Changeset 230205 in webkit


Ignore:
Timestamp:
Apr 3, 2018 9:26:47 AM (6 years ago)
Author:
Chris Dumez
Message:

Make SecurityOrigin safe to create and use from any thread
https://bugs.webkit.org/show_bug.cgi?id=184216

Reviewed by Youenn Fablet.

We found that we have a decent amount of code constructing and using SecurityOrigin
objects from non-main threads. Unfortunately, this was not safe, mostly due to
SecurityOrigin's reliance on the SchemeRegistry.

This patch makes it safe to construct a SecurityOrigin on any thread A and use
it later on the same thread A. However, developers still need to call isolatedCopy()
if they want to pass such object to another thread B.

  • page/SecurityOrigin.cpp:

(WebCore::SecurityOrigin::canDisplay const):

  • page/SecurityOrigin.h:
  • page/SecurityPolicy.cpp:

(WebCore::originAccessMapLock):
(WebCore::originAccessMap):
(WebCore::SecurityPolicy::isAccessWhiteListed):
(WebCore::SecurityPolicy::addOriginAccessWhitelistEntry):
(WebCore::SecurityPolicy::removeOriginAccessWhitelistEntry):
(WebCore::SecurityPolicy::resetOriginAccessWhitelists):

  • platform/SchemeRegistry.cpp:

(WebCore::schemeRegistryLock):
(WebCore::allBuiltinSchemes):
(WebCore::builtinLocalURLSchemes):
(WebCore::localURLSchemes):
(WebCore::displayIsolatedURLSchemes):
(WebCore::builtinSecureSchemes):
(WebCore::secureSchemes):
(WebCore::builtinSchemesWithUniqueOrigins):
(WebCore::schemesWithUniqueOrigins):
(WebCore::builtinEmptyDocumentSchemes):
(WebCore::emptyDocumentSchemes):
(WebCore::schemesForbiddenFromDomainRelaxation):
(WebCore::builtinCanDisplayOnlyIfCanRequestSchemes):
(WebCore::canDisplayOnlyIfCanRequestSchemes):
(WebCore::notAllowingJavascriptURLsSchemes):
(WebCore::SchemeRegistry::registerURLSchemeAsLocal):
(WebCore::SchemeRegistry::removeURLSchemeRegisteredAsLocal):
(WebCore::schemesAllowingLocalStorageAccessInPrivateBrowsing):
(WebCore::schemesAllowingDatabaseAccessInPrivateBrowsing):
(WebCore::builtinCORSEnabledSchemes):
(WebCore::CORSEnabledSchemes):
(WebCore::ContentSecurityPolicyBypassingSchemes):
(WebCore::cachePartitioningSchemes):
(WebCore::serviceWorkerSchemes):
(WebCore::alwaysRevalidatedSchemes):
(WebCore::SchemeRegistry::shouldTreatURLSchemeAsLocal):
(WebCore::SchemeRegistry::registerURLSchemeAsNoAccess):
(WebCore::SchemeRegistry::shouldTreatURLSchemeAsNoAccess):
(WebCore::SchemeRegistry::registerURLSchemeAsDisplayIsolated):
(WebCore::SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated):
(WebCore::SchemeRegistry::registerURLSchemeAsSecure):
(WebCore::SchemeRegistry::shouldTreatURLSchemeAsSecure):
(WebCore::SchemeRegistry::canDisplayOnlyIfCanRequest):
(WebCore::SchemeRegistry::registerAsCanDisplayOnlyIfCanRequest):
(WebCore::SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy):
(WebCore::SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy):
(WebCore::SchemeRegistry::schemeShouldBypassContentSecurityPolicy):
(WebCore::SchemeRegistry::registerURLSchemeAsCachePartitioned):
(WebCore::SchemeRegistry::shouldPartitionCacheForURLScheme):
(WebCore::SchemeRegistry::registerURLSchemeServiceWorkersCanHandle):
(WebCore::SchemeRegistry::canServiceWorkersHandleURLScheme):
(WebCore::SchemeRegistry::isServiceWorkerContainerCustomScheme):

