Google Git
Sign in
nest-open-source / manifest_repos / chromium_src / 1389d67935ffbffe8a70c1fa06867f6cf7ecf464 / . / chromium / src / third_party / blink / renderer / core / frame / history.cc
blob: 1c0cc93ee1b14ccacf9c0698bce40490682c736c [file] [log] [blame]
/*
* Copyright (C) 2007 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY APPLE COMPUTER, INC. ``AS IS'' AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
* OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "third_party/blink/renderer/core/frame/history.h"
#include "third_party/blink/public/mojom/web_feature/web_feature.mojom-shared.h"
#include "third_party/blink/renderer/core/dom/document.h"
#include "third_party/blink/renderer/core/execution_context/execution_context.h"
#include "third_party/blink/renderer/core/frame/local_dom_window.h"
#include "third_party/blink/renderer/core/frame/local_frame.h"
#include "third_party/blink/renderer/core/frame/local_frame_client.h"
#include "third_party/blink/renderer/core/inspector/console_message.h"
#include "third_party/blink/renderer/core/loader/document_loader.h"
#include "third_party/blink/renderer/core/loader/history_item.h"
#include "third_party/blink/renderer/core/page/page.h"
#include "third_party/blink/renderer/platform/bindings/exception_state.h"
#include "third_party/blink/renderer/platform/bindings/script_state.h"
#include "third_party/blink/renderer/platform/heap/heap.h"
#include "third_party/blink/renderer/platform/weborigin/kurl.h"
#include "third_party/blink/renderer/platform/weborigin/security_origin.h"
#include "third_party/blink/renderer/platform/wtf/text/string_view.h"
namespace blink {
namespace {
bool EqualIgnoringPathQueryAndFragment(const KURL& a, const KURL& b) {
return StringView(a.GetString(), 0, a.PathStart()) ==
StringView(b.GetString(), 0, b.PathStart());
}
bool EqualIgnoringQueryAndFragment(const KURL& a, const KURL& b) {
return StringView(a.GetString(), 0, a.PathEnd()) ==
StringView(b.GetString(), 0, b.PathEnd());
}
} // namespace
History::History(LocalDOMWindow* window)
: ExecutionContextClient(window), last_state_object_requested_(nullptr) {}
void History::Trace(Visitor* visitor) const {
ScriptWrappable::Trace(visitor);
ExecutionContextClient::Trace(visitor);
}
unsigned History::length(ExceptionState& exception_state) const {
if (!DomWindow()) {
exception_state.ThrowSecurityError(
"May not use a History object associated with a Document that is not "
"fully active");
return 0;
}
return DomWindow()->GetFrame()->Client()->BackForwardLength();
}
ScriptValue History::state(ScriptState* script_state,
ExceptionState& exception_state) {
v8::Isolate* isolate = script_state->GetIsolate();
static const V8PrivateProperty::SymbolKey kHistoryStatePrivateProperty;
auto private_prop =
V8PrivateProperty::GetSymbol(isolate, kHistoryStatePrivateProperty);
v8::Local<v8::Object> v8_history = ToV8(this, script_state).As<v8::Object>();
v8::Local<v8::Value> v8_state;
// Returns the same V8 value unless the history gets updated. This
// implementation is mostly the same as the one of [CachedAttribute], but
// it's placed in this function rather than in Blink-V8 bindings layer so
// that PopStateEvent.state can also access the same V8 value.
