forked from mirrors/gecko-dev
ddd49dfd1c
Because of #2122 I cannot write test for this right now because it will be failing randomly due to that iframe issue. However, if it doesn't fail due to that issue a test like this:
```html
<html>
<head>
<meta charset="utf8" />
<script src="harness.js"></script>
<title>Iframe contentDocument test.</title>
</head>
<body>
<iframe src="test_iframe_contentDocument_inner.html" id="iframe"></iframe>
<script>
waitForExplicitFinish();
var timeout = 100;
var iframe = document.getElementById('iframe');
function test_contentWindow() {
if (!iframe.contentWindow) {
// Iframe not loaded yet, try again.
// No load event for iframe, insert bug number here.
setTimeout(test_contentWindow, timeout);
return;
}
is(iframe.contentDocument.getElementById('test').textContent, 'value');
finish();
}
test_contentWindow();
</script>
</body>
</html>
```
where inner is simply:
```html
<html><body><div id="test">value</div></body></html>
```
passes.
I have added `SameOrigin` method to the `UrlHelper`. I wanted to reuse it in [`constellation.rs` same_script check](f0184a2d01/components/compositing/constellation.rs (L625)) but I it didn't want to compile saying
```
error: unresolved import `dom::urlhelper::UrlHelper`. Maybe a missing `extern crate dom`?
```
So I didn't include it in this PR for now.
There is more discussion about the cross origin iframes in [another issue](https://github.com/servo/servo/issues/3939). In this PR I just added same origin check.
Source-Repo: https://github.com/servo/servo
Source-Revision: 85a2f0b66a32cfd6022b3e6cec6ec06f3b59baf1
269 lines
8.6 KiB
Rust
269 lines
8.6 KiB
Rust
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
use dom::attr::Attr;
|
|
use dom::attr::AttrHelpers;
|
|
use dom::bindings::codegen::Bindings::HTMLIFrameElementBinding;
|
|
use dom::bindings::codegen::Bindings::HTMLIFrameElementBinding::HTMLIFrameElementMethods;
|
|
use dom::bindings::codegen::Bindings::WindowBinding::WindowMethods;
|
|
use dom::bindings::codegen::InheritTypes::{NodeCast, ElementCast};
|
|
use dom::bindings::codegen::InheritTypes::{HTMLElementCast, HTMLIFrameElementDerived};
|
|
use dom::bindings::js::{JSRef, Temporary, OptionalRootable};
|
|
use dom::bindings::utils::{Reflectable, Reflector};
|
|
use dom::document::Document;
|
|
use dom::element::{HTMLIFrameElementTypeId, Element};
|
|
use dom::element::AttributeHandlers;
|
|
use dom::eventtarget::{EventTarget, NodeTargetTypeId};
|
|
use dom::htmlelement::HTMLElement;
|
|
use dom::node::{Node, NodeHelpers, ElementNodeTypeId, window_from_node};
|
|
use dom::urlhelper::UrlHelper;
|
|
use dom::virtualmethods::VirtualMethods;
|
|
use dom::window::Window;
|
|
use page::IterablePage;
|
|
|
|
use servo_msg::constellation_msg::{PipelineId, SubpageId};
|
|
use servo_msg::constellation_msg::{IFrameSandboxed, IFrameUnsandboxed};
|
|
use servo_msg::constellation_msg::{ConstellationChan, ScriptLoadedURLInIFrameMsg};
|
|
use servo_util::str::DOMString;
|
|
|
|
use std::ascii::AsciiExt;
|
|
use std::cell::Cell;
|
|
use url::{Url, UrlParser};
|
|
|
|
enum SandboxAllowance {
|
|
AllowNothing = 0x00,
|
|
AllowSameOrigin = 0x01,
|
|
AllowTopNavigation = 0x02,
|
|
AllowForms = 0x04,
|
|
AllowScripts = 0x08,
