Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(56)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/bindings/v8/BindingSecurity.cpp

Issue 22985006: Throw an exception when denying access to 'Frame's 'location' setter. (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Created 7 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « Source/bindings/v8/BindingSecurity.h ('k') | Source/bindings/v8/ExceptionState.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2009 Google Inc. All rights reserved. 2 * Copyright (C) 2009 Google Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are 5 * modification, are permitted provided that the following conditions are
6 * met: 6 * met:
7 * 7 *
8 * * Redistributions of source code must retain the above copyright 8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above 10 * * Redistributions in binary form must reproduce the above
(...skipping 16 matching lines...) Expand all
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 */ 29 */
30 30
31 #include "config.h" 31 #include "config.h"
32 #include "bindings/v8/BindingSecurity.h" 32 #include "bindings/v8/BindingSecurity.h"
33 33
34 #include "bindings/v8/V8Binding.h" 34 #include "bindings/v8/V8Binding.h"
35 #include "core/dom/Document.h" 35 #include "core/dom/Document.h"
36 #include "core/html/HTMLFrameElementBase.h" 36 #include "core/html/HTMLFrameElementBase.h"
37 #include "core/html/parser/HTMLParserIdioms.h"
38 #include "core/page/DOMWindow.h" 37 #include "core/page/DOMWindow.h"
39 #include "core/page/Frame.h" 38 #include "core/page/Frame.h"
40 #include "core/page/Settings.h" 39 #include "core/page/Settings.h"
41 #include "weborigin/SecurityOrigin.h" 40 #include "weborigin/SecurityOrigin.h"
42 41
43 namespace WebCore { 42 namespace WebCore {
44 43
45 static bool canAccessDocument(Document* targetDocument, SecurityReportingOption reportingOption = ReportSecurityError) 44 static bool isDocumentAccessibleFromDOMWindow(Document* targetDocument, DOMWindo w* activeWindow)
46 { 45 {
47 if (!targetDocument) 46 if (!targetDocument)
48 return false; 47 return false;
49 48
50 DOMWindow* active = activeDOMWindow(); 49 if (!activeWindow)
51 if (!active)
52 return false; 50 return false;
53 51
54 if (active->document()->securityOrigin()->canAccess(targetDocument->security Origin())) 52 if (activeWindow->document()->securityOrigin()->canAccess(targetDocument->se curityOrigin()))
53 return true;
54
55 return false;
56 }
57
58 static bool canAccessDocument(Document* targetDocument, ExceptionState& es)
59 {
60 DOMWindow* activeWindow = activeDOMWindow();
61 if (isDocumentAccessibleFromDOMWindow(targetDocument, activeWindow))
62 return true;
63
64 es.throwSecurityError(targetDocument->domWindow()->sanitizedCrossDomainAcces sErrorMessage(activeWindow), targetDocument->domWindow()->crossDomainAccessError Message(activeWindow));
65 return false;
66 }
67
68 static bool canAccessDocument(Document* targetDocument, SecurityReportingOption reportingOption = ReportSecurityError)
69 {
70 DOMWindow* activeWindow = activeDOMWindow();
71 if (isDocumentAccessibleFromDOMWindow(targetDocument, activeWindow))
55 return true; 72 return true;
56 73
57 if (reportingOption == ReportSecurityError) { 74 if (reportingOption == ReportSecurityError) {
58 if (Frame* frame = targetDocument->frame()) 75 if (Frame* frame = targetDocument->frame())
59 frame->domWindow()->printErrorMessage(targetDocument->domWindow()->c rossDomainAccessErrorMessage(active)); 76 frame->domWindow()->printErrorMessage(targetDocument->domWindow()->c rossDomainAccessErrorMessage(activeWindow));
60 } 77 }
61 78
62 return false; 79 return false;
63 } 80 }
64 81
65 bool BindingSecurity::shouldAllowAccessToFrame(Frame* target, SecurityReportingO ption reportingOption) 82 bool BindingSecurity::shouldAllowAccessToFrame(Frame* target, SecurityReportingO ption reportingOption)
66 { 83 {
67 return target && canAccessDocument(target->document(), reportingOption); 84 return target && canAccessDocument(target->document(), reportingOption);
68 } 85 }
69 86
87 bool BindingSecurity::shouldAllowAccessToFrame(Frame* target, ExceptionState& es )
88 {
89 return target && canAccessDocument(target->document(), es);
90 }
91
70 bool BindingSecurity::shouldAllowAccessToNode(Node* target) 92 bool BindingSecurity::shouldAllowAccessToNode(Node* target)
71 { 93 {
72 return target && canAccessDocument(target->document()); 94 return target && canAccessDocument(target->document());
73 } 95 }
74 96
75 bool BindingSecurity::allowSettingFrameSrcToJavascriptUrl(HTMLFrameElementBase* frame, const String& value)
76 {
77 return !protocolIsJavaScript(stripLeadingAndTrailingHTMLSpaces(value)) || ca nAccessDocument(frame->contentDocument());
78 } 97 }
79
80 }
OLDNEW
« no previous file with comments | « Source/bindings/v8/BindingSecurity.h ('k') | Source/bindings/v8/ExceptionState.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698