  • platform/SchemeRegistry.h:
Location:
trunk/Source/WebCore
Files:
6 edited

Legend:

Unmodified
Added
Removed
  • trunk/Source/WebCore/ChangeLog

    r230203 r230205  
     12018-04-03  Chris Dumez  <cdumez@apple.com>
     2
     3        Make SecurityOrigin safe to create and use from any thread
     4        https://bugs.webkit.org/show_bug.cgi?id=184216
     5
     6        Reviewed by Youenn Fablet.
     7
     8        We found that we have a decent amount of code constructing and using SecurityOrigin
     9        objects from non-main threads. Unfortunately, this was not safe, mostly due to
     10        SecurityOrigin's reliance on the SchemeRegistry.
     11
     12        This patch makes it safe to construct a SecurityOrigin on any thread A and use
     13        it later on the same thread A. However, developers still need to call isolatedCopy()
     14        if they want to pass such object to another thread B.
     15
     16        * page/SecurityOrigin.cpp:
     17        (WebCore::SecurityOrigin::canDisplay const):
     18        * page/SecurityOrigin.h:
     19        * page/SecurityPolicy.cpp:
     20        (WebCore::originAccessMapLock):
     21        (WebCore::originAccessMap):
     22        (WebCore::SecurityPolicy::isAccessWhiteListed):
     23        (WebCore::SecurityPolicy::addOriginAccessWhitelistEntry):
     24        (WebCore::SecurityPolicy::removeOriginAccessWhitelistEntry):
     25        (WebCore::SecurityPolicy::resetOriginAccessWhitelists):
     26        * platform/SchemeRegistry.cpp:
     27        (WebCore::schemeRegistryLock):
     28        (WebCore::allBuiltinSchemes):
     29        (WebCore::builtinLocalURLSchemes):
     30        (WebCore::localURLSchemes):
     31        (WebCore::displayIsolatedURLSchemes):
     32        (WebCore::builtinSecureSchemes):
     33        (WebCore::secureSchemes):
     34        (WebCore::builtinSchemesWithUniqueOrigins):
     35        (WebCore::schemesWithUniqueOrigins):
     36        (WebCore::builtinEmptyDocumentSchemes):
     37        (WebCore::emptyDocumentSchemes):
     38        (WebCore::schemesForbiddenFromDomainRelaxation):
     39        (WebCore::builtinCanDisplayOnlyIfCanRequestSchemes):
     40        (WebCore::canDisplayOnlyIfCanRequestSchemes):
     41        (WebCore::notAllowingJavascriptURLsSchemes):
     42        (WebCore::SchemeRegistry::registerURLSchemeAsLocal):
     43        (WebCore::SchemeRegistry::removeURLSchemeRegisteredAsLocal):
     44        (WebCore::schemesAllowingLocalStorageAccessInPrivateBrowsing):
     45        (WebCore::schemesAllowingDatabaseAccessInPrivateBrowsing):
     46        (WebCore::builtinCORSEnabledSchemes):
     47        (WebCore::CORSEnabledSchemes):
     48        (WebCore::ContentSecurityPolicyBypassingSchemes):
     49        (WebCore::cachePartitioningSchemes):
     50        (WebCore::serviceWorkerSchemes):
     51        (WebCore::alwaysRevalidatedSchemes):
     52        (WebCore::SchemeRegistry::shouldTreatURLSchemeAsLocal):
     53        (WebCore::SchemeRegistry::registerURLSchemeAsNoAccess):
     54        (WebCore::SchemeRegistry::shouldTreatURLSchemeAsNoAccess):
     55        (WebCore::SchemeRegistry::registerURLSchemeAsDisplayIsolated):
     56        (WebCore::SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated):
     57        (WebCore::SchemeRegistry::registerURLSchemeAsSecure):
     58        (WebCore::SchemeRegistry::shouldTreatURLSchemeAsSecure):
     59        (WebCore::SchemeRegistry::canDisplayOnlyIfCanRequest):
     60        (WebCore::SchemeRegistry::registerAsCanDisplayOnlyIfCanRequest):
     61        (WebCore::SchemeRegistry::registerURLSchemeAsBypassingContentSecurityPolicy):
     62        (WebCore::SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy):
     63        (WebCore::SchemeRegistry::schemeShouldBypassContentSecurityPolicy):
     64        (WebCore::SchemeRegistry::registerURLSchemeAsCachePartitioned):
     65        (WebCore::SchemeRegistry::shouldPartitionCacheForURLScheme):
     66        (WebCore::SchemeRegistry::registerURLSchemeServiceWorkersCanHandle):
     67        (WebCore::SchemeRegistry::canServiceWorkersHandleURLScheme):
     68        (WebCore::SchemeRegistry::isServiceWorkerContainerCustomScheme):
     69        * platform/SchemeRegistry.h:
     70
    1712018-04-03  Carlos Garcia Campos  <cgarcia@igalia.com>
    272
  • trunk/Source/WebCore/page/SecurityOrigin.cpp

