Changeset 20227 in webkit
- Timestamp:
- Mar 15, 2007, 8:12:27 PM (18 years ago)
- Location:
- trunk
- Files:
-
- 3 added
- 17 edited
-
LayoutTests/ChangeLog (modified) (1 diff)
-
LayoutTests/security (added)
-
LayoutTests/security/block-test-expected.txt (added)
-
LayoutTests/security/block-test.html (added)
-
WebCore/ChangeLog (modified) (1 diff)
-
WebCore/loader/FrameLoader.cpp (modified) (1 diff)
-
WebCore/loader/FrameLoader.h (modified) (1 diff)
-
WebCore/loader/FrameLoaderClient.h (modified) (1 diff)
-
WebCore/loader/ResourceLoader.cpp (modified) (3 diffs)
-
WebCore/loader/ResourceLoader.h (modified) (3 diffs)
-
WebCore/platform/graphics/svg/SVGImageEmptyClients.h (modified) (1 diff)
-
WebCore/platform/network/ResourceHandle.cpp (modified) (3 diffs)
-
WebCore/platform/network/ResourceHandle.h (modified) (1 diff)
-
WebCore/platform/network/ResourceHandleClient.h (modified) (1 diff)
-
WebKit/ChangeLog (modified) (1 diff)
-
WebKit/English.lproj/Localizable.strings (modified) (1 diff)
-
WebKit/Misc/WebKitErrors.m (modified) (2 diffs)
-
WebKit/Misc/WebKitErrorsPrivate.h (modified) (1 diff)
-
WebKit/WebCoreSupport/WebFrameLoaderClient.h (modified) (1 diff)
-
WebKit/WebCoreSupport/WebFrameLoaderClient.mm (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r20215 r20227 1 2007-03-15 Brady Eidson <beidson@apple.com> 2 3 Reviewed by Adele 4 5 <rdar://problem/4429701> 6 Implements a port blocking black list that matches Firefox's 7 8 The layout test attempts to load an image at an invalid domain name on each 9 of the black listed ports. Using dumpResourceLoadCallbacks(), DRT is able 10 to see the error codes for each resource. A successful test shows the blocked 11 error for each image load except for the few that are standard or should 12 succeed due to exemptions. 13 14 * security/block-test-expected.txt: Added. 15 * security/block-test.html: Added. 16 1 17 2007-03-14 Justin Garcia <justin.garcia@apple.com> 2 18 -
trunk/WebCore/ChangeLog
r20220 r20227 1 2007-03-15 Brady Eidson <beidson@apple.com> 2 3 Reviewed by Maciej 4 5 <rdar://problem/4429701> 6 Implements a port blocking black list that matches Firefox's 7 8 * loader/FrameLoader.cpp: 9 (WebCore::FrameLoader::blockedError): Call through to the client for blockedError 10 * loader/FrameLoader.h: 11 12 * loader/FrameLoaderClient.h: Get the "port blocked" error for the current platform 13 14 * loader/ResourceLoader.cpp: 15 (WebCore::ResourceLoader::wasBlocked): ResourceHandleClient method to pass on the didFail(error) 16 (WebCore::ResourceLoader::blockedError): Following the pattern of "CancelledError()", get the 17 error to fail with for the didFail() call 18 * loader/ResourceLoader.h: 19 20 * platform/graphics/svg/SVGImageEmptyClients.h: 21 (WebCore::SVGEmptyFrameLoaderClient::blockedError): Added stub 22 23 * platform/network/ResourceHandle.cpp: 24 (WebCore::ResourceHandle::create): If the port is blocked, create the handle but schedule it for 25 deferred failure on a timer 26 (WebCore::ResourceHandle::scheduleBlockedFailure): Do the timer scheduling 27 (WebCore::ResourceHandle::fireBlockedFailure): Fire the timer here 28 (WebCore::ResourceHandle::portAllowed): Implements checking of Mozilla's 29 * platform/network/ResourceHandle.h: 30 * platform/network/ResourceHandleClient.h: 31 (WebCore::ResourceHandleClient::wasBlocked): Virtual for clients to get the "blocked" message 32 1 33 2007-03-15 Beth Dakin <bdakin@apple.com> 2 34 -
trunk/WebCore/loader/FrameLoader.cpp
