1 files changed, 132 insertions, 0 deletions

diff --git a/src/3rdparty/webkit/WebCore/bindings/generic/BindingSecurity.h b/src/3rdparty/webkit/WebCore/bindings/generic/BindingSecurity.h
new file mode 100644
index 0000000000..929b8f4c41
--- /dev/null
+++ b/src/3rdparty/webkit/WebCore/bindings/generic/BindingSecurity.h
@@ -0,0 +1,132 @@
+/*
+ * Copyright (C) 2009 Google Inc. All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ * 
+ *     * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *     * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef BindingSecurity_h
+#define BindingSecurity_h
+
+#include "BindingSecurityBase.h"
+#include "CSSHelper.h"
+#include "Element.h"
+#include "GenericBinding.h"
+#include "HTMLFrameElementBase.h"
+
+namespace WebCore {
+
+class DOMWindow;
+class Frame;
+class Node;
+
+// Security functions shared by various language bindings.
+template <class Binding>
+class BindingSecurity : public BindingSecurityBase {
+public:
+    // Check if the active execution context can access the target frame.
+    static bool canAccessFrame(State<Binding>*, Frame*, bool reportError);
+
+    // Check if it is safe to access the given node from the
+    // current security context.
+    static bool checkNodeSecurity(State<Binding>*, Node* target);
+
+    static bool allowSettingFrameSrcToJavascriptUrl(State<Binding>*, HTMLFrameElementBase*, String value);
+    static bool allowSettingSrcToJavascriptURL(State<Binding>*, Element*, String name, String value);
+
+private:
+    explicit BindingSecurity() {}
+    ~BindingSecurity();
+
+    // Check if the current DOMWindow's security context can access the target
+    // DOMWindow.  This function does not report errors, so most callers should
+    // use canAccessFrame instead.
+    static bool canAccessWindow(State<Binding>*, DOMWindow* target);
+};
+
+// Implementations of templated methods must be in this file.
+
+template <class Binding>
+bool BindingSecurity<Binding>::canAccessWindow(State<Binding>* state,
+                                               DOMWindow* targetWindow)
+{
+    DOMWindow* activeWindow = state->getActiveWindow();
+    return canAccess(activeWindow, targetWindow);
+}
+
+template <class Binding>
+bool BindingSecurity<Binding>::canAccessFrame(State<Binding>* state,
+                                              Frame* target,
+                                              bool reportError)
+{
+    // The subject is detached from a frame, deny accesses.
+    if (!target)
+        return false;
+
+    if (!canAccessWindow(state, getDOMWindow(target))) {
+        if (reportError)
+            state->immediatelyReportUnsafeAccessTo(target);
+        return false;
+    }
+    return true;
+}
+
+template <class Binding>
+bool BindingSecurity<Binding>::checkNodeSecurity(State<Binding>* state, Node* node)
+{
+    if (!node)
+        return false;
+
+    Frame* target = getFrame(node);
+
+    if (!target)
+        return false;
+
+    return canAccessFrame(state, target, true);
+}
+
+template <class Binding>
+bool BindingSecurity<Binding>::allowSettingFrameSrcToJavascriptUrl(State<Binding>* state, HTMLFrameElementBase* frame, String value)
+{
+    if (protocolIsJavaScript(deprecatedParseURL(value))) {
+        Node* contentDoc = frame->contentDocument();
+        if (contentDoc && !checkNodeSecurity(state, contentDoc))
+            return false;
+    }
+    return true;
+}
+
+template <class Binding>
+bool BindingSecurity<Binding>::allowSettingSrcToJavascriptURL(State<Binding>* state, Element* element, String name, String value)
+{
+    if ((element->hasTagName(HTMLNames::iframeTag) || element->hasTagName(HTMLNames::frameTag)) && equalIgnoringCase(name, "src"))
+        return allowSettingFrameSrcToJavascriptUrl(state, static_cast<HTMLFrameElementBase*>(element), value);
+    return true;
+}
+
+}
+
+#endif // BindingSecurity_h