    r230044 r230205  
    124124static bool shouldTreatAsPotentiallyTrustworthy(const String& protocol, const String& host)
    125125{
    126     // FIXME: despite the following SchemeRegistry functions using locks internally, we still
    127     // have a potential thread-safety issue with the strings being passed in. This is because
    128     // String::hash() will be called during lookup and it potentially modifies the String for
    129     // caching the hash.
    130126    if (SchemeRegistry::shouldTreatURLSchemeAsSecure(protocol))
    131127        return true;
     
    553549}
    554550
    555 URL SecurityOrigin::urlWithUniqueSecurityOrigin()
    556 {
    557     ASSERT(isMainThread());
    558     static NeverDestroyed<URL> uniqueSecurityOriginURL(ParsedURLString, MAKE_STATIC_STRING_IMPL("data:,"));
    559     return uniqueSecurityOriginURL;
    560 }
    561 
    562551bool SecurityOrigin::isLocalHostOrLoopbackIPAddress(const String& host)
    563552{
  • trunk/Source/WebCore/page/SecurityOrigin.h

    r230044 r230205  
    201201    WEBCORE_EXPORT bool isSameOriginAs(const SecurityOrigin&) const;
    202202
    203     static URL urlWithUniqueSecurityOrigin();
    204 
    205203    bool isPotentiallyTrustworthy() const { return m_isPotentiallyTrustworthy; }
    206204
  • trunk/Source/WebCore/page/SecurityPolicy.cpp

    r228239 r230205  
    4646typedef HashMap<String, std::unique_ptr<OriginAccessWhiteList>> OriginAccessMap;
    4747
     48static Lock& originAccessMapLock()
     49{
     50    static NeverDestroyed<Lock> lock;
     51    return lock;
     52}
     53
    4854static OriginAccessMap& originAccessMap()
    4955{
     56    ASSERT(originAccessMapLock().isHeld());
    5057    static NeverDestroyed<OriginAccessMap> originAccessMap;
    5158    return originAccessMap;
     
    147154bool SecurityPolicy::isAccessWhiteListed(const SecurityOrigin* activeOrigin, const SecurityOrigin* targetOrigin)
    148155{
     156    Locker<Lock> locker(originAccessMapLock());
    149157    if (OriginAccessWhiteList* list = originAccessMap().get(activeOrigin->toString())) {
    150158        for (auto& entry : *list) {
     
    164172void SecurityPolicy::addOriginAccessWhitelistEntry(const SecurityOrigin& sourceOrigin, const String& destinationProtocol, const String& destinationDomain, bool allowDestinationSubdomains)
    165173{
    166     ASSERT(isMainThread());
    167174    ASSERT(!sourceOrigin.isUnique());
    168175    if (sourceOrigin.isUnique())
     
