Changeset 190859 in webkit

Timestamp:

Oct 12, 2015, 10:25:37 AM (10 years ago)

Author:

andersca@apple.com

Message:

Don't allow plug-ins to override image types for <embed> elements
​https://bugs.webkit.org/show_bug.cgi?id=149979

Reviewed by Tim Horton.

Source/WebCore:

Stop allowing plug-ins to take over image types for <embed> elements. We already do this
for <object> elements, but had to make <embed> elements exempt because of webkit.org/b/49016.
The QuickTime plug-in hasn't supported image types since Lion, so there's no point in keeping this code around.

• html/HTMLAppletElement.cpp:

(WebCore::HTMLAppletElement::HTMLAppletElement):

• html/HTMLEmbedElement.cpp:

(WebCore::HTMLEmbedElement::HTMLEmbedElement):

• html/HTMLObjectElement.cpp:

(WebCore::HTMLObjectElement::HTMLObjectElement):
(WebCore::HTMLObjectElement::parametersForPlugin):

• html/HTMLPlugInImageElement.cpp:

(WebCore::HTMLPlugInImageElement::HTMLPlugInImageElement):
(WebCore::HTMLPlugInImageElement::isImageType):
(WebCore::HTMLPlugInImageElement::wouldLoadAsNetscapePlugin):

• html/HTMLPlugInImageElement.h:

(WebCore::HTMLPlugInImageElement::shouldPreferPlugInsForImages): Deleted.

• loader/EmptyClients.h:
• loader/FrameLoaderClient.h:
• loader/SubframeLoader.cpp:

(WebCore::SubframeLoader::resourceWillUsePlugin):
(WebCore::SubframeLoader::requestObject):
(WebCore::SubframeLoader::shouldUsePlugin):

• loader/SubframeLoader.h:

Source/WebKit/mac:

• WebCoreSupport/WebFrameLoaderClient.h:
• WebCoreSupport/WebFrameLoaderClient.mm:

(WebFrameLoaderClient::objectContentType):

Source/WebKit/win:

• WebCoreSupport/WebFrameLoaderClient.cpp:

(WebFrameLoaderClient::objectContentType):

• WebCoreSupport/WebFrameLoaderClient.h:

Source/WebKit2:

• WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::objectContentType):

• WebProcess/WebCoreSupport/WebFrameLoaderClient.h:

LayoutTests:

Remove test.

• platform/efl/TestExpectations:
• platform/gtk/TestExpectations:
• plugins/embed-prefers-plugins-for-images-expected.txt: Removed.
• plugins/embed-prefers-plugins-for-images.html: Removed.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/platform/efl/TestExpectations (modified) (1 diff)
• LayoutTests/platform/gtk/TestExpectations (modified) (1 diff)
• LayoutTests/plugins/embed-prefers-plugins-for-images-expected.txt (deleted)
• LayoutTests/plugins/embed-prefers-plugins-for-images.html (deleted)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/html/HTMLAppletElement.cpp (modified) (1 diff)
• Source/WebCore/html/HTMLEmbedElement.cpp (modified) (1 diff)
• Source/WebCore/html/HTMLObjectElement.cpp (modified) (2 diffs)
• Source/WebCore/html/HTMLPlugInImageElement.cpp (modified) (4 diffs)
• Source/WebCore/html/HTMLPlugInImageElement.h (modified) (3 diffs)
• Source/WebCore/loader/EmptyClients.h (modified) (1 diff)
• Source/WebCore/loader/FrameLoaderClient.h (modified) (1 diff)
• Source/WebCore/loader/SubframeLoader.cpp (modified) (5 diffs)
• Source/WebCore/loader/SubframeLoader.h (modified) (2 diffs)
• Source/WebKit/mac/ChangeLog (modified) (1 diff)
• Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.h (modified) (1 diff)
• Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.mm (modified) (2 diffs)
• Source/WebKit/win/ChangeLog (modified) (1 diff)
• Source/WebKit/win/WebCoreSupport/WebFrameLoaderClient.cpp (modified) (2 diffs)
• Source/WebKit/win/WebCoreSupport/WebFrameLoaderClient.h (modified) (1 diff)
• Source/WebKit2/ChangeLog (modified) (1 diff)
• Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp (modified) (2 diffs)
• Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.h (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2015-10-09  Anders Carlsson  <andersca@apple.com>
+
+        Don't allow plug-ins to override image types for <embed> elements
+        https://bugs.webkit.org/show_bug.cgi?id=149979
+
+        Reviewed by Tim Horton.
+
+        Remove test.
+
+        * platform/efl/TestExpectations:
+        * platform/gtk/TestExpectations:
+        * plugins/embed-prefers-plugins-for-images-expected.txt: Removed.
+        * plugins/embed-prefers-plugins-for-images.html: Removed.
+
 2015-10-12  Ryan Haddad  <ryanhaddad@apple.com>
 

