diff options
author | Ben Murdoch <benm@google.com> | 2011-05-13 16:23:25 +0100 |
---|---|---|
committer | Ben Murdoch <benm@google.com> | 2011-05-16 11:35:02 +0100 |
commit | 65f03d4f644ce73618e5f4f50dd694b26f55ae12 (patch) | |
tree | f478babb801e720de7bfaee23443ffe029f58731 /Source/WebCore/page/SecurityOrigin.cpp | |
parent | 47de4a2fb7262c7ebdb9cd133ad2c54c187454d0 (diff) | |
download | external_webkit-65f03d4f644ce73618e5f4f50dd694b26f55ae12.zip external_webkit-65f03d4f644ce73618e5f4f50dd694b26f55ae12.tar.gz external_webkit-65f03d4f644ce73618e5f4f50dd694b26f55ae12.tar.bz2 |
Merge WebKit at r75993: Initial merge by git.
Change-Id: I602bbdc3974787a3b0450456a30a7868286921c3
Diffstat (limited to 'Source/WebCore/page/SecurityOrigin.cpp')
-rw-r--r-- | Source/WebCore/page/SecurityOrigin.cpp | 27 |
1 files changed, 16 insertions, 11 deletions
diff --git a/Source/WebCore/page/SecurityOrigin.cpp b/Source/WebCore/page/SecurityOrigin.cpp index 16de640..789fdf9 100644 --- a/Source/WebCore/page/SecurityOrigin.cpp +++ b/Source/WebCore/page/SecurityOrigin.cpp @@ -299,25 +299,30 @@ bool SecurityOrigin::isAccessWhiteListed(const SecurityOrigin* targetOrigin) con } return false; } - + +bool SecurityOrigin::isAccessToURLWhiteListed(const KURL& url) const +{ + RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url); + return isAccessWhiteListed(targetOrigin.get()); +} + bool SecurityOrigin::canDisplay(const KURL& url) const { + String protocol = url.protocol().lower(); + #if ENABLE(BLOB) - if (url.protocolIs(BlobURL::blobProtocol())) + // FIXME: We should generalize this check. + if (protocol == BlobURL::blobProtocol()) return canRequest(url); #endif - if (!restrictAccessToLocal()) - return true; + if (SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated(protocol)) + return m_protocol == protocol || isAccessToURLWhiteListed(url); - if (!SchemeRegistry::shouldTreatURLAsLocal(url.string())) - return true; + if (restrictAccessToLocal() && SchemeRegistry::shouldTreatURLSchemeAsLocal(protocol)) + return canLoadLocalResources() || isAccessToURLWhiteListed(url); - RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url); - if (isAccessWhiteListed(targetOrigin.get())) - return true; - - return canLoadLocalResources(); + return true; } void SecurityOrigin::grantLoadLocalResources() |