summaryrefslogtreecommitdiff
path: root/Source/WebCore/html/HTMLPlugInImageElement.cpp
diff options
context:
space:
mode:
authorSimon Hausmann <simon.hausmann@digia.com>2012-11-23 15:08:59 +0100
committerSimon Hausmann <simon.hausmann@digia.com>2012-11-23 15:09:20 +0100
commit061d58bc0fa016cfeed744fd3e4663460635d69b (patch)
treead9b8b032c803e1c9054c23fa1b7a0f1976bf98f /Source/WebCore/html/HTMLPlugInImageElement.cpp
parent470286ecfe79d59df14944e5b5d34630fc739391 (diff)
downloadqtwebkit-061d58bc0fa016cfeed744fd3e4663460635d69b.tar.gz
Imported WebKit commit 8eb048315f36fa33731f28694630fe4a3c2cbc99 (http://svn.webkit.org/repository/webkit/trunk@135602)
New snapshot that fixes various bugs Change-Id: Icb6ce541a26a9f500d087821ce4b83a8d8a5474a Reviewed-by: Simon Hausmann <simon.hausmann@digia.com>
Diffstat (limited to 'Source/WebCore/html/HTMLPlugInImageElement.cpp')
-rw-r--r--Source/WebCore/html/HTMLPlugInImageElement.cpp21
1 files changed, 3 insertions, 18 deletions
diff --git a/Source/WebCore/html/HTMLPlugInImageElement.cpp b/Source/WebCore/html/HTMLPlugInImageElement.cpp
index f1720b8d5..b809a1340 100644
--- a/Source/WebCore/html/HTMLPlugInImageElement.cpp
+++ b/Source/WebCore/html/HTMLPlugInImageElement.cpp
@@ -88,28 +88,13 @@ bool HTMLPlugInImageElement::isImageType()
// depending on <param> values.
bool HTMLPlugInImageElement::allowedToLoadFrameURL(const String& url)
{
- ASSERT(document());
- ASSERT(document()->frame());
- if (document()->frame()->page()->subframeCount() >= Page::maxNumberOfFrames)
- return false;
-
KURL completeURL = document()->completeURL(url);
-
+
if (contentFrame() && protocolIsJavaScript(completeURL)
&& !document()->securityOrigin()->canAccess(contentDocument()->securityOrigin()))
return false;
-
- // We allow one level of self-reference because some sites depend on that.
- // But we don't allow more than one.
- bool foundSelfReference = false;
- for (Frame* frame = document()->frame(); frame; frame = frame->tree()->parent()) {
- if (equalIgnoringFragmentIdentifier(frame->document()->url(), completeURL)) {
- if (foundSelfReference)
- return false;
- foundSelfReference = true;
- }
- }
- return true;
+
+ return document()->frame()->isURLAllowed(completeURL);
}
// We don't use m_url, or m_serviceType as they may not be the final values
View Lorry Controller Status