OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2009 Google Inc. All rights reserved. | 2 * Copyright (C) 2009 Google Inc. All rights reserved. |
3 * Copyright (C) 2014 Opera Software ASA. All rights reserved. | 3 * Copyright (C) 2014 Opera Software ASA. All rights reserved. |
4 * | 4 * |
5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
6 * modification, are permitted provided that the following conditions are | 6 * modification, are permitted provided that the following conditions are |
7 * met: | 7 * met: |
8 * | 8 * |
9 * * Redistributions of source code must retain the above copyright | 9 * * Redistributions of source code must retain the above copyright |
10 * notice, this list of conditions and the following disclaimer. | 10 * notice, this list of conditions and the following disclaimer. |
(...skipping 450 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
461 | 461 |
462 return v8::Local<v8::Object>::Cast(v8value); | 462 return v8::Local<v8::Object>::Cast(v8value); |
463 } | 463 } |
464 | 464 |
465 WebString WebPluginContainerImpl::executeScriptURL(const WebURL& url, | 465 WebString WebPluginContainerImpl::executeScriptURL(const WebURL& url, |
466 bool popupsAllowed) { | 466 bool popupsAllowed) { |
467 LocalFrame* frame = m_element->document().frame(); | 467 LocalFrame* frame = m_element->document().frame(); |
468 if (!frame) | 468 if (!frame) |
469 return WebString(); | 469 return WebString(); |
470 | 470 |
471 if (!m_element->document().contentSecurityPolicy()->allowJavaScriptURLs( | |
472 m_element, m_element->document().url(), OrdinalNumber())) { | |
473 return WebString(); | |
474 } | |
475 | |
476 const KURL& kurl = url; | 471 const KURL& kurl = url; |
477 DCHECK(kurl.protocolIs("javascript")); | 472 DCHECK(kurl.protocolIs("javascript")); |
478 | 473 |
479 String script = decodeURLEscapeSequences( | 474 String script = decodeURLEscapeSequences( |
480 kurl.getString().substring(strlen("javascript:"))); | 475 kurl.getString().substring(strlen("javascript:"))); |
481 | 476 |
| 477 if (!m_element->document().contentSecurityPolicy()->allowJavaScriptURLs( |
| 478 m_element, script, m_element->document().url(), OrdinalNumber())) { |
| 479 return WebString(); |
| 480 } |
| 481 |
482 UserGestureIndicator gestureIndicator( | 482 UserGestureIndicator gestureIndicator( |
483 popupsAllowed ? DocumentUserGestureToken::create( | 483 popupsAllowed ? DocumentUserGestureToken::create( |
484 frame->document(), UserGestureToken::NewGesture) | 484 frame->document(), UserGestureToken::NewGesture) |
485 : nullptr); | 485 : nullptr); |
486 v8::HandleScope handleScope(toIsolate(frame)); | 486 v8::HandleScope handleScope(toIsolate(frame)); |
487 v8::Local<v8::Value> result = | 487 v8::Local<v8::Value> result = |
488 frame->script().executeScriptInMainWorldAndReturnValue( | 488 frame->script().executeScriptInMainWorldAndReturnValue( |
489 ScriptSourceCode(script)); | 489 ScriptSourceCode(script)); |
490 | 490 |
491 // Failure is reported as a null string. | 491 // Failure is reported as a null string. |
(...skipping 494 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
986 // frame view. | 986 // frame view. |
987 computeClipRectsForPlugin(m_element, windowRect, clipRect, unobscuredRect); | 987 computeClipRectsForPlugin(m_element, windowRect, clipRect, unobscuredRect); |
988 } | 988 } |
989 getPluginOcclusions(m_element, this->parent(), frameRect(), cutOutRects); | 989 getPluginOcclusions(m_element, this->parent(), frameRect(), cutOutRects); |
990 // Convert to the plugin position. | 990 // Convert to the plugin position. |
991 for (size_t i = 0; i < cutOutRects.size(); i++) | 991 for (size_t i = 0; i < cutOutRects.size(); i++) |
992 cutOutRects[i].move(-frameRect().x(), -frameRect().y()); | 992 cutOutRects[i].move(-frameRect().x(), -frameRect().y()); |
993 } | 993 } |
994 | 994 |
995 } // namespace blink | 995 } // namespace blink |
OLD | NEW |