2 * Copyright (C) 2006, 2007, 2008, 2010 Apple Inc. All rights reserved.
3 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies)
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY APPLE COMPUTER, INC. ``AS IS'' AND ANY
15 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
17 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR
18 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
19 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
20 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
21 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
22 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
24 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 #include "core/page/CreateWindow.h"
30 #include "core/dom/Document.h"
31 #include "core/frame/Frame.h"
32 #include "core/loader/FrameLoadRequest.h"
33 #include "core/page/Chrome.h"
34 #include "core/page/ChromeClient.h"
35 #include "core/page/Page.h"
36 #include "core/page/Settings.h"
37 #include "core/page/WindowFeatures.h"
38 #include "platform/network/ResourceRequest.h"
39 #include "weborigin/KURL.h"
40 #include "weborigin/SecurityOrigin.h"
41 #include "weborigin/SecurityPolicy.h"
45 static Frame* createWindow(Frame* openerFrame, Frame* lookupFrame, const FrameLoadRequest& request, const WindowFeatures& features, bool& created)
47 ASSERT(!features.dialog || request.frameName().isEmpty());
49 if (!request.frameName().isEmpty() && request.frameName() != "_blank") {
50 if (Frame* frame = lookupFrame->loader().findFrameForNavigation(request.frameName(), openerFrame->document())) {
51 if (request.frameName() != "_self") {
52 if (Page* page = frame->page())
53 page->chrome().focus();
60 // Sandboxed frames cannot open new auxiliary browsing contexts.
61 if (openerFrame->document()->isSandboxed(SandboxPopups)) {
62 // FIXME: This message should be moved off the console once a solution to https://bugs.webkit.org/show_bug.cgi?id=103274 exists.
63 openerFrame->document()->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, "Blocked opening '" + request.resourceRequest().url().elidedString() + "' in a new window because the request was made in a sandboxed frame whose 'allow-popups' permission is not set.");
67 if (openerFrame->settings() && !openerFrame->settings()->supportsMultipleWindows()) {
69 return openerFrame->tree().top();
72 Page* oldPage = openerFrame->page();
76 Page* page = oldPage->chrome().client().createWindow(openerFrame, request, features);
80 Frame* frame = page->mainFrame();
82 frame->loader().forceSandboxFlags(openerFrame->document()->sandboxFlags());
84 if (request.frameName() != "_blank")
85 frame->tree().setName(request.frameName());
87 page->chrome().setWindowFeatures(features);
89 // 'x' and 'y' specify the location of the window, while 'width' and 'height'
90 // specify the size of the viewport. We can only resize the window, so adjust
91 // for the difference between the window size and the viewport size.
93 FloatRect windowRect = page->chrome().windowRect();
94 FloatSize viewportSize = page->chrome().pageRect().size();
97 windowRect.setX(features.x);
99 windowRect.setY(features.y);
100 if (features.widthSet)
101 windowRect.setWidth(features.width + (windowRect.width() - viewportSize.width()));
102 if (features.heightSet)
103 windowRect.setHeight(features.height + (windowRect.height() - viewportSize.height()));
105 // Ensure non-NaN values, minimum size as well as being within valid screen area.
106 FloatRect newWindowRect = DOMWindow::adjustWindowRect(page, windowRect);
108 page->chrome().setWindowRect(newWindowRect);
109 page->chrome().show();
115 Frame* createWindow(const String& urlString, const AtomicString& frameName, const WindowFeatures& windowFeatures,
116 DOMWindow* activeWindow, Frame* firstFrame, Frame* openerFrame, DOMWindow::PrepareDialogFunction function, void* functionContext)
118 Frame* activeFrame = activeWindow->frame();
120 KURL completedURL = urlString.isEmpty() ? KURL(ParsedURLString, emptyString()) : firstFrame->document()->completeURL(urlString);
121 if (!completedURL.isEmpty() && !completedURL.isValid()) {
122 // Don't expose client code to invalid URLs.
123 activeWindow->printErrorMessage("Unable to open a window with invalid URL '" + completedURL.string() + "'.\n");
127 // For whatever reason, Firefox uses the first frame to determine the outgoingReferrer. We replicate that behavior here.
128 String referrer = SecurityPolicy::generateReferrerHeader(firstFrame->document()->referrerPolicy(), completedURL, firstFrame->loader().outgoingReferrer());
130 ResourceRequest request(completedURL, referrer);
131 FrameLoader::addHTTPOriginIfNeeded(request, firstFrame->loader().outgoingOrigin());
132 FrameLoadRequest frameRequest(activeWindow->document()->securityOrigin(), request, frameName);
134 // We pass the opener frame for the lookupFrame in case the active frame is different from
135 // the opener frame, and the name references a frame relative to the opener frame.
137 Frame* newFrame = createWindow(activeFrame, openerFrame, frameRequest, windowFeatures, created);
141 newFrame->loader().setOpener(openerFrame);
142 newFrame->page()->setOpenedByDOM();
144 if (newFrame->domWindow()->isInsecureScriptAccess(activeWindow, completedURL))
148 function(newFrame->domWindow(), functionContext);
151 FrameLoadRequest request(activeWindow->document()->securityOrigin(), ResourceRequest(completedURL, referrer));
152 newFrame->loader().load(request);
153 } else if (!urlString.isEmpty()) {
154 newFrame->navigationScheduler().scheduleLocationChange(activeWindow->document()->securityOrigin(), completedURL.string(), referrer, false);
159 } // namespace WebCore