diff options
| author | Ben Murdoch <benm@google.com> | 2011-06-02 12:07:03 +0100 |
|---|---|---|
| committer | Ben Murdoch <benm@google.com> | 2011-06-10 10:47:21 +0100 |
| commit | 2daae5fd11344eaa88a0d92b0f6d65f8d2255c00 (patch) | |
| tree | e4964fbd1cb70599f7718ff03e50ea1dab33890b /Source/WebCore/loader/SubframeLoader.cpp | |
| parent | 87bdf0060a247bfbe668342b87e0874182e0ffa9 (diff) | |
| download | external_webkit-2daae5fd11344eaa88a0d92b0f6d65f8d2255c00.zip external_webkit-2daae5fd11344eaa88a0d92b0f6d65f8d2255c00.tar.gz external_webkit-2daae5fd11344eaa88a0d92b0f6d65f8d2255c00.tar.bz2 | |
Merge WebKit at r84325: Initial merge by git.
Change-Id: Ic1a909300ecc0a13ddc6b4e784371d2ac6e3d59b
Diffstat (limited to 'Source/WebCore/loader/SubframeLoader.cpp')
| -rw-r--r-- | Source/WebCore/loader/SubframeLoader.cpp | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/Source/WebCore/loader/SubframeLoader.cpp b/Source/WebCore/loader/SubframeLoader.cpp index e7f851f..d290765 100644 --- a/Source/WebCore/loader/SubframeLoader.cpp +++ b/Source/WebCore/loader/SubframeLoader.cpp @@ -33,6 +33,7 @@ #include "config.h" #include "SubframeLoader.h" +#include "ContentSecurityPolicy.h" #include "Frame.h" #include "FrameLoaderClient.h" #include "HTMLAppletElement.h" @@ -109,8 +110,12 @@ bool SubframeLoader::requestPlugin(HTMLPlugInImageElement* ownerElement, const K || (!settings->isJavaEnabled() && MIMETypeRegistry::isJavaAppletMIMEType(mimeType))) return false; - if (m_frame->document() && m_frame->document()->securityOrigin()->isSandboxed(SandboxPlugins)) - return false; + if (m_frame->document()) { + if (m_frame->document()->securityOrigin()->isSandboxed(SandboxPlugins)) + return false; + if (!m_frame->document()->contentSecurityPolicy()->allowObjectFromSource(url)) + return false; + } ASSERT(ownerElement->hasTagName(objectTag) || ownerElement->hasTagName(embedTag)); return loadPlugin(ownerElement, url, mimeType, paramNames, paramValues, useFallback); |