r20178 r20227 4119 4119 } 4120 4120 4121 ResourceError FrameLoader::blockedError(const ResourceRequest& request) const 4122 { 4123 return m_client->blockedError(request); 4124 } 4125 4121 4126 ResourceError FrameLoader::fileDoesNotExistError(const ResourceResponse& response) const 4122 4127 { -
trunk/WebCore/loader/FrameLoader.h
r20132 r20227 203 203 ResourceError cancelledError(const ResourceRequest&) const; 204 204 ResourceError fileDoesNotExistError(const ResourceResponse&) const; 205 ResourceError blockedError(const ResourceRequest&) const; 205 206 bool willUseArchive(ResourceLoader*, const ResourceRequest&, const KURL&) const; 206 207 bool isArchiveLoadPending(ResourceLoader*) const; -
trunk/WebCore/loader/FrameLoaderClient.h
r19978 r20227 151 151 152 152 virtual ResourceError cancelledError(const ResourceRequest&) = 0; 153 virtual ResourceError blockedError(const ResourceRequest&) = 0; 153 154 virtual ResourceError cannotShowURLError(const ResourceRequest&) = 0; 154 155 virtual ResourceError interruptForPolicyChangeError(const ResourceRequest&) = 0; -
trunk/WebCore/loader/ResourceLoader.cpp
r19905 r20227 256 256 } 257 257 258 void ResourceLoader::wasBlocked() 259 { 260 didFail(blockedError()); 261 } 262 258 263 void ResourceLoader::didCancel(const ResourceError& error) 259 264 { … … 306 311 } 307 312 313 ResourceError ResourceLoader::blockedError() 314 { 315 return frameLoader()->blockedError(m_request); 316 } 317 308 318 void ResourceLoader::willSendRequest(ResourceHandle*, ResourceRequest& request, const ResourceResponse& redirectResponse) 309 319 { … … 329 339 { 330 340 didFail(error); 341 } 342 343 void ResourceLoader::wasBlocked(ResourceHandle*) 344 { 345 wasBlocked(); 331 346 } 332 347 -
trunk/WebCore/loader/ResourceLoader.h
r19902 r20227 61 61 virtual void cancel(const ResourceError&); 62 62 ResourceError cancelledError(); 63 63 ResourceError blockedError(); 64 64 65 virtual void setDefersLoading(bool); 65 66 … … 80 81 virtual void didFinishLoading(); 81 82 virtual void didFail(const ResourceError&); 83 virtual void wasBlocked(); 82 84 83 85 void didReceiveAuthenticationChallenge(const AuthenticationChallenge&); … … 91 93 virtual void didFinishLoading(ResourceHandle*); 92 94 virtual void didFail(ResourceHandle*, const ResourceError&); 95 virtual void wasBlocked(ResourceHandle*); 93 96 virtual void willStopBufferingData(ResourceHandle*, const char* data, int length) { willStopBufferingData(data, length); } 94 97 virtual void didReceiveAuthenticationChallenge(ResourceHandle*, const AuthenticationChallenge& challenge) { didReceiveAuthenticationChallenge(challenge); } -
trunk/WebCore/platform/graphics/svg/SVGImageEmptyClients.h
r20108 r20227 217 217 218 218 virtual ResourceError cancelledError(const ResourceRequest&) { return ResourceError(); } 219 virtual ResourceError blockedError(const ResourceRequest&) { return ResourceError(); } 219 220 virtual ResourceError cannotShowURLError(const ResourceRequest&) { return ResourceError(); } 220 221 virtual ResourceError interruptForPolicyChangeError(const ResourceRequest&) { return ResourceError(); } -
trunk/WebCore/platform/network/ResourceHandle.cpp