trunk/LayoutTests/platform/efl/TestExpectations

@@ -1954 +1954 @@
 
 webkit.org/b/127725 media/video-restricted-no-preload-auto.html [ Failure ]
-
-webkit.org/b/127731 plugins/embed-prefers-plugins-for-images.html [ Failure ]
 
 # Subpixel rendering: borders are reporting float values.

trunk/LayoutTests/platform/gtk/TestExpectations

@@ -683 +683 @@
 
 webkit.org/b/131217 [ Debug ] plugins/no-mime-with-valid-extension.html [ Crash ]
-webkit.org/b/131217 [ Debug ] plugins/embed-prefers-plugins-for-images.html [ Crash ]
 
 webkit.org/b/105870 [ Debug ] webaudio/audiobuffersource-loop-points.html [ Crash ]

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2015-10-09  Anders Carlsson  <andersca@apple.com>
+
+        Don't allow plug-ins to override image types for <embed> elements
+        https://bugs.webkit.org/show_bug.cgi?id=149979
+
+        Reviewed by Tim Horton.
+
+        Stop allowing plug-ins to take over image types for <embed> elements. We already do this
+        for <object> elements, but had to make <embed> elements exempt because of webkit.org/b/49016.
+        The QuickTime plug-in hasn't supported image types since Lion, so there's no point in keeping this code around.
+
+        * html/HTMLAppletElement.cpp:
+        (WebCore::HTMLAppletElement::HTMLAppletElement):
+        * html/HTMLEmbedElement.cpp:
+        (WebCore::HTMLEmbedElement::HTMLEmbedElement):
+        * html/HTMLObjectElement.cpp:
+        (WebCore::HTMLObjectElement::HTMLObjectElement):
+        (WebCore::HTMLObjectElement::parametersForPlugin):
+        * html/HTMLPlugInImageElement.cpp:
+        (WebCore::HTMLPlugInImageElement::HTMLPlugInImageElement):
+        (WebCore::HTMLPlugInImageElement::isImageType):
+        (WebCore::HTMLPlugInImageElement::wouldLoadAsNetscapePlugin):
+        * html/HTMLPlugInImageElement.h:
+        (WebCore::HTMLPlugInImageElement::shouldPreferPlugInsForImages): Deleted.
+        * loader/EmptyClients.h:
+        * loader/FrameLoaderClient.h:
+        * loader/SubframeLoader.cpp:
+        (WebCore::SubframeLoader::resourceWillUsePlugin):
+        (WebCore::SubframeLoader::requestObject):
+        (WebCore::SubframeLoader::shouldUsePlugin):
+        * loader/SubframeLoader.h:
+
 2015-10-12  Zan Dobersek  <zdobersek@igalia.com>
 

trunk/Source/WebCore/html/HTMLAppletElement.cpp

@@ -42 +42 @@
 
 HTMLAppletElement::HTMLAppletElement(const QualifiedName& tagName, Document& document, bool createdByParser)
-    : HTMLPlugInImageElement(tagName, document, createdByParser, ShouldNotPreferPlugInsForImages)
+    : HTMLPlugInImageElement(tagName, document, createdByParser)
 {
     ASSERT(hasTagName(appletTag));

trunk/Source/WebCore/html/HTMLEmbedElement.cpp

@@ -45 +45 @@
 
 inline HTMLEmbedElement::HTMLEmbedElement(const QualifiedName& tagName, Document& document, bool createdByParser)
-    : HTMLPlugInImageElement(tagName, document, createdByParser, ShouldPreferPlugInsForImages)
+    : HTMLPlugInImageElement(tagName, document, createdByParser)
 {
     ASSERT(hasTagName(embedTag));

