Source/core/dom/Document.cpp - Issue 23163004: Improve 'document.cookie' access check exception messages.

Side by Side Diff: Source/core/dom/Document.cpp

Issue 23163004: Improve 'document.cookie' access check exception messages. (Closed) Base URL: svn://svn.chromium.org/blink/trunk

Patch Set: rebase Created 7 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 /*	1 /*

2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org)	2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org)

3 * (C) 1999 Antti Koivisto (koivisto@kde.org)	3 * (C) 1999 Antti Koivisto (koivisto@kde.org)

4 * (C) 2001 Dirk Mueller (mueller@kde.org)	4 * (C) 2001 Dirk Mueller (mueller@kde.org)

5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org)	5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org)

6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r ights reserved.	6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All r ights reserved.

7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/)	7 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/)

8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved.	8 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved.

9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies)	9 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies)

10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved.	10 * Copyright (C) Research In Motion Limited 2010-2011. All rights reserved.

(...skipping 3626 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
3637 String Document::cookie(ExceptionState& es) const	3637 String Document::cookie(ExceptionState& es) const

3638 {	3638 {

3639 if (page() && !page()->settings().cookieEnabled())	3639 if (page() && !page()->settings().cookieEnabled())

3640 return String();	3640 return String();

3641	3641

3642 // FIXME: The HTML5 DOM spec states that this attribute can raise an	3642 // FIXME: The HTML5 DOM spec states that this attribute can raise an

3643 // InvalidStateError exception on getting if the Document has no	3643 // InvalidStateError exception on getting if the Document has no

3644 // browsing context.	3644 // browsing context.

3645	3645

3646 if (!securityOrigin()->canAccessCookies()) {	3646 if (!securityOrigin()->canAccessCookies()) {

3647 es.throwDOMException(SecurityError);	3647 String accessDeniedMessage = "Access to 'cookie' is denied for this docu ment.";

	3648 if (isSandboxed(SandboxOrigin))

	3649 es.throwSecurityError(accessDeniedMessage + " The document is sandbo xed and lacks the 'allow-same-origin' flag.");

	3650 else if (url().protocolIs("data"))

	3651 es.throwSecurityError(accessDeniedMessage + " Cookies are disabled i nside 'data:' URLs.");

	3652 else

	3653 es.throwSecurityError(accessDeniedMessage);

3648 return String();	3654 return String();

3649 }	3655 }

3650	3656

3651 KURL cookieURL = this->cookieURL();	3657 KURL cookieURL = this->cookieURL();

3652 if (cookieURL.isEmpty())	3658 if (cookieURL.isEmpty())

3653 return String();	3659 return String();

3654	3660

3655 return cookies(this, cookieURL);	3661 return cookies(this, cookieURL);

3656 }	3662 }

3657	3663

3658 void Document::setCookie(const String& value, ExceptionState& es)	3664 void Document::setCookie(const String& value, ExceptionState& es)

3659 {	3665 {

3660 if (page() && !page()->settings().cookieEnabled())	3666 if (page() && !page()->settings().cookieEnabled())

3661 return;	3667 return;

3662	3668

3663 // FIXME: The HTML5 DOM spec states that this attribute can raise an	3669 // FIXME: The HTML5 DOM spec states that this attribute can raise an

3664 // InvalidStateError exception on setting if the Document has no	3670 // InvalidStateError exception on setting if the Document has no

3665 // browsing context.	3671 // browsing context.

3666	3672

3667 if (!securityOrigin()->canAccessCookies()) {	3673 if (!securityOrigin()->canAccessCookies()) {

3668 es.throwDOMException(SecurityError);	3674 String accessDeniedMessage = "Access to 'cookie' is denied for this docu ment.";

	3675 if (isSandboxed(SandboxOrigin))

	3676 es.throwSecurityError(accessDeniedMessage + " The document is sandbo xed and lacks the 'allow-same-origin' flag.");

	3677 else if (url().protocolIs("data"))

	3678 es.throwSecurityError(accessDeniedMessage + " Cookies are disabled i nside 'data:' URLs.");

	3679 else

	3680 es.throwSecurityError(accessDeniedMessage);

3669 return;	3681 return;

3670 }	3682 }

3671	3683

3672 KURL cookieURL = this->cookieURL();	3684 KURL cookieURL = this->cookieURL();

3673 if (cookieURL.isEmpty())	3685 if (cookieURL.isEmpty())

3674 return;	3686 return;

3675	3687

3676 setCookies(this, cookieURL, value);	3688 setCookies(this, cookieURL, value);

3677 }	3689 }

3678	3690

(...skipping 1512 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
5191 {	5203 {

5192 return DocumentLifecycleNotifier::create(this);	5204 return DocumentLifecycleNotifier::create(this);

5193 }	5205 }

5194	5206

5195 DocumentLifecycleNotifier* Document::lifecycleNotifier()	5207 DocumentLifecycleNotifier* Document::lifecycleNotifier()

5196 {	5208 {

5197 return static_cast<DocumentLifecycleNotifier*>(ScriptExecutionContext::lifec ycleNotifier());	5209 return static_cast<DocumentLifecycleNotifier*>(ScriptExecutionContext::lifec ycleNotifier());

5198 }	5210 }

5199	5211

5200 } // namespace WebCore	5212 } // namespace WebCore

OLD	NEW

« no previous file with comments | « LayoutTests/fast/frames/sandboxed-iframe-storage-expected.txt ('k') | no next file » | no next file with comments »