Changeset 119883 in webkit

Timestamp:

Jun 8, 2012 6:51:27 PM (12 years ago)

Author:

commit-queue@webkit.org

Message:

Source/WebCore: Treat blob: and filesystem: URLs generated via secure origins as secure.
​https://bugs.webkit.org/show_bug.cgi?id=84054

Loading a blob: or filesystem: URL into an iframe or image that's
contained on an HTTPS page shouldn't generate a mixed content warning.
This change adds a SecurityOrigin::isSecure to check both against a
URLs protocol, and the protocol of it's so-called "inner URL" if it's
the type of URL that has such a thing. These sorts of URLs which are
generated from secure sources will themselves be treated as secure.

Patch by Mike West <​mkwst@chromium.org> on 2012-06-08
Reviewed by Adam Barth.

Tests: http/tests/security/mixedContent/blob-url-in-iframe.html

http/tests/security/mixedContent/filesystem-url-in-iframe.html

• loader/FrameLoader.cpp:

(WebCore::FrameLoader::isMixedContent):

• page/SecurityOrigin.cpp:

(WebCore):
(WebCore::SecurityOrigin::isSecure):

• page/SecurityOrigin.h:

(SecurityOrigin):

LayoutTests: Excluding blob: and filesystem: schemes from the mixed content check.
​https://bugs.webkit.org/show_bug.cgi?id=84054

Patch by Mike West <​mkwst@chromium.org> on 2012-06-08
Reviewed by Adam Barth.

• http/tests/security/mixedContent/blob-url-in-iframe-expected.txt: Added.
• http/tests/security/mixedContent/blob-url-in-iframe.html: Added.
• http/tests/security/mixedContent/filesystem-url-in-iframe-expected.txt: Added.
• http/tests/security/mixedContent/filesystem-url-in-iframe.html: Added.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/http/tests/security/mixedContent/blob-url-in-iframe-expected.txt (added)
• LayoutTests/http/tests/security/mixedContent/blob-url-in-iframe.html (added)
• LayoutTests/http/tests/security/mixedContent/filesystem-url-in-iframe-expected.txt (added)
• LayoutTests/http/tests/security/mixedContent/filesystem-url-in-iframe.html (added)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/loader/FrameLoader.cpp (modified) (1 diff)
• Source/WebCore/page/SecurityOrigin.cpp (modified) (1 diff)
• Source/WebCore/page/SecurityOrigin.h (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2012-06-08  Mike West  <mkwst@chromium.org>
+
+        Excluding blob: and filesystem: schemes from the mixed content check.
+        https://bugs.webkit.org/show_bug.cgi?id=84054
+
+        Reviewed by Adam Barth.
+
+        * http/tests/security/mixedContent/blob-url-in-iframe-expected.txt: Added.
+        * http/tests/security/mixedContent/blob-url-in-iframe.html: Added.
+        * http/tests/security/mixedContent/filesystem-url-in-iframe-expected.txt: Added.
+        * http/tests/security/mixedContent/filesystem-url-in-iframe.html: Added.
+
 2012-06-08  Eli Fidler  <efidler@rim.com>
 

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2012-06-08  Mike West  <mkwst@chromium.org>
+
+        Treat blob: and filesystem: URLs generated via secure origins as secure.
+        https://bugs.webkit.org/show_bug.cgi?id=84054
+
+        Loading a blob: or filesystem: URL into an iframe or image that's
+        contained on an HTTPS page shouldn't generate a mixed content warning.
+        This change adds a SecurityOrigin::isSecure to check both against a
+        URLs protocol, and the protocol of it's so-called "inner URL" if it's
+        the type of URL that has such a thing. These sorts of URLs which are
+        generated from secure sources will themselves be treated as secure.
+
+        Reviewed by Adam Barth.
+
+        Tests: http/tests/security/mixedContent/blob-url-in-iframe.html
+               http/tests/security/mixedContent/filesystem-url-in-iframe.html
+
+        * loader/FrameLoader.cpp:
+        (WebCore::FrameLoader::isMixedContent):
+        * page/SecurityOrigin.cpp:
+        (WebCore):
+        (WebCore::SecurityOrigin::isSecure):
+        * page/SecurityOrigin.h:
+        (SecurityOrigin):
+
 2012-06-08  Martin Robinson  <mrobinson@igalia.com>
 

trunk/Source/WebCore/loader/FrameLoader.cpp

@@ -870 +870 @@
         return false;  // We only care about HTTPS security origins.
 
-    if (!url.isValid() || SchemeRegistry::shouldTreatURLSchemeAsSecure(url.protocol()))
-        return false;  // Loading these protocols is secure.
-
-    return true;
+    // We're in a secure context, so |url| is mixed content if it's insecure.
+    return !SecurityOrigin::isSecure(url);
 }
 

trunk/Source/WebCore/page/SecurityOrigin.cpp

@@ -208 +208 @@
     m_domainWasSetInDOM = true;
     m_domain = newDomain.lower();
+}
+
+bool SecurityOrigin::isSecure(const KURL& url)
+{
+    // Invalid URLs are secure, as are URLs which have a secure protocol.
+    if (!url.isValid() || SchemeRegistry::shouldTreatURLSchemeAsSecure(url.protocol()))
+        return true;
+
+    // URLs that wrap inner URLs are secure if those inner URLs are secure.
+    if (shouldUseInnerURL(url) && SchemeRegistry::shouldTreatURLSchemeAsSecure(extractInnerURL(url).protocol()))
+        return true;
+
+    return false;
 }
 

trunk/Source/WebCore/page/SecurityOrigin.h

@@ -68 +68 @@
     unsigned short port() const { return m_port; }
 
+    // Returns true if a given URL is secure, based either directly on its
+    // own protocol, or, when relevant, on the protocol of its "inner URL"
+    // Protocols like blob: and filesystem: fall into this latter category.
+    static bool isSecure(const KURL&);
+
     // Returns true if this SecurityOrigin can script objects in the given
     // SecurityOrigin. For example, call this function before allowing