void History::stateObjectAdded(PassRefPtr<SerializedScriptValue> data, const String& title, const String& urlString, StateObjectType stateObjectType, ExceptionCode& ec) { if (!m_frame || !m_frame->page()) return; KURL fullURL = urlForState(urlString); RefPtr<SecurityOrigin> origin = SecurityOrigin::create(fullURL); if (!fullURL.isValid() || !m_frame->document()->securityOrigin()->isSameSchemeHostPort(origin.get())) { ec = SECURITY_ERR; return; } if (stateObjectType == StateObjectPush) m_frame->loader()->history()->pushState(data, title, fullURL.string()); else if (stateObjectType == StateObjectReplace) m_frame->loader()->history()->replaceState(data, title, fullURL.string()); if (!urlString.isEmpty()) m_frame->document()->updateURLForPushOrReplaceState(fullURL); if (stateObjectType == StateObjectPush) m_frame->loader()->client()->dispatchDidPushStateWithinPage(); else if (stateObjectType == StateObjectReplace) m_frame->loader()->client()->dispatchDidReplaceStateWithinPage(); }
void History::stateObjectAdded(PassRefPtr<SerializedScriptValue> data, const String& /* title */, const String& urlString, UpdateBackForwardListPolicy updateBackForwardListPolicy, ExceptionState& exceptionState) { if (!m_frame || !m_frame->page()) return; KURL fullURL = urlForState(urlString); if (!fullURL.isValid() || !m_frame->document()->securityOrigin()->canRequest(fullURL)) { // We can safely expose the URL to JavaScript, as a) no redirection takes place: JavaScript already had this URL, b) JavaScript can only access a same-origin History object. exceptionState.throwSecurityError("A history state object with URL '" + fullURL.elidedString() + "' cannot be created in a document with origin '" + m_frame->document()->securityOrigin()->toString() + "'."); return; } m_frame->loader().updateForSameDocumentNavigation(fullURL, SameDocumentNavigationHistoryApi, data, updateBackForwardListPolicy); }
void History::stateObjectAdded(PassRefPtr<SerializedScriptValue> data, const String& /* title */, const String& urlString, HistoryScrollRestorationType restorationType, FrameLoadType type, ExceptionState& exceptionState) { if (!m_frame || !m_frame->page() || !m_frame->loader().documentLoader()) return; KURL fullURL = urlForState(urlString); if (!canChangeToUrl(fullURL, m_frame->document()->getSecurityOrigin(), m_frame->document()->url())) { // We can safely expose the URL to JavaScript, as a) no redirection takes place: JavaScript already had this URL, b) JavaScript can only access a same-origin History object. exceptionState.throwSecurityError("A history state object with URL '" + fullURL.elidedString() + "' cannot be created in a document with origin '" + m_frame->document()->getSecurityOrigin()->toString() + "' and URL '" + m_frame->document()->url().elidedString() + "'."); return; } m_frame->loader().updateForSameDocumentNavigation(fullURL, SameDocumentNavigationHistoryApi, data, restorationType, type); }
void History::stateObjectAdded(PassRefPtr<SerializedScriptValue> data, const String& title, const String& urlString, StateObjectType stateObjectType, ExceptionCode& ec) { if (!m_frame) return; #if !PLATFORM(WKC) ASSERT(m_frame->page()); #else if (!m_frame->page()) return; #endif KURL fullURL = urlForState(urlString); #if 1 // modified at webkit.org trunk r64077 and r85436 if (!fullURL.isValid() || !m_frame->document()->securityOrigin()->canRequest(fullURL)) { #else if (!fullURL.isValid()) { #endif ec = SECURITY_ERR; return; } if (stateObjectType == StateObjectPush) m_frame->loader()->history()->pushState(data, title, fullURL.string()); else if (stateObjectType == StateObjectReplace) m_frame->loader()->history()->replaceState(data, title, fullURL.string()); if (!urlString.isEmpty()) { m_frame->document()->updateURLForPushOrReplaceState(fullURL); if (stateObjectType == StateObjectPush) m_frame->loader()->client()->dispatchDidPushStateWithinPage(); else if (stateObjectType == StateObjectReplace) m_frame->loader()->client()->dispatchDidReplaceStateWithinPage(); } } } // namespace WebCore