trunk/Source/WebCore/html/HTMLObjectElement.cpp

@@ -65 +65 @@
 
 inline HTMLObjectElement::HTMLObjectElement(const QualifiedName& tagName, Document& document, HTMLFormElement* form, bool createdByParser)
-    : HTMLPlugInImageElement(tagName, document, createdByParser, ShouldNotPreferPlugInsForImages)
+    : HTMLPlugInImageElement(tagName, document, createdByParser)
     , m_docNamedItem(true)
     , m_useFallbackContent(false)
@@ -229 +229 @@
     if (url.isEmpty() && !urlParameter.isEmpty()) {
         SubframeLoader& loader = document().frame()->loader().subframeLoader();
-        if (loader.resourceWillUsePlugin(urlParameter, serviceType, shouldPreferPlugInsForImages()))
+        if (loader.resourceWillUsePlugin(urlParameter, serviceType))
             url = urlParameter;
     }

trunk/Source/WebCore/html/HTMLPlugInImageElement.cpp

@@ -100 +100 @@
 };
 
-HTMLPlugInImageElement::HTMLPlugInImageElement(const QualifiedName& tagName, Document& document, bool createdByParser, PreferPlugInsForImagesOption preferPlugInsForImagesOption)
+HTMLPlugInImageElement::HTMLPlugInImageElement(const QualifiedName& tagName, Document& document, bool createdByParser)
     : HTMLPlugInElement(tagName, document)
     // m_needsWidgetUpdate(!createdByParser) allows HTMLObjectElement to delay
@@ -107 +107 @@
     // the same codepath in this class.
     , m_needsWidgetUpdate(!createdByParser)
-    , m_shouldPreferPlugInsForImages(preferPlugInsForImagesOption == ShouldPreferPlugInsForImages)
     , m_needsDocumentActivationCallbacks(false)
     , m_simulatedMouseClickTimer(*this, &HTMLPlugInImageElement::simulatedMouseClickTimerFired, simulatedMouseClickTimerDelay)
@@ -157 +156 @@
     if (Frame* frame = document().frame()) {
         URL completedURL = document().completeURL(m_url);
-        return frame->loader().client().objectContentType(completedURL, m_serviceType, shouldPreferPlugInsForImages()) == ObjectContentImage;
+        return frame->loader().client().objectContentType(completedURL, m_serviceType) == ObjectContentImage;
     }
 
@@ -186 +185 @@
 
     FrameLoader& frameLoader = document().frame()->loader();
-    if (frameLoader.client().objectContentType(completedURL, serviceType, shouldPreferPlugInsForImages()) == ObjectContentNetscapePlugin)
+    if (frameLoader.client().objectContentType(completedURL, serviceType) == ObjectContentNetscapePlugin)
         return true;
     return false;

trunk/Source/WebCore/html/HTMLPlugInImageElement.h

@@ -62 +62 @@
     }
 
-    bool shouldPreferPlugInsForImages() const { return m_shouldPreferPlugInsForImages; }
-
     // Public for FrameView::addWidgetToUpdate()
     bool needsWidgetUpdate() const { return m_needsWidgetUpdate; }
@@ -94 +92 @@
 
 protected:
-    enum PreferPlugInsForImagesOption { ShouldPreferPlugInsForImages, ShouldNotPreferPlugInsForImages };
-    HTMLPlugInImageElement(const QualifiedName& tagName, Document&, bool createdByParser, PreferPlugInsForImagesOption);
+    HTMLPlugInImageElement(const QualifiedName& tagName, Document&, bool createdByParser);
 
     virtual void didMoveToNewDocument(Document* oldDocument) override;
@@ -143 +140 @@
     URL m_loadedUrl;
     bool m_needsWidgetUpdate;
-    bool m_shouldPreferPlugInsForImages;
     bool m_needsDocumentActivationCallbacks;
     RefPtr<MouseEvent> m_pendingClickEventFromSnapshot;

trunk/Source/WebCore/loader/EmptyClients.h

@@ -377 +377 @@
     virtual PassRefPtr<Widget> createJavaAppletWidget(const IntSize&, HTMLAppletElement*, const URL&, const Vector<String>&, const Vector<String>&) override;
 