    170177
    171178    String sourceString = sourceOrigin.toString();
     179
     180    Locker<Lock> locker(originAccessMapLock());
    172181    OriginAccessMap::AddResult result = originAccessMap().add(sourceString, nullptr);
    173182    if (result.isNewEntry)
     
    180189void SecurityPolicy::removeOriginAccessWhitelistEntry(const SecurityOrigin& sourceOrigin, const String& destinationProtocol, const String& destinationDomain, bool allowDestinationSubdomains)
    181190{
    182     ASSERT(isMainThread());
    183191    ASSERT(!sourceOrigin.isUnique());
    184192    if (sourceOrigin.isUnique())
     
    186194
    187195    String sourceString = sourceOrigin.toString();
     196
     197    Locker<Lock> locker(originAccessMapLock());
    188198    OriginAccessMap& map = originAccessMap();
    189199    OriginAccessMap::iterator it = map.find(sourceString);
     
    202212void SecurityPolicy::resetOriginAccessWhitelists()
    203213{
    204     ASSERT(isMainThread());
     214    Locker<Lock> locker(originAccessMapLock());
    205215    originAccessMap().clear();
    206216}
  • trunk/Source/WebCore/platform/SchemeRegistry.cpp

    r228972 r230205  
    6666}
    6767
     68static Lock& schemeRegistryLock()
     69{
     70    static NeverDestroyed<Lock> lock;
     71    return lock;
     72}
     73
    6874static const URLSchemesMap& allBuiltinSchemes()
    6975{
     
    9298
    9399        URLSchemesMap set;
    94         for (auto& scheme : builtinLocalURLSchemes())
    95             set.add(scheme);
    96         for (auto& function : functions)
    97             add(set, function);
     100        {
     101            Locker<Lock> locker(schemeRegistryLock());
     102            for (auto& scheme : builtinLocalURLSchemes())
     103                set.add(scheme);
     104
     105            for (auto& function : functions)
     106                add(set, function);
     107        }
    98108        for (auto& scheme : otherSchemes)
    99109            set.add(scheme);
     
    105115static const URLSchemesMap& builtinLocalURLSchemes()
    106116{
     117    ASSERT(schemeRegistryLock().isHeld());
    107118    static const auto schemes = makeNeverDestroyed(URLSchemesMap {
    108119        "file",
     
    114125}
    115126
    116 static Lock& localURLSchemesLock()
    117 {
    118     static NeverDestroyed<Lock> lock;
    119     return lock;
    120 }
    121 
    122127static URLSchemesMap& localURLSchemes()
    123128{
    124     ASSERT(localURLSchemesLock().isHeld());
     129    ASSERT(schemeRegistryLock().isHeld());
    125130    static NeverDestroyed<URLSchemesMap> localSchemes = builtinLocalURLSchemes();
    126131    return localSchemes;
     
    129134static URLSchemesMap& displayIsolatedURLSchemes()
    130135{
     136    ASSERT(schemeRegistryLock().isHeld());
    131137    static NeverDestroyed<URLSchemesMap> displayIsolatedSchemes;
    132138    return displayIsolatedSchemes;
     
    135141const Vector<String>& builtinSecureSchemes()
    136142{
     143    ASSERT(schemeRegistryLock().isHeld());
    137144    static const auto schemes = makeNeverDestroyed(Vector<String> {
    138145        "https",
     
    147154}
    148155
    149 static Lock& secureSchemesLock()
    150 {
    151     static NeverDestroyed<Lock> lock;
    152     return lock;
    153 }
    154 
    155156static URLSchemesMap& secureSchemes()
    156157{
    157     ASSERT(secureSchemesLock().isHeld());
     158    ASSERT(schemeRegistryLock().isHeld());
    158159    static auto secureSchemes = makeNeverDestroyedSchemeSet(builtinSecureSchemes);
    159160    return secureSchemes;
     
