120 124
121 created = true; 125 created = true;
126
127 frame.loader().forceSandboxFlags(openerFrame.document()->sandboxFlags());
128
122 return &frame; 129 return &frame;
123 } 130 }
124 131
125 LocalFrame* createWindow(const String& urlString, const AtomicString& frameName, const WindowFeatures& windowFeatures, 132 LocalFrame* createWindow(const String& urlString, const AtomicString& frameName, const WindowFeatures& windowFeatures,
126 LocalDOMWindow& callingWindow, LocalFrame& firstFrame, LocalFrame& openerFra me) 133 LocalDOMWindow& callingWindow, LocalFrame& firstFrame, LocalFrame& openerFra me)
127 { 134 {
128 LocalFrame* activeFrame = callingWindow.frame(); 135 LocalFrame* activeFrame = callingWindow.frame();
129 ASSERT(activeFrame); 136 ASSERT(activeFrame);
130 137
131 KURL completedURL = urlString.isEmpty() ? KURL(ParsedURLString, emptyString( )) : firstFrame.document()->completeURL(urlString); 138 KURL completedURL = urlString.isEmpty() ? KURL(ParsedURLString, emptyString( )) : firstFrame.document()->completeURL(urlString);
(...skipping 12 matching lines...) Expand all
144 // so we need to ensure the proper referrer is set now. 151 // so we need to ensure the proper referrer is set now.
145 frameRequest.resourceRequest().setHTTPReferrer(SecurityPolicy::generateRefer rer(activeFrame->document()->referrerPolicy(), completedURL, activeFrame->docume nt()->outgoingReferrer())); 152 frameRequest.resourceRequest().setHTTPReferrer(SecurityPolicy::generateRefer rer(activeFrame->document()->referrerPolicy(), completedURL, activeFrame->docume nt()->outgoingReferrer()));
146 153
147 // We pass the opener frame for the lookupFrame in case the active frame is different from 154 // We pass the opener frame for the lookupFrame in case the active frame is different from
148 // the opener frame, and the name references a frame relative to the opener frame. 155 // the opener frame, and the name references a frame relative to the opener frame.
149 bool created; 156 bool created;
150 LocalFrame* newFrame = createWindow(*activeFrame, openerFrame, frameRequest, windowFeatures, NavigationPolicyIgnore, MaybeSendReferrer, created); 157 LocalFrame* newFrame = createWindow(*activeFrame, openerFrame, frameRequest, windowFeatures, NavigationPolicyIgnore, MaybeSendReferrer, created);
151 if (!newFrame) 158 if (!newFrame)
152 return nullptr; 159 return nullptr;
153 160
154 if (newFrame != &openerFrame && newFrame != openerFrame.tree().top())
155 newFrame->loader().forceSandboxFlags(openerFrame.document()->sandboxFlag s());
156
157 newFrame->loader().setOpener(&openerFrame); 161 newFrame->loader().setOpener(&openerFrame);
158 162
159 if (newFrame->localDOMWindow()->isInsecureScriptAccess(callingWindow, comple tedURL)) 163 if (newFrame->localDOMWindow()->isInsecureScriptAccess(callingWindow, comple tedURL))
160 return newFrame; 164 return newFrame;
161 165
162 if (created) 166 if (created)
163 newFrame->loader().load(FrameLoadRequest(callingWindow.document(), compl etedURL)); 167 newFrame->loader().load(FrameLoadRequest(callingWindow.document(), compl etedURL));
164 else if (!urlString.isEmpty()) 168 else if (!urlString.isEmpty())
165 newFrame->navigate(*callingWindow.document(), completedURL, false); 169 newFrame->navigate(*callingWindow.document(), completedURL, false);
166 return newFrame; 170 return newFrame;
(...skipping 15 matching lines...) Expand all
182 186
183 WindowFeatures features; 187 WindowFeatures features;
184 bool created; 188 bool created;
185 LocalFrame* newFrame = createWindow(openerFrame, openerFrame, request, featu res, policy, shouldSendReferrer, created); 189 LocalFrame* newFrame = createWindow(openerFrame, openerFrame, request, featu res, policy, shouldSendReferrer, created);
186 if (!newFrame) 190 if (!newFrame)
187 return; 191 return;
188 if (shouldSendReferrer == MaybeSendReferrer) { 192 if (shouldSendReferrer == MaybeSendReferrer) {
189 newFrame->loader().setOpener(&openerFrame); 193 newFrame->loader().setOpener(&openerFrame);
190 newFrame->document()->setReferrerPolicy(openerFrame.document()->referrer Policy()); 194 newFrame->document()->setReferrerPolicy(openerFrame.document()->referrer Policy());
191 } 195 }
196
192 FrameLoadRequest newRequest(0, request.resourceRequest()); 197 FrameLoadRequest newRequest(0, request.resourceRequest());
193 newRequest.setFormState(request.formState()); 198 newRequest.setFormState(request.formState());
194 newFrame->loader().load(newRequest); 199 newFrame->loader().load(newRequest);
195 } 200 }
196 201
197 } // namespace blink 202 } // namespace blink
OLDNEW
« Source/core/frame/Frame.cpp ('K') | « Source/core/loader/FrameLoader.cpp ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698