r19267 r20227 29 29 30 30 #include "Logging.h" 31 #include "ResourceHandleClient.h" 32 #include "Timer.h" 33 34 #include <wtf/HashSet.h> 31 35 32 36 namespace WebCore { … … 39 43 PassRefPtr<ResourceHandle> ResourceHandle::create(const ResourceRequest& request, ResourceHandleClient* client, Frame* frame, bool defersLoading, bool mightDownloadFromHandle) 40 44 { 41 RefPtr<ResourceHandle> newLoader(new ResourceHandle(request, client, defersLoading, mightDownloadFromHandle)); 42 43 if (newLoader->start(frame)) 44 return newLoader.release(); 45 RefPtr<ResourceHandle> newHandle(new ResourceHandle(request, client, defersLoading, mightDownloadFromHandle)); 46 47 if (!portAllowed(request)) { 48 newHandle->scheduleBlockedFailure(); 49 return newHandle.release(); 50 } 51 52 if (newHandle->start(frame)) 53 return newHandle.release(); 45 54 46 55 return 0; 56 } 57 58 void ResourceHandle::scheduleBlockedFailure() 59 { 60 Timer<ResourceHandle>* blockedTimer = new Timer<ResourceHandle>(this, &ResourceHandle::fireBlockedFailure); 61 blockedTimer->startOneShot(0); 62 } 63 64 void ResourceHandle::fireBlockedFailure(Timer<ResourceHandle>* timer) 65 { 66 client()->wasBlocked(this); 67 delete timer; 47 68 } 48 69 … … 85 106 } 86 107 108 bool ResourceHandle::portAllowed(const ResourceRequest& request) 109 { 110 uint16_t port = request.url().port(); 111 if (!port) 112 return true; 113 114 // The blocked port list matches the port blocking mozilla implements 115 // See http://www.mozilla.org/projects/netlib/PortBanning.html for more information 116 static uint16_t blockedPortList[] = { 117 1, // tcpmux 118 7, // echo 119 9, // discard 120 11, // systat 121 13, // daytime 122 15, // netstat 123 17, // qotd 124 19, // chargen 125 20, // FTP-data 126 21, // FTP-control 127 22, // SSH 128 23, // telnet 129 25, // SMTP 130 37, // time 131 42, // name 132 43, // nicname 133 53, // domain 134 77, // priv-rjs 135 79, // finger 136 87, // ttylink 137 95, // supdup 138 101, // hostriame 139 102, // iso-tsap 140 103, // gppitnp 141 104, // acr-nema 142 109, // POP2 143 110, // POP3 144 111, // sunrpc 145 113, // auth 146 115, // SFTP 147 117, // uucp-path 148 119, // nntp 149 123, // NTP 150 135, // loc-srv / epmap 151 139, // netbios 152 143, // IMAP2 153 179, // BGP 154 389, // LDAP 155 465, // SMTP+SSL 156 512, // print / exec 157 513, // login 158 514, // shell 159 515, // printer 160 526, // tempo 161 530, // courier 162 531, // Chat 163 532, // netnews 164 540, // UUCP 165 556, // remotefs 166 563, // NNTP+SSL 167 587, // ESMTP 168 601, // syslog-conn 169 636, // LDAP+SSL 170 993, // IMAP+SSL 171 995, // POP3+SSL 172 2049, // NFS 173 4045, // lockd 174 6000, // X11 175 0 }; 176 177 static HashSet<int>* blockedPortHash = 0; 178 if (!blockedPortHash) { 179 blockedPortHash = new HashSet<int>; 180 181 for (int i = 0; blockedPortList[i]; ++i) 182 blockedPortHash->add(blockedPortList[i]); 183 } 184 185 bool restricted = blockedPortHash->contains(port); 186 187 if (restricted) { 188 // An exception in the mozilla port blocking is they allow 21 and 22 for FTP (and Secure FTP), which we have to do also 189 if ((port == 21 || port == 22) && request.url().url().startsWith("ftp:", false)) 190 return true; 191 } 192 193 return !restricted; 194 } 195 196 87 197 } // namespace WebCore 88 198 -
trunk/WebCore/platform/network/ResourceHandle.h
r19267 r20227 148 148 const ResourceRequest& request() const; 149 149 150 void fireBlockedFailure(Timer<ResourceHandle>*); 151 150 152 private: 153 static bool portAllowed(const ResourceRequest&); 154 155 void scheduleBlockedFailure(); 156 151 157 bool start(Frame*); 152 158 -
trunk/WebCore/platform/network/ResourceHandleClient.h
r18950 r20227 62 62 virtual void didFinishLoading(ResourceHandle*) { } 63 63 virtual void didFail(ResourceHandle*, const ResourceError&) { } 64 virtual void wasBlocked(ResourceHandle*) { } 64 65 65 66 virtual void willCacheResponse(ResourceHandle*, CacheStoragePolicy&) { } -
trunk/WebKit/ChangeLog