    162163const Vector<String>& builtinSchemesWithUniqueOrigins()
    163164{
     165    ASSERT(schemeRegistryLock().isHeld());
    164166    static const auto schemes = makeNeverDestroyed(Vector<String> {
    165167        "about",
     
    174176static URLSchemesMap& schemesWithUniqueOrigins()
    175177{
     178    ASSERT(schemeRegistryLock().isHeld());
    176179    static auto schemesWithUniqueOrigins = makeNeverDestroyedSchemeSet(builtinSchemesWithUniqueOrigins);
    177180    return schemesWithUniqueOrigins;
     
    180183const Vector<String>& builtinEmptyDocumentSchemes()
    181184{
     185    ASSERT(isMainThread());
    182186    static const auto schemes = makeNeverDestroyed(Vector<String> { "about" });
    183187    return schemes;
     
    186190static URLSchemesMap& emptyDocumentSchemes()
    187191{
     192    ASSERT(isMainThread());
    188193    static auto emptyDocumentSchemes = makeNeverDestroyedSchemeSet(builtinEmptyDocumentSchemes);
    189194    return emptyDocumentSchemes;
     
    192197static URLSchemesMap& schemesForbiddenFromDomainRelaxation()
    193198{
     199    ASSERT(isMainThread());
    194200    static NeverDestroyed<URLSchemesMap> schemes;
    195201    return schemes;
     
    198204const Vector<String>& builtinCanDisplayOnlyIfCanRequestSchemes()
    199205{
     206    ASSERT(schemeRegistryLock().isHeld());
    200207    static const auto schemes = makeNeverDestroyed(Vector<String> { "blob" });
    201208    return schemes;
     
    204211static URLSchemesMap& canDisplayOnlyIfCanRequestSchemes()
    205212{
     213    ASSERT(schemeRegistryLock().isHeld());
    206214    static auto canDisplayOnlyIfCanRequestSchemes = makeNeverDestroyedSchemeSet(builtinCanDisplayOnlyIfCanRequestSchemes);
    207215    return canDisplayOnlyIfCanRequestSchemes;
     
    210218static URLSchemesMap& notAllowingJavascriptURLsSchemes()
    211219{
     220    ASSERT(isMainThread());
    212221    static NeverDestroyed<URLSchemesMap> notAllowingJavascriptURLsSchemes;
    213222    return notAllowingJavascriptURLsSchemes;
     
    219228        return;
    220229
    221     Locker<Lock> locker(localURLSchemesLock());
     230    Locker<Lock> locker(schemeRegistryLock());
    222231    localURLSchemes().add(scheme);
    223232}
     
    225234void SchemeRegistry::removeURLSchemeRegisteredAsLocal(const String& scheme)
    226235{
    227     Locker<Lock> locker(localURLSchemesLock());
     236    Locker<Lock> locker(schemeRegistryLock());
    228237    if (builtinLocalURLSchemes().contains(scheme))
    229238        return;
     
    234243static URLSchemesMap& schemesAllowingLocalStorageAccessInPrivateBrowsing()
    235244{
     245    ASSERT(isMainThread());
    236246    static NeverDestroyed<URLSchemesMap> schemesAllowingLocalStorageAccessInPrivateBrowsing;
    237247    return schemesAllowingLocalStorageAccessInPrivateBrowsing;
     
    240250static URLSchemesMap& schemesAllowingDatabaseAccessInPrivateBrowsing()
    241251{
     252    ASSERT(isMainThread());
    242253    static NeverDestroyed<URLSchemesMap> schemesAllowingDatabaseAccessInPrivateBrowsing;
    243254    return schemesAllowingDatabaseAccessInPrivateBrowsing;
     
    246257const Vector<String>& builtinCORSEnabledSchemes()
    247258{
     259    ASSERT(isMainThread());
    248260    static const auto schemes = makeNeverDestroyed(Vector<String> { "http", "https" });
    249261    return schemes;
     
