1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
// Copyright 2024 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "third_party/blink/renderer/bindings/core/v8/script_promise_resolver.h"
#include "third_party/blink/renderer/core/dom/dom_exception.h"
#include "third_party/blink/renderer/core/execution_context/execution_context.h"
#include "third_party/blink/renderer/core/frame/frame.h"
#include "third_party/blink/renderer/core/frame/local_dom_window.h"
#include "third_party/blink/renderer/platform/bindings/exception_code.h"
#include "third_party/blink/renderer/platform/heap/garbage_collected.h"
namespace blink {
bool CheckGenericSecurityRequirementsForCredentialsContainerRequest(
ScriptPromiseResolverBase* resolver) {
// Ignore calls if the current realm execution context is no longer valid,
// e.g., because the responsible document was detached.
if (!resolver->GetExecutionContext()) {
return false;
}
// The API is not exposed to Workers or Worklets, so if the current realm
// execution context is valid, it must have a responsible browsing context.
auto* window = To<LocalDOMWindow>(resolver->GetExecutionContext());
// The API is not exposed in non-secure context.
SECURITY_CHECK(window->IsSecureContext());
if (window->GetFrame()->IsInFencedFrameTree()) {
resolver->Reject(MakeGarbageCollected<DOMException>(
DOMExceptionCode::kNotAllowedError,
"The credential operation is not allowed in a fenced frame tree."));
return false;
}
return true;
}
} // namespace blink
|
