diff options
Diffstat (limited to 'WebCore/bindings/js/JSLocation.cpp')
-rw-r--r-- | WebCore/bindings/js/JSLocation.cpp | 43 |
1 files changed, 28 insertions, 15 deletions
diff --git a/WebCore/bindings/js/JSLocation.cpp b/WebCore/bindings/js/JSLocation.cpp index 2fc1a34..b4e63de 100644 --- a/WebCore/bindings/js/JSLocation.cpp +++ b/WebCore/bindings/js/JSLocation.cpp @@ -26,6 +26,7 @@ #include "DOMWindow.h" #include "Frame.h" #include "FrameLoader.h" +#include "PlatformString.h" #include "kjs_proxy.h" #include "kjs_window.h" @@ -131,12 +132,12 @@ bool JSLocation::customGetOwnPropertySlot(ExecState* exec, const Identifier& pro return true; } -void JSLocation::put(ExecState* exec, const Identifier& propertyName, JSValue* value) +void JSLocation::put(ExecState* exec, const Identifier& propertyName, JSValue* value, int attr) { if (!m_frame) return; - String str = value->toString(exec); + DeprecatedString str = value->toString(exec); KURL url = m_frame->loader()->url(); bool sameDomainAccess = allowsAccessFromFrame(exec, m_frame); @@ -151,7 +152,6 @@ void JSLocation::put(ExecState* exec, const Identifier& propertyName, JSValue* v switch (entry->value.intValue) { case Href: { - // FIXME: Why isn't this security check needed for the other properties, like Host, below? Frame* frame = Window::retrieveActive(exec)->impl()->frame(); if (!frame) return; @@ -160,30 +160,27 @@ void JSLocation::put(ExecState* exec, const Identifier& propertyName, JSValue* v url = frame->loader()->completeURL(str); break; } - case Hash: + case Hash: { if (str.startsWith("#")) - str = str.substring(1); + str = str.mid(1); if (url.ref() == str) return; url.setRef(str); break; - case Host: + } + case Host: { url.setHostAndPort(str); break; + } case Hostname: url.setHost(str); break; case Pathname: url.setPath(str); break; - case Port: { - // FIXME: Could make this a little less ugly if String provided a toUnsignedShort function. - int port = str.toInt(); - if (port < 0 || port > 0xFFFF) - port = 0; - url.setPort(port); + case Port: + url.setPort(str.toUInt()); break; - } case Protocol: url.setProtocol(str); break; @@ -197,12 +194,16 @@ void JSLocation::put(ExecState* exec, const Identifier& propertyName, JSValue* v } } else { if (sameDomainAccess) - JSObject::put(exec, propertyName, value); + JSObject::put(exec, propertyName, value, attr); return; } Frame* activeFrame = Window::retrieveActive(exec)->impl()->frame(); +#ifdef ANDROID_JAVASCRIPT_SECURITY if (!url.protocolIs("javascript") || sameDomainAccess) { +#else + if (!url.deprecatedString().startsWith("javascript:", false) || sameDomainAccess) { +#endif bool userGesture = activeFrame->scriptProxy()->processingUserGesture(); m_frame->loader()->scheduleLocationChange(url.string(), activeFrame->loader()->outgoingReferrer(), false, userGesture); } @@ -237,9 +238,13 @@ JSValue* jsLocationProtoFuncReplace(ExecState* exec, JSObject* thisObj, const Li if (activeFrame) { if (!activeFrame->loader()->shouldAllowNavigation(frame)) return jsUndefined(); - String str = args[0]->toString(exec); + DeprecatedString str = args[0]->toString(exec); const Window* window = Window::retrieveWindow(frame); +#ifdef ANDROID_JAVASCRIPT_SECURITY if (!protocolIs(str, "javascript") || (window && window->allowsAccessFrom(exec))) { +#else + if (!str.startsWith("javascript:", false) || (window && window->allowsAccessFrom(exec))) { +#endif bool userGesture = activeFrame->scriptProxy()->processingUserGesture(); frame->loader()->scheduleLocationChange(activeFrame->loader()->completeURL(str).string(), activeFrame->loader()->outgoingReferrer(), true, userGesture); } @@ -261,7 +266,11 @@ JSValue* jsLocationProtoFuncReload(ExecState* exec, JSObject* thisObj, const Lis if (!window->allowsAccessFrom(exec)) return jsUndefined(); +#ifdef ANDROID_JAVASCRIPT_SECURITY if (!frame->loader()->url().protocolIs("javascript") || (window && window->allowsAccessFrom(exec))) { +#else + if (!frame->loader()->url().deprecatedString().startsWith("javascript:", false) || (window && window->allowsAccessFrom(exec))) { +#endif bool userGesture = Window::retrieveActive(exec)->impl()->frame()->scriptProxy()->processingUserGesture(); frame->loader()->scheduleRefresh(userGesture); } @@ -283,7 +292,11 @@ JSValue* jsLocationProtoFuncAssign(ExecState* exec, JSObject* thisObj, const Lis return jsUndefined(); const Window* window = Window::retrieveWindow(frame); String dstUrl = activeFrame->loader()->completeURL(args[0]->toString(exec)).string(); +#ifdef ANDROID_JAVASCRIPT_SECURITY if (!protocolIs(dstUrl, "javascript") || (window && window->allowsAccessFrom(exec))) { +#else + if (!dstUrl.startsWith("javascript:", false) || (window && window->allowsAccessFrom(exec))) { +#endif bool userGesture = activeFrame->scriptProxy()->processingUserGesture(); // We want a new history item if this JS was called via a user gesture frame->loader()->scheduleLocationChange(dstUrl, activeFrame->loader()->outgoingReferrer(), false, userGesture); |