    252264static URLSchemesMap& CORSEnabledSchemes()
    253265{
     266    ASSERT(isMainThread());
    254267    // FIXME: http://bugs.webkit.org/show_bug.cgi?id=77160
    255268    static auto schemes = makeNeverDestroyedSchemeSet(builtinCORSEnabledSchemes);
     
    259272static URLSchemesMap& ContentSecurityPolicyBypassingSchemes()
    260273{
     274    ASSERT(schemeRegistryLock().isHeld());
    261275    static NeverDestroyed<URLSchemesMap> schemes;
    262276    return schemes;
     
    265279static URLSchemesMap& cachePartitioningSchemes()
    266280{
     281    ASSERT(schemeRegistryLock().isHeld());
    267282    static NeverDestroyed<URLSchemesMap> schemes;
    268283    return schemes;
    269284}
    270285
    271 static Lock& serviceWorkerSchemesLock()
    272 {
    273     static NeverDestroyed<Lock> lock;
    274     return lock;
    275 }
    276 
    277286static URLSchemesMap& serviceWorkerSchemes()
    278287{
    279     ASSERT(serviceWorkerSchemesLock().isHeld());
     288    ASSERT(schemeRegistryLock().isHeld());
    280289    static NeverDestroyed<URLSchemesMap> schemes;
    281290    return schemes;
     
    284293static URLSchemesMap& alwaysRevalidatedSchemes()
    285294{
     295    ASSERT(isMainThread());
    286296    static NeverDestroyed<URLSchemesMap> schemes;
    287297    return schemes;
     
    293303        return false;
    294304
    295     Locker<Lock> locker(localURLSchemesLock());
     305    Locker<Lock> locker(schemeRegistryLock());
    296306    return localURLSchemes().contains(scheme);
    297307}
     
    301311    if (scheme.isNull())
    302312        return;
     313
     314    Locker<Lock> locker(schemeRegistryLock());
    303315    schemesWithUniqueOrigins().add(scheme);
    304316}
     
    306318bool SchemeRegistry::shouldTreatURLSchemeAsNoAccess(const String& scheme)
    307319{
    308     return !scheme.isNull() && schemesWithUniqueOrigins().contains(scheme);
     320    if (scheme.isNull())
     321        return false;
     322
     323    Locker<Lock> locker(schemeRegistryLock());
     324    return schemesWithUniqueOrigins().contains(scheme);
    309325}
    310326
     
    313329    if (scheme.isNull())
    314330        return;
     331
     332    Locker<Lock> locker(schemeRegistryLock());
    315333    displayIsolatedURLSchemes().add(scheme);
    316334}
     
    318336bool SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated(const String& scheme)
    319337{
    320     return !scheme.isNull() && displayIsolatedURLSchemes().contains(scheme);
     338    if (scheme.isNull())
     339        return false;
     340
     341    Locker<Lock> locker(schemeRegistryLock());
     342    return displayIsolatedURLSchemes().contains(scheme);
    321343}
    322344
     
    326348        return;
    327349
    328     Locker<Lock> locker(secureSchemesLock());
     350    Locker<Lock> locker(schemeRegistryLock());
    329351    secureSchemes().add(scheme);
    330352}
     
    335357        return false;
    336358
    337     Locker<Lock> locker(secureSchemesLock());
     359    Locker<Lock> locker(schemeRegistryLock());
    338360    return secureSchemes().contains(scheme);
    339361}
     
    369391bool SchemeRegistry::canDisplayOnlyIfCanRequest(const String& scheme)
    370392{
    371     return !scheme.isNull() && canDisplayOnlyIfCanRequestSchemes().contains(scheme);
     393    if (scheme.isNull())
     394        return false;
     395
     396    Locker<Lock> locker(schemeRegistryLock());
     397    return canDisplayOnlyIfCanRequestSchemes().contains(scheme);
    372398}
    373399
     
