Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(824)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/loader/FrameLoader.cpp

Issue 14735005: Disallow a window focusing itself via javascript URLs or using target _self (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Created 7 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « LayoutTests/fast/dom/Window/window-focus-self-expected.txt ('k') | Source/core/page/DOMWindow.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserv ed. 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserv ed.
3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) 3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies)
4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/) 4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/)
5 * Copyright (C) 2008 Alp Toker <alp@atoker.com> 5 * Copyright (C) 2008 Alp Toker <alp@atoker.com>
6 * Copyright (C) Research In Motion Limited 2009. All rights reserved. 6 * Copyright (C) Research In Motion Limited 2009. All rights reserved.
7 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> 7 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com>
8 * Copyright (C) 2011 Google Inc. All rights reserved. 8 * Copyright (C) 2011 Google Inc. All rights reserved.
9 * 9 *
10 * Redistribution and use in source and binary forms, with or without 10 * Redistribution and use in source and binary forms, with or without
(...skipping 2908 matching lines...) Expand 10 before | Expand all | Expand 10 after
2919 info.addMember(m_previousURL, "previousURL"); 2919 info.addMember(m_previousURL, "previousURL");
2920 info.addMember(m_requestedHistoryItem, "requestedHistoryItem"); 2920 info.addMember(m_requestedHistoryItem, "requestedHistoryItem");
2921 } 2921 }
2922 2922
2923 Frame* createWindow(Frame* openerFrame, Frame* lookupFrame, const FrameLoadReque st& request, const WindowFeatures& features, bool& created) 2923 Frame* createWindow(Frame* openerFrame, Frame* lookupFrame, const FrameLoadReque st& request, const WindowFeatures& features, bool& created)
2924 { 2924 {
2925 ASSERT(!features.dialog || request.frameName().isEmpty()); 2925 ASSERT(!features.dialog || request.frameName().isEmpty());
2926 2926
2927 if (!request.frameName().isEmpty() && request.frameName() != "_blank") { 2927 if (!request.frameName().isEmpty() && request.frameName() != "_blank") {
2928 if (Frame* frame = lookupFrame->loader()->findFrameForNavigation(request .frameName(), openerFrame->document())) { 2928 if (Frame* frame = lookupFrame->loader()->findFrameForNavigation(request .frameName(), openerFrame->document())) {
2929 if (Page* page = frame->page()) 2929 if (request.frameName() != "_self") {
2930 page->chrome()->focus(); 2930 if (Page* page = frame->page())
2931 page->chrome()->focus();
2932 }
2931 created = false; 2933 created = false;
2932 return frame; 2934 return frame;
2933 } 2935 }
2934 } 2936 }
2935 2937
2936 // Sandboxed frames cannot open new auxiliary browsing contexts. 2938 // Sandboxed frames cannot open new auxiliary browsing contexts.
2937 if (isDocumentSandboxed(openerFrame, SandboxPopups)) { 2939 if (isDocumentSandboxed(openerFrame, SandboxPopups)) {
2938 // FIXME: This message should be moved off the console once a solution t o https://bugs.webkit.org/show_bug.cgi?id=103274 exists. 2940 // FIXME: This message should be moved off the console once a solution t o https://bugs.webkit.org/show_bug.cgi?id=103274 exists.
2939 openerFrame->document()->addConsoleMessage(SecurityMessageSource, ErrorM essageLevel, "Blocked opening '" + request.resourceRequest().url().elidedString( ) + "' in a new window because the request was made in a sandboxed frame whose ' allow-popups' permission is not set."); 2941 openerFrame->document()->addConsoleMessage(SecurityMessageSource, ErrorM essageLevel, "Blocked opening '" + request.resourceRequest().url().elidedString( ) + "' in a new window because the request was made in a sandboxed frame whose ' allow-popups' permission is not set.");
2940 return 0; 2942 return 0;
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after
2994 FloatRect newWindowRect = DOMWindow::adjustWindowRect(page, windowRect); 2996 FloatRect newWindowRect = DOMWindow::adjustWindowRect(page, windowRect);
2995 2997
2996 page->chrome()->setWindowRect(newWindowRect); 2998 page->chrome()->setWindowRect(newWindowRect);
2997 page->chrome()->show(); 2999 page->chrome()->show();
2998 3000
2999 created = true; 3001 created = true;
3000 return frame; 3002 return frame;
3001 } 3003 }
3002 3004
3003 } // namespace WebCore 3005 } // namespace WebCore
OLDNEW
« no previous file with comments | « LayoutTests/fast/dom/Window/window-focus-self-expected.txt ('k') | Source/core/page/DOMWindow.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698