1e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch/* 2e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * Copyright (C) 2006, 2007, 2008, 2010 Apple Inc. All rights reserved. 3e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies) 4e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * 5e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * Redistribution and use in source and binary forms, with or without 6e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * modification, are permitted provided that the following conditions 7e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * are met: 8e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * 1. Redistributions of source code must retain the above copyright 9e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * notice, this list of conditions and the following disclaimer. 10e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * 2. Redistributions in binary form must reproduce the above copyright 11e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * notice, this list of conditions and the following disclaimer in the 12e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * documentation and/or other materials provided with the distribution. 13e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * 14e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * THIS SOFTWARE IS PROVIDED BY APPLE COMPUTER, INC. ``AS IS'' AND ANY 15e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 17e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR 18e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 19e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 20e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 21e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY 22e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 24e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch */ 26e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 27e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch#include "config.h" 28e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch#include "core/page/CreateWindow.h" 29e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 30e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch#include "core/dom/Document.h" 31e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch#include "core/loader/FrameLoadRequest.h" 32e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch#include "core/loader/NavigationAction.h" 33e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch#include "core/page/Chrome.h" 34e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch#include "core/page/ChromeClient.h" 35e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch#include "core/page/Frame.h" 36e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch#include "core/page/Page.h" 37e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch#include "core/page/Settings.h" 38e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch#include "core/page/WindowFeatures.h" 39e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch#include "core/platform/network/ResourceRequest.h" 40e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch#include "weborigin/KURL.h" 41e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch#include "weborigin/SecurityOrigin.h" 42e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch#include "weborigin/SecurityPolicy.h" 43e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 44e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdochnamespace WebCore { 45e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 46e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdochstatic Frame* createWindow(Frame* openerFrame, Frame* lookupFrame, const FrameLoadRequest& request, const WindowFeatures& features, bool& created) 47e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch{ 48e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch ASSERT(!features.dialog || request.frameName().isEmpty()); 49e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 50e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (!request.frameName().isEmpty() && request.frameName() != "_blank") { 51e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (Frame* frame = lookupFrame->loader()->findFrameForNavigation(request.frameName(), openerFrame->document())) { 52e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (request.frameName() != "_self") { 53e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (Page* page = frame->page()) 54e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch page->chrome().focus(); 55e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch } 56e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch created = false; 57e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch return frame; 58e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch } 59e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch } 60e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 61e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch // Sandboxed frames cannot open new auxiliary browsing contexts. 62e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (openerFrame->document()->isSandboxed(SandboxPopups)) { 63e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch // FIXME: This message should be moved off the console once a solution to https://bugs.webkit.org/show_bug.cgi?id=103274 exists. 64e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch openerFrame->document()->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, "Blocked opening '" + request.resourceRequest().url().elidedString() + "' in a new window because the request was made in a sandboxed frame whose 'allow-popups' permission is not set."); 65e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch return 0; 66e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch } 67e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 68e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch // FIXME: Setting the referrer should be the caller's responsibility. 69e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch FrameLoadRequest requestWithReferrer = request; 70e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch String referrer = SecurityPolicy::generateReferrerHeader(openerFrame->document()->referrerPolicy(), request.resourceRequest().url(), openerFrame->loader()->outgoingReferrer()); 71e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (!referrer.isEmpty()) 72e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch requestWithReferrer.resourceRequest().setHTTPReferrer(referrer); 73e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch FrameLoader::addHTTPOriginIfNeeded(requestWithReferrer.resourceRequest(), openerFrame->loader()->outgoingOrigin()); 74e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 75e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (openerFrame->settings() && !openerFrame->settings()->supportsMultipleWindows()) { 76e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch created = false; 773f6dc2d676f17e85a19cc0a1331e33a1b1330027Ben Murdoch return openerFrame->tree()->top(); 78e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch } 79e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 80e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch Page* oldPage = openerFrame->page(); 81e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (!oldPage) 82e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch return 0; 83e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 84e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch NavigationAction action(requestWithReferrer.resourceRequest()); 85e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch Page* page = oldPage->chrome().client()->createWindow(openerFrame, requestWithReferrer, features, action); 86e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (!page) 87e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch return 0; 