    376402    if (scheme.isNull())
    377403        return;
     404
     405    Locker<Lock> locker(schemeRegistryLock());
    378406    canDisplayOnlyIfCanRequestSchemes().add(scheme);
    379407}
     
    431459    if (scheme.isNull())
    432460        return;
     461
     462    Locker<Lock> locker(schemeRegistryLock());
    433463    ContentSecurityPolicyBypassingSchemes().add(scheme);
    434464}
     
    438468    if (scheme.isNull())
    439469        return;
     470
     471    Locker<Lock> locker(schemeRegistryLock());
    440472    ContentSecurityPolicyBypassingSchemes().remove(scheme);
    441473}
     
    443475bool SchemeRegistry::schemeShouldBypassContentSecurityPolicy(const String& scheme)
    444476{
    445     return !scheme.isNull() && ContentSecurityPolicyBypassingSchemes().contains(scheme);
     477    if (scheme.isNull())
     478        return false;
     479
     480    Locker<Lock> locker(schemeRegistryLock());
     481    return ContentSecurityPolicyBypassingSchemes().contains(scheme);
    446482}
    447483
     
    462498    if (scheme.isNull())
    463499        return;
     500
     501    Locker<Lock> locker(schemeRegistryLock());
    464502    cachePartitioningSchemes().add(scheme);
    465503}
     
    467505bool SchemeRegistry::shouldPartitionCacheForURLScheme(const String& scheme)
    468506{
    469     return !scheme.isNull() && cachePartitioningSchemes().contains(scheme);
     507    if (scheme.isNull())
     508        return false;
     509
     510    Locker<Lock> locker(schemeRegistryLock());
     511    return cachePartitioningSchemes().contains(scheme);
    470512}
    471513
     
    475517        return;
    476518
    477     Locker<Lock> locker(serviceWorkerSchemesLock());
     519    Locker<Lock> locker(schemeRegistryLock());
    478520    serviceWorkerSchemes().add(scheme);
    479521}
     
    491533    }
    492534
    493     Locker<Lock> locker(serviceWorkerSchemesLock());
     535    Locker<Lock> locker(schemeRegistryLock());
    494536    return serviceWorkerSchemes().contains(scheme);
    495537}
     
    497539bool SchemeRegistry::isServiceWorkerContainerCustomScheme(const String& scheme)
    498540{
    499     Locker<Lock> locker(serviceWorkerSchemesLock());
     541    Locker<Lock> locker(schemeRegistryLock());
    500542    return !scheme.isNull() && serviceWorkerSchemes().contains(scheme);
    501543}
  • trunk/Source/WebCore/platform/SchemeRegistry.h

    r229869 r230205  
    3838class SchemeRegistry {
    3939public:
    40     WEBCORE_EXPORT static void registerURLSchemeAsLocal(const String&);
    41     static void removeURLSchemeRegisteredAsLocal(const String&);
     40    WEBCORE_EXPORT static void registerURLSchemeAsLocal(const String&); // Thread safe.
     41    static void removeURLSchemeRegisteredAsLocal(const String&); // Thread safe.
    4242
    43     WEBCORE_EXPORT static bool shouldTreatURLSchemeAsLocal(const String&);
     43    WEBCORE_EXPORT static bool shouldTreatURLSchemeAsLocal(const String&); // Thread safe.
    4444    WEBCORE_EXPORT static bool isBuiltinScheme(const String&);
    4545   
     