-    virtual ObjectContentType objectContentType(const URL&, const String&, bool) override { return ObjectContentType(); }
+    virtual ObjectContentType objectContentType(const URL&, const String&) override { return ObjectContentType(); }
     virtual String overrideMediaType() const override { return String(); }
 

trunk/Source/WebCore/loader/FrameLoaderClient.h

@@ -282 +282 @@
         virtual void dispatchDidFailToStartPlugin(const PluginViewBase*) const { }
 
-        virtual ObjectContentType objectContentType(const URL&, const String& mimeType, bool shouldPreferPlugInsForImages) = 0;
+        virtual ObjectContentType objectContentType(const URL&, const String& mimeType) = 0;
         virtual String overrideMediaType() const = 0;
 

trunk/Source/WebCore/loader/SubframeLoader.cpp

@@ -95 +95 @@
 }
     
-bool SubframeLoader::resourceWillUsePlugin(const String& url, const String& mimeType, bool shouldPreferPlugInsForImages)
+bool SubframeLoader::resourceWillUsePlugin(const String& url, const String& mimeType)
 {
     URL completedURL;
@@ -102 +102 @@
 
     bool useFallback;
-    return shouldUsePlugin(completedURL, mimeType, shouldPreferPlugInsForImages, false, useFallback);
+    return shouldUsePlugin(completedURL, mimeType, false, useFallback);
 }
 
@@ -222 +222 @@
 
     bool useFallback;
-    if (shouldUsePlugin(completedURL, mimeType, ownerElement.shouldPreferPlugInsForImages(), hasFallbackContent, useFallback)) {
+    if (shouldUsePlugin(completedURL, mimeType, hasFallbackContent, useFallback)) {
         bool success = requestPlugin(ownerElement, completedURL, mimeType, paramNames, paramValues, useFallback);
         logPluginRequest(document()->page(), mimeType, completedURL, success);
@@ -368 +368 @@
 }
 
-bool SubframeLoader::shouldUsePlugin(const URL& url, const String& mimeType, bool shouldPreferPlugInsForImages, bool hasFallback, bool& useFallback)
+bool SubframeLoader::shouldUsePlugin(const URL& url, const String& mimeType, bool hasFallback, bool& useFallback)
 {
     if (m_frame.loader().client().shouldAlwaysUsePluginDocument(mimeType)) {
@@ -375 +375 @@
     }
 
-    ObjectContentType objectType = m_frame.loader().client().objectContentType(url, mimeType, shouldPreferPlugInsForImages);
+    ObjectContentType objectType = m_frame.loader().client().objectContentType(url, mimeType);
     // If an object's content can't be handled and it has no fallback, let
     // it be handled as a plugin to show the broken plugin icon.
     useFallback = objectType == ObjectContentNone && hasFallback;
+
     return objectType == ObjectContentNone || objectType == ObjectContentNetscapePlugin || objectType == ObjectContentOtherPlugin;
 }

trunk/Source/WebCore/loader/SubframeLoader.h

@@ -70 +70 @@
     bool containsPlugins() const { return m_containsPlugins; }
     
-    bool resourceWillUsePlugin(const String& url, const String& mimeType, bool shouldPreferPlugInsForImages);
+    bool resourceWillUsePlugin(const String& url, const String& mimeType);
 
 private:
@@ -78 +78 @@
     bool loadPlugin(HTMLPlugInImageElement&, const URL&, const String& mimeType, const Vector<String>& paramNames, const Vector<String>& paramValues, bool useFallback);
 
