corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
65184b81b511079b22d390a399b136a37c438058
tubestation/servo/components/script/dom/dissimilaroriginlocation.rs
Alan Jeffrey fe409aefa3 servo: Merge #15358 - Allow browsing contexts to resolve to cross-origin windows (from asajeffrey:script-browsingcontext-xorigin-window); r=jdm 
<!-- Please describe your changes on the following line: -->

This PR implements cross-thread `WindowProxy` objects.

At the moment, if a `Window` performs a non-similar-origin navigation, the old script thread does not update its `WindowProxy`, since the new `Window` is in the new script thread. With this PR, the `WindowProxy` is updated to a dummy `XOriginWindow` object, that only implements the whitelisted methods that are allowed to be called cross-origin.

This PR does not include working implementations of some of the cross-origin `Window` or `Location` methods.

This PR causes some cross-origin wpt tests to now pass, in particular `/html/browsers/origin/cross-origin-objects/cross-origin-objects.html ` now passes `Only whitelisted properties are accessible cross-origin`. There are some CORS failures in `fetch`, I suspect caused by the incorrect setting of `origin` in fetch requests.

Although there are some functions that now throw `SecurityException`, it is not meant to be a complete implementation, which will have to wait for XOWs to land.

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix #15180.
- [X] There are tests for these changes

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

Source-Repo: https://github.com/servo/servo
Source-Revision: 6adbcb4ccdc1f74638b0c6e990c122e34bc967e4
2017-02-16 16:57:05 -08:00

81 lines
2.9 KiB
Rust
Raw Blame History

/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
use dom::bindings::codegen::Bindings::DissimilarOriginLocationBinding;
use dom::bindings::codegen::Bindings::DissimilarOriginLocationBinding::DissimilarOriginLocationMethods;
use dom::bindings::error::{Error, ErrorResult, Fallible};
use dom::bindings::js::{JS, Root};
use dom::bindings::reflector::Reflector;
use dom::bindings::reflector::reflect_dom_object;
use dom::bindings::str::DOMString;
use dom::bindings::str::USVString;
use dom::dissimilaroriginwindow::DissimilarOriginWindow;
/// Represents a dissimilar-origin `Location` that exists in another script thread.
///
/// Since the `Location` is in a different script thread, we cannot access it
/// directly, but some of its accessors (for example setting `location.href`)
/// still need to function.
#[dom_struct]
pub struct DissimilarOriginLocation {
/// The reflector. Once we have XOWs, this will have a cross-origin
/// wrapper placed around it.
reflector: Reflector,
/// The window associated with this location.
window: JS<DissimilarOriginWindow>,
}
impl DissimilarOriginLocation {
#[allow(unrooted_must_root)]
fn new_inherited(window: &DissimilarOriginWindow) -> DissimilarOriginLocation {
DissimilarOriginLocation {
reflector: Reflector::new(),
window: JS::from_ref(window),
}
}
pub fn new(window: &DissimilarOriginWindow) -> Root<DissimilarOriginLocation> {
reflect_dom_object(box DissimilarOriginLocation::new_inherited(window),
window,
DissimilarOriginLocationBinding::Wrap)
}
}
impl DissimilarOriginLocationMethods for DissimilarOriginLocation {
// https://html.spec.whatwg.org/multipage/#dom-location-href
fn GetHref(&self) -> Fallible<USVString> {
Err(Error::Security)
}
// https://html.spec.whatwg.org/multipage/#dom-location-href
fn SetHref(&self, _: USVString) -> ErrorResult {
// TODO: setting href on a cross-origin window should succeed?
Err(Error::Security)
}
// https://html.spec.whatwg.org/multipage/#dom-location-assign
fn Assign(&self, _: USVString) -> Fallible<()> {
// TODO: setting href on a cross-origin window should succeed?
Err(Error::Security)
}
// https://html.spec.whatwg.org/multipage/#dom-location-replace
fn Replace(&self, _: USVString) -> Fallible<()> {
// TODO: replacing href on a cross-origin window should succeed?
Err(Error::Security)
}
// https://html.spec.whatwg.org/multipage/#dom-location-reload
fn Reload(&self) -> Fallible<()> {
Err(Error::Security)
}
// https://html.spec.whatwg.org/multipage/#dom-location-href
fn Stringifier(&self) -> Fallible<DOMString> {
Err(Error::Security)
}
}
Reference in New Issue View Git Blame Copy Permalink