Changeset 230044 in webkit
- Timestamp:
- Mar 28, 2018 1:36:03 PM (6 years ago)
- Location:
- trunk/Source/WebCore
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r230043 r230044 1 2018-03-28 Chris Dumez <cdumez@apple.com> 2 3 Thread safety issue in IDBFactory' shouldThrowSecurityException() 4 https://bugs.webkit.org/show_bug.cgi?id=184064 5 6 Reviewed by Ryosuke Niwa. 7 8 shouldThrowSecurityException() gets called on a non-main thread but 9 it ended up using the SchemeRegistry via SecurityOrigin::canAccessDatabase() 10 which calls SecurityOrigin::isLocal(). 11 12 Since using the SchemeRegistry from the background thread is not safe 13 (we recently added locks which we're trying to remove), and since SecurityOrigin 14 methods are often called from background threads, this patch make SecurityOrigin::isLocal() 15 safe to call from a background thread. To achieve this, we now query the SchemeRegistry 16 in the SecurityOrigin constructor instead as SecurityOrigin objects are expected to be 17 constructed on the main thread. 18 19 * page/SecurityOrigin.cpp: 20 (WebCore::SecurityOrigin::SecurityOrigin): 21 (WebCore::SecurityOrigin::isLocal const): Deleted. 22 * page/SecurityOrigin.h: 23 (WebCore::SecurityOrigin::isLocal const): 24 1 25 2018-03-28 Ryan Haddad <ryanhaddad@apple.com> 2 26 -
trunk/Source/WebCore/page/SecurityOrigin.cpp
r230009 r230044 147 147 SecurityOrigin::SecurityOrigin(const URL& url) 148 148 : m_data(SecurityOriginData::fromURL(url)) 149 , m_isLocal(SchemeRegistry::shouldTreatURLSchemeAsLocal(m_data.protocol)) 149 150 { 150 151 // document.domain starts as m_data.host, but can be set by the DOM. … … 183 184 , m_needsStorageAccessFromFileURLsQuirk { other->m_needsStorageAccessFromFileURLsQuirk } 184 185 , m_isPotentiallyTrustworthy { other->m_isPotentiallyTrustworthy } 186 , m_isLocal { other->m_isLocal } 185 187 { 186 188 } … … 459 461 } 460 462 461 bool SecurityOrigin::isLocal() const462 {463 return SchemeRegistry::shouldTreatURLSchemeAsLocal(m_data.protocol);464 }465 466 463 String SecurityOrigin::toString() const 467 464 { -
trunk/Source/WebCore/page/SecurityOrigin.h
r230009 r230044 154 154 // The local SecurityOrigin can script any document, navigate to local 155 155 // resources, and can set arbitrary headers on XMLHttpRequests. 156 WEBCORE_EXPORT bool isLocal() const;156 bool isLocal() const { return m_isLocal; } 157 157 158 158 // The origin is a globally unique identifier assigned when the Document is … … 235 235 bool m_needsStorageAccessFromFileURLsQuirk { false }; 236 236 bool m_isPotentiallyTrustworthy { false }; 237 bool m_isLocal { false }; 237 238 }; 238 239
Note: See TracChangeset
for help on using the changeset viewer.