r20219 r20227 1 2007-03-15 Brady Eidson <beidson@apple.com> 2 3 Reviewed by Maciej 4 5 <rdar://problem/4429701> 6 Implements a port blocking black list that matches Firefox's 7 8 * English.lproj/Localizable.strings: Added localizable string for port blocked error code 9 10 * Misc/WebKitErrors.h: 11 * Misc/WebKitErrors.m: 12 (registerErrors): Add new port blocked error code to WebKitErrorDomain 13 14 * WebCoreSupport/WebFrameLoaderClient.h: 15 * WebCoreSupport/WebFrameLoaderClient.mm: 16 (WebFrameLoaderClient::cancelledError): Fixed coding style 17 (WebFrameLoaderClient::blockedError): Return a ResourceError with the new custom error code 18 1 19 2007-03-15 Timothy Hatcher <timothy@apple.com> 2 20 -
trunk/WebKit/English.lproj/Localizable.strings
r20037 r20227 158 158 "No recent searches" = "No recent searches"; 159 159 160 /* WebKitErrorCannotUseRestrictedPort description */ 161 "Not allowed to use restricted network port" = "Not allowed to use restricted network port"; 162 160 163 /* Open Frame in New Window context menu item */ 161 164 "Open Frame in New Window" = "Open Frame in New Window"; -
trunk/WebKit/Misc/WebKitErrors.m
r15698 r20227 45 45 #define WebKitErrorDescriptionCannotShowURL UI_STRING("Cannot show URL", "WebKitErrorCannotShowURL description") 46 46 #define WebKitErrorDescriptionFrameLoadInterruptedByPolicyChange UI_STRING("Frame load interrupted", "WebKitErrorFrameLoadInterruptedByPolicyChange description") 47 #define WebKitErrorDescriptionCannotUseRestrictedPort UI_STRING("Not allowed to use restricted network port", "WebKitErrorCannotUseRestrictedPort description") 47 48 48 49 // Plug-in and java errors … … 147 148 WebKitErrorDescriptionCannotShowURL, [NSNumber numberWithInt: WebKitErrorCannotShowURL], 148 149 WebKitErrorDescriptionFrameLoadInterruptedByPolicyChange, [NSNumber numberWithInt: WebKitErrorFrameLoadInterruptedByPolicyChange], 149 150 WebKitErrorDescriptionCannotUseRestrictedPort, [NSNumber numberWithInt: WebKitErrorCannotUseRestrictedPort], 151 150 152 // Plug-in and java errors 151 153 WebKitErrorDescriptionCannotFindPlugin, [NSNumber numberWithInt: WebKitErrorCannotFindPlugIn], -
trunk/WebKit/Misc/WebKitErrorsPrivate.h
r11962 r20227 33 33 #define WebKitErrorPlugInWillHandleLoad 204 34 34 35 /*! 36 @enum 37 @abstract Policy errors - Pending Public API Review 38 @constant WebKitErrorCannotUseRestrictedPort 39 */ 40 enum { 41 WebKitErrorCannotUseRestrictedPort = 103, 42 }; 43 35 44 @interface NSError (WebKitExtras) 36 45 + (NSError *)_webKitErrorWithCode:(int)code failingURL:(NSString *)URL; -
trunk/WebKit/WebCoreSupport/WebFrameLoaderClient.h
r19978 r20227 148 148 149 149 virtual WebCore::ResourceError cancelledError(const WebCore::ResourceRequest&); 150 virtual WebCore::ResourceError blockedError(const WebCore::ResourceRequest&); 150 151 virtual WebCore::ResourceError cannotShowURLError(const WebCore::ResourceRequest&); 151 152 virtual WebCore::ResourceError interruptForPolicyChangeError(const WebCore::ResourceRequest&); -
trunk/WebKit/WebCoreSupport/WebFrameLoaderClient.mm
r20212 r20227 686 686 } 687 687 688 ResourceError WebFrameLoaderClient::cancelledError(const ResourceRequest &request)688 ResourceError WebFrameLoaderClient::cancelledError(const ResourceRequest& request) 689 689 { 690 690 return [NSError _webKitErrorWithDomain:NSURLErrorDomain code:NSURLErrorCancelled URL:request.url().getNSURL()]; 691 } 692 693 ResourceError WebFrameLoaderClient::blockedError(const ResourceRequest& request) 694 { 695 return [NSError _webKitErrorWithDomain:WebKitErrorDomain code:WebKitErrorCannotUseRestrictedPort URL:request.url().getNSURL()]; 691 696 } 692 697
Note:
See TracChangeset
for help on using the changeset viewer.