|
|
AllowPointerLock = 0x10,
|
|
AllowPopups = 0x20
|
|
}
|
|
|
|
#[dom_struct]
|
|
pub struct HTMLIFrameElement {
|
|
htmlelement: HTMLElement,
|
|
size: Cell<Option<IFrameSize>>,
|
|
sandbox: Cell<Option<u8>>,
|
|
}
|
|
|
|
impl HTMLIFrameElementDerived for EventTarget {
|
|
fn is_htmliframeelement(&self) -> bool {
|
|
*self.type_id() == NodeTargetTypeId(ElementNodeTypeId(HTMLIFrameElementTypeId))
|
|
}
|
|
}
|
|
|
|
#[jstraceable]
|
|
#[privatize]
|
|
pub struct IFrameSize {
|
|
pipeline_id: PipelineId,
|
|
subpage_id: SubpageId,
|
|
}
|
|
|
|
impl IFrameSize {
|
|
#[inline]
|
|
pub fn pipeline_id<'a>(&'a self) -> &'a PipelineId {
|
|
&self.pipeline_id
|
|
}
|
|
|
|
#[inline]
|
|
pub fn subpage_id<'a>(&'a self) -> &'a SubpageId {
|
|
&self.subpage_id
|
|
}
|
|
}
|
|
|
|
pub trait HTMLIFrameElementHelpers {
|
|
fn is_sandboxed(self) -> bool;
|
|
fn get_url(self) -> Option<Url>;
|
|
/// http://www.whatwg.org/html/#process-the-iframe-attributes
|
|
fn process_the_iframe_attributes(self);
|
|
}
|
|
|
|
impl<'a> HTMLIFrameElementHelpers for JSRef<'a, HTMLIFrameElement> {
|
|
fn is_sandboxed(self) -> bool {
|
|
self.sandbox.get().is_some()
|
|
}
|
|
|
|
fn get_url(self) -> Option<Url> {
|
|
let element: JSRef<Element> = ElementCast::from_ref(self);
|
|
element.get_attribute(ns!(""), &atom!("src")).root().and_then(|src| {
|
|
let url = src.value();
|
|
if url.as_slice().is_empty() {
|
|
None
|
|
} else {
|
|
let window = window_from_node(self).root();
|
|
UrlParser::new().base_url(&window.page().get_url())
|
|
.parse(url.as_slice()).ok()
|
|
}
|
|
})
|
|
}
|
|
|
|
fn process_the_iframe_attributes(self) {
|
|
let url = match self.get_url() {
|
|
Some(url) => url.clone(),
|
|
None => Url::parse("about:blank").unwrap(),
|
|
};
|
|
|
|
let sandboxed = if self.is_sandboxed() {
|
|
IFrameSandboxed
|
|
} else {
|
|
IFrameUnsandboxed
|
|
};
|
|
|
|
// Subpage Id
|
|
let window = window_from_node(self).root();
|
|
let page = window.page();
|
|
let subpage_id = page.get_next_subpage_id();
|
|
|
|
self.size.set(Some(IFrameSize {
|
|
pipeline_id: page.id,
|
|
subpage_id: subpage_id,
|
|
}));
|
|
|
|
let ConstellationChan(ref chan) = page.constellation_chan;
|
|
chan.send(ScriptLoadedURLInIFrameMsg(url, page.id, subpage_id, sandboxed));
|
|
}
|
|
}
|
|
|
|
impl HTMLIFrameElement {
|
|
fn new_inherited(localName: DOMString, prefix: Option<DOMString>, document: JSRef<Document>) -> HTMLIFrameElement {
|
|
HTMLIFrameElement {
|
|
htmlelement: HTMLElement::new_inherited(HTMLIFrameElementTypeId, localName, prefix, document),
|
|
size: Cell::new(None),
|
|
sandbox: Cell::new(None),
|
|
}
|
|
}
|
|
|
|
#[allow(unrooted_must_root)]
|
|
pub fn new(localName: DOMString, prefix: Option<DOMString>, document: JSRef<Document>) -> Temporary<HTMLIFrameElement> {
|
|
let element = HTMLIFrameElement::new_inherited(localName, prefix, document);
|
|
Node::reflect_node(box element, document, HTMLIFrameElementBinding::Wrap)
|
|
}
|
|
|
|
#[inline]
|
|
pub fn size(&self) -> Option<IFrameSize> {
|
|
self.size.get()
|
|
}
|
|
}
|
|
|
|
impl<'a> HTMLIFrameElementMethods for JSRef<'a, HTMLIFrameElement> {
|
|
fn Src(self) -> DOMString {
|
|
let element: JSRef<Element> = ElementCast::from_ref(self);
