Changeset 288320 in webkit
- Timestamp:
- Jan 20, 2022 1:26:43 PM (2 years ago)
- Location:
- branches/safari-613-branch
- Files:
-
- 4 added
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/safari-613-branch/LayoutTests/ChangeLog
r287833 r288320 1 2022-01-20 Russell Epstein <repstein@apple.com> 2 3 Cherry-pick r288078. rdar://problem/87662271 4 5 database names leak cross-origin within the same browser session 6 https://bugs.webkit.org/show_bug.cgi?id=233548 7 8 Reviewed by Geoff Garen. 9 10 Source/WebCore: 11 12 Test: http/tests/security/getdatabases-crossorigin.html 13 14 * Modules/indexeddb/server/IDBServer.cpp: 15 (WebCore::IDBServer::IDBServer::getAllDatabaseNamesAndVersions): When iterating the set of all open 16 UniqueIDBDatabases, only add them to the results list if their origins match. 17 18 * page/ClientOrigin.h: 19 (WebCore::ClientOrigin::operator!= const): 20 21 LayoutTests: 22 23 * http/tests/security/getdatabases-crossorigin-expected.txt: Added. 24 * http/tests/security/getdatabases-crossorigin.html: Added. 25 * http/tests/security/resources/getdatabases-otherframe.html: Added. 26 * http/tests/security/resources/getdatabases-otherwindow.html: Added. 27 28 29 git-svn-id: https://svn.webkit.org/repository/webkit/trunk@288078 268f45cc-cd09-0410-ab3c-d52691b4dbfc 30 31 2022-01-16 Brady Eidson <beidson@apple.com> 32 33 database names leak cross-origin within the same browser session 34 https://bugs.webkit.org/show_bug.cgi?id=233548 35 36 Reviewed by Geoff Garen. 37 38 * http/tests/security/getdatabases-crossorigin-expected.txt: Added. 39 * http/tests/security/getdatabases-crossorigin.html: Added. 40 * http/tests/security/resources/getdatabases-otherframe.html: Added. 41 * http/tests/security/resources/getdatabases-otherwindow.html: Added. 42 1 43 2022-01-10 Carlos Garcia Campos <cgarcia@igalia.com> 2 44 -
branches/safari-613-branch/Source/WebCore/ChangeLog
r287886 r288320 1 2022-01-20 Russell Epstein <repstein@apple.com> 2 3 Cherry-pick r288078. rdar://problem/87662271 4 5 database names leak cross-origin within the same browser session 6 https://bugs.webkit.org/show_bug.cgi?id=233548 7 8 Reviewed by Geoff Garen. 9 10 Source/WebCore: 11 12 Test: http/tests/security/getdatabases-crossorigin.html 13 14 * Modules/indexeddb/server/IDBServer.cpp: 15 (WebCore::IDBServer::IDBServer::getAllDatabaseNamesAndVersions): When iterating the set of all open 16 UniqueIDBDatabases, only add them to the results list if their origins match. 17 18 * page/ClientOrigin.h: 19 (WebCore::ClientOrigin::operator!= const): 20 21 LayoutTests: 22 23 * http/tests/security/getdatabases-crossorigin-expected.txt: Added. 24 * http/tests/security/getdatabases-crossorigin.html: Added. 25 * http/tests/security/resources/getdatabases-otherframe.html: Added. 26 * http/tests/security/resources/getdatabases-otherwindow.html: Added. 27 28 29 git-svn-id: https://svn.webkit.org/repository/webkit/trunk@288078 268f45cc-cd09-0410-ab3c-d52691b4dbfc 30 31 2022-01-16 Brady Eidson <beidson@apple.com> 32 33 database names leak cross-origin within the same browser session 34 https://bugs.webkit.org/show_bug.cgi?id=233548 35 36 Reviewed by Geoff Garen. 37 38 Test: http/tests/security/getdatabases-crossorigin.html 39 40 * Modules/indexeddb/server/IDBServer.cpp: 41 (WebCore::IDBServer::IDBServer::getAllDatabaseNamesAndVersions): When iterating the set of all open 42 UniqueIDBDatabases, only add them to the results list if their origins match. 43 44 * page/ClientOrigin.h: 45 (WebCore::ClientOrigin::operator!= const): 46 1 47 2022-01-11 Russell Epstein <repstein@apple.com> 2 48 -
branches/safari-613-branch/Source/WebCore/Modules/indexeddb/server/IDBServer.cpp
r280410 r288320 531 531 532 532 for (auto& database : m_uniqueIDBDatabaseMap.values()) { 533 if (database->identifier().origin() != origin) 534 continue; 535 533 536 auto path = database->filePath(); 534 537 if (!path.isEmpty()) -
branches/safari-613-branch/Source/WebCore/page/ClientOrigin.h
r278253 r288320 38 38 unsigned hash() const; 39 39 bool operator==(const ClientOrigin&) const; 40 bool operator!=(const ClientOrigin& other) const { return !(*this == other); } 40 41 41 42 template<class Encoder> void encode(Encoder&) const;
Note: See TracChangeset
for help on using the changeset viewer.