summaryrefslogtreecommitdiffstats
path: root/WebCore/page/SecurityOrigin.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'WebCore/page/SecurityOrigin.cpp')
-rw-r--r--WebCore/page/SecurityOrigin.cpp13
1 files changed, 13 insertions, 0 deletions
diff --git a/WebCore/page/SecurityOrigin.cpp b/WebCore/page/SecurityOrigin.cpp
index f759402..5b51501 100644
--- a/WebCore/page/SecurityOrigin.cpp
+++ b/WebCore/page/SecurityOrigin.cpp
@@ -29,6 +29,7 @@
#include "config.h"
#include "SecurityOrigin.h"
+#include "BlobURL.h"
#include "Document.h"
#include "FileSystem.h"
#include "KURL.h"
@@ -123,6 +124,10 @@ PassRefPtr<SecurityOrigin> SecurityOrigin::create(const KURL& url, SandboxFlags
{
if (!url.isValid())
return adoptRef(new SecurityOrigin(KURL(), sandboxFlags));
+#if ENABLE(BLOB)
+ if (url.protocolIs("blob"))
+ return adoptRef(new SecurityOrigin(BlobURL::getOrigin(url), sandboxFlags));
+#endif
return adoptRef(new SecurityOrigin(url, sandboxFlags));
}
@@ -275,6 +280,14 @@ bool SecurityOrigin::isAccessWhiteListed(const SecurityOrigin* targetOrigin) con
bool SecurityOrigin::canLoad(const KURL& url, const String& referrer, Document* document)
{
+#if ENABLE(BLOB)
+ if (url.protocolIs("blob") && document) {
+ SecurityOrigin* documentOrigin = document->securityOrigin();
+ RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url);
+ return documentOrigin->isSameSchemeHostPort(targetOrigin.get());
+ }
+#endif
+
if (!SchemeRegistry::shouldTreatURLAsLocal(url.string()))
return true;
generated by cgit v1.1 at 2025-05-31 20:24:41 +0000