clean-up navigation

security: check target and source origin before executing JS url implement replacement-enabled flag as a HistoryEntryReplacement enum add source origin string on loaddata add LoadOrigin iframe: remove optional load-data auxiliaries: add load-data into info constellation: remove url from Pipeline::new check load origin: link to whatwg issue switch loadorigin toplevel to constellation
2025-08-03 20:50:07 +01:00 · 2019-05-12 17:37:19 +08:00 · 2019-05-12 17:37:19 +08:00 · 571beec179
commit 571beec179
parent 973a3448a4
14 changed files with 402 additions and 220 deletions
--- a/components/script_traits/lib.rs
+++ b/components/script_traits/lib.rs
@ -62,7 +62,8 @@ use webrender_api::{
 use webvr_traits::{WebVREvent, WebVRMsg};

 pub use crate::script_msg::{
-    DOMMessage, SWManagerMsg, SWManagerSenders, ScopeThings, ServiceWorkerMsg,
+    DOMMessage, HistoryEntryReplacement, SWManagerMsg, SWManagerSenders, ScopeThings,
+    ServiceWorkerMsg,
 };
 pub use crate::script_msg::{
    EventResult, IFrameSize, IFrameSizeMsg, LayoutMsg, LogEntry, ScriptMsg,
@ -117,10 +118,24 @@ pub enum LayoutControlMsg {
    PaintMetric(Epoch, u64),
 }

+/// The origin where a given load was initiated.
+/// Useful for origin checks, for example before evaluation a JS URL.
+#[derive(Clone, Debug, Deserialize, Serialize)]
+pub enum LoadOrigin {
+    /// A load originating in the constellation.
+    Constellation,
+    /// A load originating in webdriver.
+    WebDriver,
+    /// A load originating in script.
+    Script(ImmutableOrigin),
+}
+
 /// can be passed to `LoadUrl` to load a page with GET/POST
 /// parameters or headers
 #[derive(Clone, Debug, Deserialize, Serialize)]
 pub struct LoadData {
+    /// The origin where the load started.
+    pub load_origin: LoadOrigin,
    /// The URL.
    pub url: ServoUrl,
    /// The creator pipeline id if this is an about:blank load.
@ -160,12 +175,14 @@ pub enum JsEvalResult {
 impl LoadData {
    /// Create a new `LoadData` object.
    pub fn new(
+        load_origin: LoadOrigin,
        url: ServoUrl,
        creator_pipeline_id: Option<PipelineId>,
        referrer: Option<Referrer>,
        referrer_policy: Option<ReferrerPolicy>,
    ) -> LoadData {
        LoadData {
+            load_origin,
            url: url,
            creator_pipeline_id: creator_pipeline_id,
            method: Method::GET,
@ -289,7 +306,12 @@ pub enum ConstellationControlMsg {
    NotifyVisibilityChange(PipelineId, BrowsingContextId, bool),
    /// Notifies script thread that a url should be loaded in this iframe.
    /// PipelineId is for the parent, BrowsingContextId is for the nested browsing context
-    Navigate(PipelineId, BrowsingContextId, LoadData, bool),
+    NavigateIframe(
+        PipelineId,
+        BrowsingContextId,
+        LoadData,
+        HistoryEntryReplacement,
+    ),
    /// Post a message to a given window.
    PostMessage {
        /// The target of the message.
@ -376,7 +398,7 @@ impl fmt::Debug for ConstellationControlMsg {
            SetDocumentActivity(..) => "SetDocumentActivity",
            ChangeFrameVisibilityStatus(..) => "ChangeFrameVisibilityStatus",
            NotifyVisibilityChange(..) => "NotifyVisibilityChange",
-            Navigate(..) => "Navigate",
+            NavigateIframe(..) => "NavigateIframe",
            PostMessage { .. } => "PostMessage",
            UpdatePipelineId(..) => "UpdatePipelineId",
            UpdateHistoryState(..) => "UpdateHistoryState",
@ -659,6 +681,8 @@ pub enum IFrameSandboxState {
 /// Specifies the information required to load an auxiliary browsing context.
 #[derive(Debug, Deserialize, Serialize)]
 pub struct AuxiliaryBrowsingContextLoadInfo {
+    /// Load data containing the url to load
+    pub load_data: LoadData,
    /// The pipeline opener browsing context.
    pub opener_pipeline_id: PipelineId,
    /// The new top-level ID for the auxiliary.
@ -684,7 +708,7 @@ pub struct IFrameLoadInfo {
    pub is_private: bool,
    /// Wether this load should replace the current entry (reload). If true, the current
    /// entry will be replaced instead of a new entry being added.
-    pub replace: bool,
+    pub replace: HistoryEntryReplacement,
 }

 /// Specifies the information required to load a URL in an iframe.
@ -693,7 +717,7 @@ pub struct IFrameLoadInfoWithData {
    /// The information required to load an iframe.
    pub info: IFrameLoadInfo,
    /// Load data containing the url to load
-    pub load_data: Option<LoadData>,
+    pub load_data: LoadData,
    /// The old pipeline ID for this iframe, if a page was previously loaded.
    pub old_pipeline_id: Option<PipelineId>,
    /// Sandbox type of this iframe