    4747    // https and data are secure schemes because they cannot be corrupted by
    4848    // active network attackers.
    49     WEBCORE_EXPORT static void registerURLSchemeAsSecure(const String&);
    50     static bool shouldTreatURLSchemeAsSecure(const String&);
     49    WEBCORE_EXPORT static void registerURLSchemeAsSecure(const String&); // Thread safe.
     50    static bool shouldTreatURLSchemeAsSecure(const String&); // Thread safe.
    5151
    52     WEBCORE_EXPORT static void registerURLSchemeAsNoAccess(const String&);
    53     static bool shouldTreatURLSchemeAsNoAccess(const String&);
     52    WEBCORE_EXPORT static void registerURLSchemeAsNoAccess(const String&); // Thread safe.
     53    static bool shouldTreatURLSchemeAsNoAccess(const String&); // Thread safe.
    5454
    5555    // Display-isolated schemes can only be displayed (in the sense of
    5656    // SecurityOrigin::canDisplay) by documents from the same scheme.
    57     WEBCORE_EXPORT static void registerURLSchemeAsDisplayIsolated(const String&);
    58     static bool shouldTreatURLSchemeAsDisplayIsolated(const String&);
     57    WEBCORE_EXPORT static void registerURLSchemeAsDisplayIsolated(const String&); // Thread safe.
     58    static bool shouldTreatURLSchemeAsDisplayIsolated(const String&); // Thread safe.
    5959
    6060    WEBCORE_EXPORT static void registerURLSchemeAsEmptyDocument(const String&);
     
    6666    // Such schemes should delegate to SecurityOrigin::canRequest for any URL
    6767    // passed to SecurityOrigin::canDisplay.
    68     static bool canDisplayOnlyIfCanRequest(const String& scheme);
    69     WEBCORE_EXPORT static void registerAsCanDisplayOnlyIfCanRequest(const String& scheme);
     68    static bool canDisplayOnlyIfCanRequest(const String& scheme); // Thread safe.
     69    WEBCORE_EXPORT static void registerAsCanDisplayOnlyIfCanRequest(const String& scheme); // Thread safe.
    7070
    7171    // Schemes against which javascript: URLs should not be allowed to run (stop
     
    8787    // Allow resources from some schemes to load on a page, regardless of its
    8888    // Content Security Policy.
    89     WEBCORE_EXPORT static void registerURLSchemeAsBypassingContentSecurityPolicy(const String& scheme);
    90     WEBCORE_EXPORT static void removeURLSchemeRegisteredAsBypassingContentSecurityPolicy(const String& scheme);
    91     static bool schemeShouldBypassContentSecurityPolicy(const String& scheme);
     89    WEBCORE_EXPORT static void registerURLSchemeAsBypassingContentSecurityPolicy(const String& scheme); // Thread safe.
     90    WEBCORE_EXPORT static void removeURLSchemeRegisteredAsBypassingContentSecurityPolicy(const String& scheme); // Thread safe.
     91    static bool schemeShouldBypassContentSecurityPolicy(const String& scheme); // Thread safe.
    9292
    9393    // Schemes whose responses should always be revalidated.
     
    9696
    9797    // Schemes whose requests should be partitioned in the cache
    98     WEBCORE_EXPORT static void registerURLSchemeAsCachePartitioned(const String& scheme);
    99     static bool shouldPartitionCacheForURLScheme(const String& scheme);
     98    WEBCORE_EXPORT static void registerURLSchemeAsCachePartitioned(const String& scheme); // Thread safe.
     99    static bool shouldPartitionCacheForURLScheme(const String& scheme); // Thread safe.
    100100
    101101    // Schemes besides http(s) that service workers are allowed to handle
    102     WEBCORE_EXPORT static void registerURLSchemeServiceWorkersCanHandle(const String& scheme);
    103     WEBCORE_EXPORT static bool canServiceWorkersHandleURLScheme(const String& scheme);
    104     static bool isServiceWorkerContainerCustomScheme(const String& scheme);
     102    WEBCORE_EXPORT static void registerURLSchemeServiceWorkersCanHandle(const String& scheme); // Thread safe.
     103    WEBCORE_EXPORT static bool canServiceWorkersHandleURLScheme(const String& scheme); // Thread safe.
     104    static bool isServiceWorkerContainerCustomScheme(const String& scheme); // Thread safe.
    105105
    106106    static bool isUserExtensionScheme(const String& scheme);
Note: See TracChangeset for help on using the changeset viewer.