This source file includes following definitions.
- isDocumentAccessibleFromDOMWindow
- canAccessDocument
- canAccessDocument
- shouldAllowAccessToFrame
- shouldAllowAccessToFrame
- shouldAllowAccessToNode
#include "config.h"
#include "bindings/v8/BindingSecurity.h"
#include "bindings/v8/V8Binding.h"
#include "core/dom/Document.h"
#include "core/html/HTMLFrameElementBase.h"
#include "core/frame/DOMWindow.h"
#include "core/frame/LocalFrame.h"
#include "core/frame/Settings.h"
#include "platform/weborigin/SecurityOrigin.h"
namespace WebCore {
static bool isDocumentAccessibleFromDOMWindow(Document* targetDocument, DOMWindow* callingWindow)
{
if (!targetDocument)
return false;
if (!callingWindow)
return false;
if (callingWindow->document()->securityOrigin()->canAccess(targetDocument->securityOrigin()))
return true;
return false;
}
static bool canAccessDocument(v8::Isolate* isolate, Document* targetDocument, ExceptionState& exceptionState)
{
DOMWindow* callingWindow = callingDOMWindow(isolate);
if (isDocumentAccessibleFromDOMWindow(targetDocument, callingWindow))
return true;
if (targetDocument->domWindow())
exceptionState.throwSecurityError(targetDocument->domWindow()->sanitizedCrossDomainAccessErrorMessage(callingWindow), targetDocument->domWindow()->crossDomainAccessErrorMessage(callingWindow));
return false;
}
static bool canAccessDocument(v8::Isolate* isolate, Document* targetDocument, SecurityReportingOption reportingOption = ReportSecurityError)
{
DOMWindow* callingWindow = callingDOMWindow(isolate);
if (isDocumentAccessibleFromDOMWindow(targetDocument, callingWindow))
return true;
if (reportingOption == ReportSecurityError && targetDocument->domWindow()) {
if (LocalFrame* frame = targetDocument->frame())
frame->domWindow()->printErrorMessage(targetDocument->domWindow()->crossDomainAccessErrorMessage(callingWindow));
}
return false;
}
bool BindingSecurity::shouldAllowAccessToFrame(v8::Isolate* isolate, Frame* target, SecurityReportingOption reportingOption)
{
if (!target || !target->isLocalFrame())
return false;
return canAccessDocument(isolate, toLocalFrame(target)->document(), reportingOption);
}
bool BindingSecurity::shouldAllowAccessToFrame(v8::Isolate* isolate, Frame* target, ExceptionState& exceptionState)
{
if (!target || !target->isLocalFrame())
return false;
return canAccessDocument(isolate, toLocalFrame(target)->document(), exceptionState);
}
bool BindingSecurity::shouldAllowAccessToNode(v8::Isolate* isolate, Node* target, ExceptionState& exceptionState)
{
return target && canAccessDocument(isolate, &target->document(), exceptionState);
}
}