|
|
element.get_string_attribute(&atom!("src"))
|
|
}
|
|
|
|
fn SetSrc(self, src: DOMString) {
|
|
let element: JSRef<Element> = ElementCast::from_ref(self);
|
|
element.set_url_attribute(&atom!("src"), src)
|
|
}
|
|
|
|
fn Sandbox(self) -> DOMString {
|
|
let element: JSRef<Element> = ElementCast::from_ref(self);
|
|
element.get_string_attribute(&atom!("sandbox"))
|
|
}
|
|
|
|
fn SetSandbox(self, sandbox: DOMString) {
|
|
let element: JSRef<Element> = ElementCast::from_ref(self);
|
|
element.set_string_attribute(&atom!("sandbox"), sandbox);
|
|
}
|
|
|
|
fn GetContentWindow(self) -> Option<Temporary<Window>> {
|
|
self.size.get().and_then(|size| {
|
|
let window = window_from_node(self).root();
|
|
let children = window.page().children.borrow();
|
|
let child = children.iter().find(|child| {
|
|
child.subpage_id.unwrap() == size.subpage_id
|
|
});
|
|
child.and_then(|page| {
|
|
page.frame.borrow().as_ref().map(|frame| {
|
|
Temporary::new(frame.window.clone())
|
|
})
|
|
})
|
|
})
|
|
}
|
|
|
|
fn GetContentDocument(self) -> Option<Temporary<Document>> {
|
|
self.GetContentWindow().root().and_then(|window| {
|
|
let self_url = match self.get_url() {
|
|
Some(self_url) => self_url,
|
|
None => return None,
|
|
};
|
|
let win_url = window_from_node(self).root().page().get_url();
|
|
|
|
if UrlHelper::SameOrigin(&self_url, &win_url) {
|
|
Some(window.Document())
|
|
} else {
|
|
None
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
impl<'a> VirtualMethods for JSRef<'a, HTMLIFrameElement> {
|
|
fn super_type<'a>(&'a self) -> Option<&'a VirtualMethods> {
|
|
let htmlelement: &JSRef<HTMLElement> = HTMLElementCast::from_borrowed_ref(self);
|
|
Some(htmlelement as &VirtualMethods)
|
|
}
|
|
|
|
fn after_set_attr(&self, attr: JSRef<Attr>) {
|
|
match self.super_type() {
|
|
Some(ref s) => s.after_set_attr(attr),
|
|
_ => ()
|
|
}
|
|
|
|
match attr.local_name() {
|
|
&atom!("sandbox") => {
|
|
let mut modes = AllowNothing as u8;
|
|
for word in attr.value().as_slice().split(' ') {
|
|
modes |= match word.to_ascii_lower().as_slice() {
|
|
"allow-same-origin" => AllowSameOrigin,
|
|
"allow-forms" => AllowForms,
|
|
"allow-pointer-lock" => AllowPointerLock,
|
|
"allow-popups" => AllowPopups,
|
|
"allow-scripts" => AllowScripts,
|
|
"allow-top-navigation" => AllowTopNavigation,
|
|
_ => AllowNothing
|
|
} as u8;
|
|
}
|
|
self.sandbox.set(Some(modes));
|
|
},
|
|
&atom!("src") => {
|
|
let node: JSRef<Node> = NodeCast::from_ref(*self);
|
|
if node.is_in_doc() {
|
|
self.process_the_iframe_attributes()
|
|
}
|
|
},
|
|
_ => ()
|
|
}
|
|
}
|
|
|
|
fn before_remove_attr(&self, attr: JSRef<Attr>) {
|
|
match self.super_type() {
|
|
Some(ref s) => s.before_remove_attr(attr),
|
|
_ => ()
|
|
}
|
|
|
|
match attr.local_name() {
|
|
&atom!("sandbox") => self.sandbox.set(None),
|
|
_ => ()
|
|
}
|
|
}
|
|
|
|
fn bind_to_tree(&self, tree_in_doc: bool) {
|
|
match self.super_type() {
|
|
Some(ref s) => s.bind_to_tree(tree_in_doc),
|
|
_ => (),
|
|
}
|
|
|
|
if tree_in_doc {
|
|
self.process_the_iframe_attributes();
|
|
}
|
|
}
|
|
}
|
|
|
|
impl Reflectable for HTMLIFrameElement {
|
|
fn reflector<'a>(&'a self) -> &'a Reflector {
|
|
self.htmlelement.reflector()
|
|
}
|
|
}
|