| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2009, 2012 Ericsson AB. All rights reserved. | 2 * Copyright (C) 2009, 2012 Ericsson AB. All rights reserved. |
| 3 * Copyright (C) 2010 Apple Inc. All rights reserved. | 3 * Copyright (C) 2010 Apple Inc. All rights reserved. |
| 4 * Copyright (C) 2011, Code Aurora Forum. All rights reserved. | 4 * Copyright (C) 2011, Code Aurora Forum. All rights reserved. |
| 5 * | 5 * |
| 6 * Redistribution and use in source and binary forms, with or without | 6 * Redistribution and use in source and binary forms, with or without |
| 7 * modification, are permitted provided that the following conditions | 7 * modification, are permitted provided that the following conditions |
| 8 * are met: | 8 * are met: |
| 9 * | 9 * |
| 10 * 1. Redistributions of source code must retain the above copyright | 10 * 1. Redistributions of source code must retain the above copyright |
| (...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 85 return 0; | 85 return 0; |
| 86 } | 86 } |
| 87 | 87 |
| 88 // FIXME: Convert this to check the isolated world's Content Security Policy
once webkit.org/b/104520 is solved. | 88 // FIXME: Convert this to check the isolated world's Content Security Policy
once webkit.org/b/104520 is solved. |
| 89 bool shouldBypassMainWorldContentSecurityPolicy = false; | 89 bool shouldBypassMainWorldContentSecurityPolicy = false; |
| 90 if (context->isDocument()) { | 90 if (context->isDocument()) { |
| 91 Document* document = toDocument(context); | 91 Document* document = toDocument(context); |
| 92 shouldBypassMainWorldContentSecurityPolicy = document->frame()->script()
->shouldBypassMainWorldContentSecurityPolicy(); | 92 shouldBypassMainWorldContentSecurityPolicy = document->frame()->script()
->shouldBypassMainWorldContentSecurityPolicy(); |
| 93 } | 93 } |
| 94 if (!shouldBypassMainWorldContentSecurityPolicy && !context->contentSecurity
Policy()->allowConnectToSource(fullURL)) { | 94 if (!shouldBypassMainWorldContentSecurityPolicy && !context->contentSecurity
Policy()->allowConnectToSource(fullURL)) { |
| 95 es.throwDOMException(SecurityError, "Refused to connect to '" + fullURL.
elidedString() + "' because it violates the document's Content Security Policy."
); | 95 // We can safely expose the URL to JavaScript, as this exception is gene
rate synchronously before any redirects take place. |
| 96 es.throwSecurityError("Refused to connect to '" + fullURL.elidedString()
+ "' because it violates the document's Content Security Policy."); |
| 96 return 0; | 97 return 0; |
| 97 } | 98 } |
| 98 | 99 |
| 99 RefPtr<EventSource> source = adoptRef(new EventSource(context, fullURL, even
tSourceInit)); | 100 RefPtr<EventSource> source = adoptRef(new EventSource(context, fullURL, even
tSourceInit)); |
| 100 | 101 |
| 101 source->setPendingActivity(source.get()); | 102 source->setPendingActivity(source.get()); |
| 102 source->connect(); | 103 source->connect(); |
| 103 source->suspendIfNeeded(); | 104 source->suspendIfNeeded(); |
| 104 | 105 |
| 105 return source.release(); | 106 return source.release(); |
| (...skipping 318 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 424 { | 425 { |
| 425 return &m_eventTargetData; | 426 return &m_eventTargetData; |
| 426 } | 427 } |
| 427 | 428 |
| 428 EventTargetData* EventSource::ensureEventTargetData() | 429 EventTargetData* EventSource::ensureEventTargetData() |
| 429 { | 430 { |
| 430 return &m_eventTargetData; | 431 return &m_eventTargetData; |
| 431 } | 432 } |
| 432 | 433 |
| 433 } // namespace WebCore | 434 } // namespace WebCore |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 23283009:
Convert SecurityError exceptions to 'es.throwSecurityError()'. (Closed)
Base URL: svn://svn.chromium.org/blink/trunk