scoped_refptr<SerializedScriptValue> current_state = StateInternal();
if (last_state_object_requested_ == current_state) {
if (!private_prop.GetOrUndefined(v8_history).ToLocal(&v8_state))
return ScriptValue::CreateNull(isolate);
if (!v8_state->IsUndefined())
return ScriptValue(isolate, v8_state);
}
if (!DomWindow()) {
exception_state.ThrowSecurityError(
"May not use a History object associated with a Document that is "
"not fully active");
v8_state = v8::Null(isolate);
} else if (!current_state) {
v8_state = v8::Null(isolate);
} else {
ScriptState::EscapableScope target_context_scope(script_state);
v8_state = target_context_scope.Escape(current_state->Deserialize(isolate));
}
last_state_object_requested_ = current_state;
private_prop.Set(v8_history, v8_state);
return ScriptValue(isolate, v8_state);
}
SerializedScriptValue* History::StateInternal() const {
if (HistoryItem* history_item = GetHistoryItem())
return history_item->StateObject();
return nullptr;
}
void History::setScrollRestoration(const String& value,
ExceptionState& exception_state) {
DCHECK(value == "manual" || value == "auto");
HistoryItem* item = GetHistoryItem();
if (!item) {
exception_state.ThrowSecurityError(
"May not use a History object associated with a Document that is not "
"fully active");
return;
}
mojom::blink::ScrollRestorationType scroll_restoration =
value == "manual" ? mojom::blink::ScrollRestorationType::kManual
: mojom::blink::ScrollRestorationType::kAuto;
if (scroll_restoration == ScrollRestorationInternal())
return;
item->SetScrollRestorationType(scroll_restoration);
DomWindow()->GetFrame()->Client()->DidUpdateCurrentHistoryItem();
}
String History::scrollRestoration(ExceptionState& exception_state) {
if (!DomWindow()) {
exception_state.ThrowSecurityError(
"May not use a History object associated with a Document that is not "
"fully active");
return "auto";
}
return ScrollRestorationInternal() ==
mojom::blink::ScrollRestorationType::kManual
? "manual"
: "auto";
}
mojom::blink::ScrollRestorationType History::ScrollRestorationInternal() const {
if (HistoryItem* history_item = GetHistoryItem())
return history_item->ScrollRestorationType();
return mojom::blink::ScrollRestorationType::kAuto;
}
HistoryItem* History::GetHistoryItem() const {
return DomWindow() ? DomWindow()->document()->Loader()->GetHistoryItem()
: nullptr;
}
bool History::IsSameAsCurrentState(SerializedScriptValue* state) const {
return state == StateInternal();
}
void History::back(ScriptState* script_state, ExceptionState& exception_state) {
go(script_state, -1, exception_state);
}
void History::forward(ScriptState* script_state,
ExceptionState& exception_state) {
go(script_state, 1, exception_state);
}
void History::go(ScriptState* script_state,
int delta,
ExceptionState& exception_state) {
if (!DomWindow()) {
exception_state.ThrowSecurityError(
"May not use a History object associated with a Document that is not "
"fully active");
return;
}
DCHECK(IsMainThread());
auto* active_window = LocalDOMWindow::From(script_state);
if (!active_window)
return;
if (!active_window->GetFrame() ||
!active_window->GetFrame()->CanNavigate(*DomWindow()->GetFrame()) ||
!active_window->GetFrame()->IsNavigationAllowed() ||
!DomWindow()->GetFrame()->IsNavigationAllowed()) {
return;
}
if (!DomWindow()->GetFrame()->navigation_rate_limiter().CanProceed())
return;
if (delta) {
if (DomWindow()->GetFrame()->Client()->NavigateBackForward(delta)) {
if (Page* page = DomWindow()->GetFrame()->GetPage())
page->HistoryNavigationVirtualTimePauser().PauseVirtualTime();
}
} else {
// We intentionally call reload() for the current frame if delta is zero.
// Otherwise, navigation happens on the root frame.
// This behavior is designed in the following spec.