88e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 89e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch Frame* frame = page->mainFrame(); 90e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 91e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch frame->loader()->forceSandboxFlags(openerFrame->document()->sandboxFlags()); 92e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 93e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (request.frameName() != "_blank") 94e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch frame->tree()->setName(request.frameName()); 95e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 9602772c6a72f1ee0b226341a4f4439970c29fc861Ben Murdoch page->chrome().setWindowFeatures(features); 97e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 98e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch // 'x' and 'y' specify the location of the window, while 'width' and 'height' 99e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch // specify the size of the viewport. We can only resize the window, so adjust 100e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch // for the difference between the window size and the viewport size. 101e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 102e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch FloatRect windowRect = page->chrome().windowRect(); 103e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch FloatSize viewportSize = page->chrome().pageRect().size(); 104e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 105e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (features.xSet) 106e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch windowRect.setX(features.x); 107e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (features.ySet) 108e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch windowRect.setY(features.y); 109e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (features.widthSet) 110e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch windowRect.setWidth(features.width + (windowRect.width() - viewportSize.width())); 111e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (features.heightSet) 112e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch windowRect.setHeight(features.height + (windowRect.height() - viewportSize.height())); 113e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 114e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch // Ensure non-NaN values, minimum size as well as being within valid screen area. 115e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch FloatRect newWindowRect = DOMWindow::adjustWindowRect(page, windowRect); 116e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 117e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch page->chrome().setWindowRect(newWindowRect); 118e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch page->chrome().show(); 119e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 120e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch created = true; 121e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch return frame; 122e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch} 123e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 124e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben MurdochFrame* createWindow(const String& urlString, const AtomicString& frameName, const WindowFeatures& windowFeatures, 125e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch DOMWindow* activeWindow, Frame* firstFrame, Frame* openerFrame, DOMWindow::PrepareDialogFunction function, void* functionContext) 126e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch{ 127e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch Frame* activeFrame = activeWindow->frame(); 128e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 129e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch KURL completedURL = urlString.isEmpty() ? KURL(ParsedURLString, emptyString()) : firstFrame->document()->completeURL(urlString); 130e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (!completedURL.isEmpty() && !completedURL.isValid()) { 131e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch // Don't expose client code to invalid URLs. 132e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch activeWindow->printErrorMessage("Unable to open a window with invalid URL '" + completedURL.string() + "'.\n"); 133e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch return 0; 134e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch } 135e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 136e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch // For whatever reason, Firefox uses the first frame to determine the outgoingReferrer. We replicate that behavior here. 137e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch String referrer = SecurityPolicy::generateReferrerHeader(firstFrame->document()->referrerPolicy(), completedURL, firstFrame->loader()->outgoingReferrer()); 138e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 139e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch ResourceRequest request(completedURL, referrer); 140e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch FrameLoader::addHTTPOriginIfNeeded(request, firstFrame->loader()->outgoingOrigin()); 141e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch FrameLoadRequest frameRequest(activeWindow->document()->securityOrigin(), request, frameName); 142e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 143e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch // We pass the opener frame for the lookupFrame in case the active frame is different from 144e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch // the opener frame, and the name references a frame relative to the opener frame. 145e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch bool created; 146e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch Frame* newFrame = createWindow(activeFrame, openerFrame, frameRequest, windowFeatures, created); 147e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (!newFrame) 148e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch return 0; 149e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 150e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch newFrame->loader()->setOpener(openerFrame); 151e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch newFrame->page()->setOpenedByDOM(); 152e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 1537757ec2eadfa2dd8ac2aeed0a4399e9b07ec38cbBen Murdoch if (newFrame->domWindow()->isInsecureScriptAccess(activeWindow, completedURL)) 154e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch return newFrame; 155e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 156e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (function) 1577757ec2eadfa2dd8ac2aeed0a4399e9b07ec38cbBen Murdoch function(newFrame->domWindow(), functionContext); 158e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 159e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (created) { 160e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch FrameLoadRequest request(activeWindow->document()->securityOrigin(), ResourceRequest(completedURL, referrer)); 161e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch newFrame->loader()->load(request); 162e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch } else if (!urlString.isEmpty()) { 163e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch newFrame->navigationScheduler()->scheduleLocationChange(activeWindow->document()->securityOrigin(), completedURL.string(), referrer, false); 164e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch } 165e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch return newFrame; 166e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch} 167e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 168e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch} // namespace WebCore 169