diff options
| author | jochen@chromium.org <jochen@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-03-31 08:09:45 +0000 |
|---|---|---|
| committer | jochen@chromium.org <jochen@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-03-31 08:09:45 +0000 |
| commit | 0a1a4543882c0cf8b73a44d4d79f36c4e6d77fe9 (patch) | |
| tree | fcf3bff8df2138387cb0ad397460216fc05a66dc /chrome/renderer | |
| parent | 28dd598b6433c08e58e261538af94b8aa5edff60 (diff) | |
| download | chromium_src-0a1a4543882c0cf8b73a44d4d79f36c4e6d77fe9.zip chromium_src-0a1a4543882c0cf8b73a44d4d79f36c4e6d77fe9.tar.gz chromium_src-0a1a4543882c0cf8b73a44d4d79f36c4e6d77fe9.tar.bz2 | |
Reland 43183. Block database access on allowDatabase instead of databaseOpenFile. BUG=36435 TEST=Set cookie settings to ASK and open a page with web databases. Review URL: http://codereview.chromium.org/1338001
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@43185 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/renderer')
| -rw-r--r-- | chrome/renderer/render_thread.cc | 1 | ||||
| -rw-r--r-- | chrome/renderer/render_view.cc | 15 | ||||
| -rw-r--r-- | chrome/renderer/render_view.h | 3 |
3 files changed, 19 insertions, 0 deletions
diff --git a/chrome/renderer/render_thread.cc b/chrome/renderer/render_thread.cc index 81636c7..c40ef64 100644 --- a/chrome/renderer/render_thread.cc +++ b/chrome/renderer/render_thread.cc @@ -313,6 +313,7 @@ bool RenderThread::Send(IPC::Message* msg) { case ViewHostMsg_GetRawCookies::ID: case ViewHostMsg_DOMStorageSetItem::ID: case ViewHostMsg_SyncLoad::ID: + case ViewHostMsg_AllowDatabase::ID: may_show_cookie_prompt = true; pumping_events = true; break; diff --git a/chrome/renderer/render_view.cc b/chrome/renderer/render_view.cc index d8506c3..6c8b8a2 100644 --- a/chrome/renderer/render_view.cc +++ b/chrome/renderer/render_view.cc @@ -2936,6 +2936,21 @@ bool RenderView::allowScript(WebFrame* frame, bool enabled_per_settings) { return false; // Other protocols fall through here. } +bool RenderView::allowDatabase( + WebFrame* frame, const WebString& name, const WebString& display_name, + unsigned long estimated_size) { + WebSecurityOrigin origin = frame->securityOrigin(); + if (origin.isEmpty()) + return false; // Uninitialized document? + + bool result; + if (!Send(new ViewHostMsg_AllowDatabase(routing_id_, + origin.toString().utf8(), name, display_name, estimated_size, &result))) + return false; + if (!result) + DidBlockContentType(CONTENT_SETTINGS_TYPE_COOKIES); + return result; +} void RenderView::didNotAllowScript(WebKit::WebFrame* frame) { DidBlockContentType(CONTENT_SETTINGS_TYPE_JAVASCRIPT); } diff --git a/chrome/renderer/render_view.h b/chrome/renderer/render_view.h index 370b92d..b057a9a 100644 --- a/chrome/renderer/render_view.h +++ b/chrome/renderer/render_view.h @@ -375,6 +375,9 @@ class RenderView : public RenderWidget, virtual void didRunInsecureContent( WebKit::WebFrame* frame, const WebKit::WebSecurityOrigin& origin); virtual bool allowScript(WebKit::WebFrame* frame, bool enabled_per_settings); + virtual bool allowDatabase( + WebKit::WebFrame* frame, const WebKit::WebString& name, + const WebKit::WebString& display_name, unsigned long estimated_size); virtual void didNotAllowScript(WebKit::WebFrame* frame); virtual void didNotAllowPlugins(WebKit::WebFrame* frame); virtual void didExhaustMemoryAvailableForScript(WebKit::WebFrame* frame); |