diff options
| author | Gregory Terzian <gterzian@users.noreply.github.com> | 2019-05-12 17:37:19 +0800 |
|---|---|---|
| committer | Gregory Terzian <gterzian@users.noreply.github.com> | 2019-07-18 12:03:45 +0800 |
| commit | 571beec179fe9fd5fff2c12b3c5dfa0a5d93df01 (patch) | |
| tree | 2eda42b78fa99fd2cd51d733519d5ae9d8678a66 /components/script/dom/htmlformelement.rs | |
| parent | 973a3448a459464b79ea0ef5fb46141176cc7643 (diff) | |
| download | servo-571beec179fe9fd5fff2c12b3c5dfa0a5d93df01.tar.gz servo-571beec179fe9fd5fff2c12b3c5dfa0a5d93df01.zip | |
clean-up navigation
security: check target and source origin before executing JS url
implement replacement-enabled flag as a HistoryEntryReplacement enum
add source origin string on loaddata
add LoadOrigin
iframe: remove optional load-data
auxiliaries: add load-data into info
constellation: remove url from Pipeline::new
check load origin: link to whatwg issue
switch loadorigin toplevel to constellation
Diffstat (limited to 'components/script/dom/htmlformelement.rs')
| -rwxr-xr-x | components/script/dom/htmlformelement.rs | 38 |
1 files changed, 28 insertions, 10 deletions
diff --git a/components/script/dom/htmlformelement.rs b/components/script/dom/htmlformelement.rs index 9e988515ac0..f12b1398e61 100755 --- a/components/script/dom/htmlformelement.rs +++ b/components/script/dom/htmlformelement.rs @@ -3,6 +3,7 @@ * file, You can obtain one at https://mozilla.org/MPL/2.0/. */ use crate::dom::bindings::cell::DomRefCell; +use crate::dom::bindings::codegen::Bindings::AttrBinding::AttrBinding::AttrMethods; use crate::dom::bindings::codegen::Bindings::BlobBinding::BlobMethods; use crate::dom::bindings::codegen::Bindings::DocumentBinding::DocumentMethods; use crate::dom::bindings::codegen::Bindings::EventBinding::EventMethods; @@ -12,6 +13,7 @@ use crate::dom::bindings::codegen::Bindings::HTMLFormElementBinding; use crate::dom::bindings::codegen::Bindings::HTMLFormElementBinding::HTMLFormElementMethods; use crate::dom::bindings::codegen::Bindings::HTMLInputElementBinding::HTMLInputElementMethods; use crate::dom::bindings::codegen::Bindings::HTMLTextAreaElementBinding::HTMLTextAreaElementMethods; +use crate::dom::bindings::codegen::Bindings::WindowBinding::WindowBinding::WindowMethods; use crate::dom::bindings::inheritance::{Castable, ElementTypeId, HTMLElementTypeId, NodeTypeId}; use crate::dom::bindings::refcounted::Trusted; use crate::dom::bindings::reflector::DomObject; @@ -46,7 +48,6 @@ use crate::dom::node::{UnbindContext, VecPreOrderInsertionHelper}; use crate::dom::validitystate::ValidationFlags; use crate::dom::virtualmethods::VirtualMethods; use crate::dom::window::Window; -use crate::script_thread::MainThreadScriptMsg; use crate::task_source::TaskSource; use dom_struct::dom_struct; use encoding_rs::{Encoding, UTF_8}; @@ -57,7 +58,7 @@ use hyper::Method; use mime::{self, Mime}; use net_traits::http_percent_encode; use net_traits::request::Referrer; -use script_traits::LoadData; +use script_traits::{HistoryEntryReplacement, LoadData, LoadOrigin}; use servo_rand::random; use std::borrow::ToOwned; use std::cell::Cell; @@ -400,6 +401,7 @@ impl HTMLFormElement { }; let target_window = target_document.window(); let mut load_data = LoadData::new( + LoadOrigin::Script(doc.origin().immutable().clone()), action_components, None, Some(Referrer::ReferrerUrl(target_document.url())), @@ -530,7 +532,7 @@ impl HTMLFormElement { } /// [Planned navigation](https://html.spec.whatwg.org/multipage/#planned-navigation) - fn plan_to_navigate(&self, load_data: LoadData, target: &Window) { + fn plan_to_navigate(&self, mut load_data: LoadData, target: &Window) { // Step 1 // Each planned navigation task is tagged with a generation ID, and // before the task is handled, it first checks whether the HTMLFormElement's @@ -538,19 +540,35 @@ impl HTMLFormElement { let generation_id = GenerationId(self.generation_id.get().0 + 1); self.generation_id.set(generation_id); - // Step 2. + // Step 2 + let elem = self.upcast::<Element>(); + let referrer = match elem.get_attribute(&ns!(), &local_name!("rel")) { + Some(ref link_types) if link_types.Value().contains("noreferrer") => { + Referrer::NoReferrer + }, + _ => Referrer::Client, + }; + + let referrer_policy = target.Document().get_referrer_policy(); let pipeline_id = target.upcast::<GlobalScope>().pipeline_id(); - let script_chan = target.main_thread_script_chan().clone(); + load_data.creator_pipeline_id = Some(pipeline_id); + load_data.referrer = Some(referrer); + load_data.referrer_policy = referrer_policy; + + // Step 4. let this = Trusted::new(self); + let window = Trusted::new(target); let task = task!(navigate_to_form_planned_navigation: move || { if generation_id != this.root().generation_id.get() { return; } - script_chan.send(MainThreadScriptMsg::Navigate( - pipeline_id, - load_data, - false, - )).unwrap(); + window + .root() + .load_url( + HistoryEntryReplacement::Disabled, + false, + load_data, + ); }); // Step 3. |