// https://html.spec.whatwg.org/C/#dom-history-go
DomWindow()->GetFrame()->Reload(WebFrameLoadType::kReload);
}
}
void History::pushState(v8::Isolate* isolate,
const ScriptValue& data,
const String& title,
const String& url,
ExceptionState& exception_state) {
WebFrameLoadType load_type = WebFrameLoadType::kStandard;
// Navigations in portal contexts do not create back/forward entries.
if (DomWindow() && DomWindow()->GetFrame()->GetPage()->InsidePortal()) {
DomWindow()->AddConsoleMessage(
MakeGarbageCollected<ConsoleMessage>(
mojom::ConsoleMessageSource::kJavaScript,
mojom::ConsoleMessageLevel::kWarning,
"Use of history.pushState in a portal context "
"is treated as history.replaceState."),
/* discard_duplicates */ true);
load_type = WebFrameLoadType::kReplaceCurrentItem;
}
scoped_refptr<SerializedScriptValue> serialized_data =
SerializedScriptValue::Serialize(isolate, data.V8Value(),
SerializedScriptValue::SerializeOptions(
SerializedScriptValue::kForStorage),
exception_state);
if (exception_state.HadException())
return;
StateObjectAdded(std::move(serialized_data), title, url,
ScrollRestorationInternal(), load_type, exception_state);
}
void History::replaceState(v8::Isolate* isolate,
const ScriptValue& data,
const String& title,
const String& url,
ExceptionState& exception_state) {
scoped_refptr<SerializedScriptValue> serialized_data =
SerializedScriptValue::Serialize(isolate, data.V8Value(),
SerializedScriptValue::SerializeOptions(
SerializedScriptValue::kForStorage),
exception_state);
if (exception_state.HadException())
return;
StateObjectAdded(std::move(serialized_data), title, url,
ScrollRestorationInternal(),
WebFrameLoadType::kReplaceCurrentItem, exception_state);
}
KURL History::UrlForState(const String& url_string) {
if (url_string.IsNull())
return DomWindow()->Url();
if (url_string.IsEmpty())
return DomWindow()->BaseURL();
return KURL(DomWindow()->BaseURL(), url_string);
}
bool History::CanChangeToUrl(const KURL& url,
const SecurityOrigin* document_origin,
const KURL& document_url) {
if (!url.IsValid())
return false;
if (document_origin->IsGrantedUniversalAccess())
return true;
// We allow sandboxed documents, `data:`/`file:` URLs, etc. to use
// 'pushState'/'replaceState' to modify the URL fragment: see
// https://crbug.com/528681 for the compatibility concerns.
if (document_origin->IsOpaque() || document_origin->IsLocal())
return EqualIgnoringQueryAndFragment(url, document_url);
if (!EqualIgnoringPathQueryAndFragment(url, document_url))
return false;
scoped_refptr<const SecurityOrigin> requested_origin =
SecurityOrigin::Create(url);
if (requested_origin->IsOpaque() ||
!requested_origin->IsSameOriginWith(document_origin)) {
return false;
}
return true;
}
void History::StateObjectAdded(
scoped_refptr<SerializedScriptValue> data,
const String& /* title */,
const String& url_string,
mojom::blink::ScrollRestorationType restoration_type,
WebFrameLoadType type,
ExceptionState& exception_state) {
if (!DomWindow()) {
exception_state.ThrowSecurityError(
"May not use a History object associated with a Document that is not "
"fully active");
return;
}
KURL full_url = UrlForState(url_string);
if (!CanChangeToUrl(full_url, DomWindow()->GetSecurityOrigin(),
DomWindow()->Url())) {
// We can safely expose the URL to JavaScript, as a) no redirection takes
// place: JavaScript already had this URL, b) JavaScript can only access a
// same-origin History object.
exception_state.ThrowSecurityError(
"A history state object with URL '" + full_url.ElidedString() +
"' cannot be created in a document with origin '" +
DomWindow()->GetSecurityOrigin()->ToString() + "' and URL '" +
DomWindow()->Url().ElidedString() + "'.");
return;
}
if (!DomWindow()->GetFrame()->navigation_rate_limiter().CanProceed()) {
// TODO(769592): Get an API spec change so that we can throw an exception:
//
// exception_state.ThrowDOMException(DOMExceptionCode::kQuotaExceededError,
// "Throttling history state changes to "
// "prevent the browser from hanging.");
//
// instead of merely warning.
return;
}
DomWindow()->document()->Loader()->RunURLAndHistoryUpdateSteps(
full_url, std::move(data), restoration_type, type);
}
} // namespace blink