-    bool shouldUsePlugin(const URL&, const String& mimeType, bool shouldPreferPlugInsForImages, bool hasFallback, bool& useFallback);
+    bool shouldUsePlugin(const URL&, const String& mimeType, bool hasFallback, bool& useFallback);
     bool pluginIsLoadable(HTMLPlugInImageElement&, const URL&, const String& mimeType);
 

trunk/Source/WebKit/mac/ChangeLog

@@ +1 @@
+2015-10-09  Anders Carlsson  <andersca@apple.com>
+
+        Don't allow plug-ins to override image types for <embed> elements
+        https://bugs.webkit.org/show_bug.cgi?id=149979
+
+        Reviewed by Tim Horton.
+
+        * WebCoreSupport/WebFrameLoaderClient.h:
+        * WebCoreSupport/WebFrameLoaderClient.mm:
+        (WebFrameLoaderClient::objectContentType):
+
 2015-10-10  Dan Bernstein  <mitz@apple.com>
 

trunk/Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.h

@@ -214 +214 @@
         const Vector<WTF::String>& paramNames, const Vector<WTF::String>& paramValues) override;
     
-    virtual WebCore::ObjectContentType objectContentType(const WebCore::URL&, const WTF::String& mimeType, bool shouldPreferPlugInsForImages) override;
+    virtual WebCore::ObjectContentType objectContentType(const WebCore::URL&, const WTF::String& mimeType) override;
     virtual WTF::String overrideMediaType() const override;
     

trunk/Source/WebKit/mac/WebCoreSupport/WebFrameLoaderClient.mm

@@ -1652 +1652 @@
 }
 
-ObjectContentType WebFrameLoaderClient::objectContentType(const URL& url, const String& mimeType, bool shouldPreferPlugInsForImages)
+ObjectContentType WebFrameLoaderClient::objectContentType(const URL& url, const String& mimeType)
 {
     BEGIN_BLOCK_OBJC_EXCEPTIONS;
@@ -1698 +1698 @@
     
     if (MIMETypeRegistry::isSupportedImageMIMEType(type))
-        return shouldPreferPlugInsForImages && plugInType != ObjectContentNone ? plugInType : ObjectContentImage;
+        return ObjectContentImage;
 
     if (plugInType != ObjectContentNone)

trunk/Source/WebKit/win/ChangeLog

@@ +1 @@
+2015-10-09  Anders Carlsson  <andersca@apple.com>
+
+        Don't allow plug-ins to override image types for <embed> elements
+        https://bugs.webkit.org/show_bug.cgi?id=149979
+
+        Reviewed by Tim Horton.
+
+        * WebCoreSupport/WebFrameLoaderClient.cpp:
+        (WebFrameLoaderClient::objectContentType):
+        * WebCoreSupport/WebFrameLoaderClient.h:
+
 2015-10-06  Alex Christensen  <achristensen@webkit.org>
 

trunk/Source/WebKit/win/WebCoreSupport/WebFrameLoaderClient.cpp

@@ -1085 +1085 @@
 }
 
-ObjectContentType WebFrameLoaderClient::objectContentType(const URL& url, const String& mimeTypeIn, bool shouldPreferPlugInsForImages)
+ObjectContentType WebFrameLoaderClient::objectContentType(const URL& url, const String& mimeTypeIn)
 {
     String mimeType = mimeTypeIn;
@@ -1103 +1103 @@
 
     if (MIMETypeRegistry::isSupportedImageMIMEType(mimeType))
-        return shouldPreferPlugInsForImages && plugInSupportsMIMEType ? WebCore::ObjectContentNetscapePlugin : WebCore::ObjectContentImage;
+        return WebCore::ObjectContentImage;
 
     if (plugInSupportsMIMEType)

trunk/Source/WebKit/win/WebCoreSupport/WebFrameLoaderClient.h

@@ -190 +190 @@
     virtual PassRefPtr<WebCore::Widget> createJavaAppletWidget(const WebCore::IntSize&, WebCore::HTMLAppletElement*, const WebCore::URL& baseURL, const Vector<WTF::String>& paramNames, const Vector<WTF::String>& paramValues) override;
 
-    virtual WebCore::ObjectContentType objectContentType(const WebCore::URL&, const WTF::String& mimeType, bool shouldPreferPlugInsForImages) override;
+    virtual WebCore::ObjectContentType objectContentType(const WebCore::URL&, const WTF::String& mimeType) override;
     virtual WTF::String overrideMediaType() const override;
 

trunk/Source/WebKit2/ChangeLog

@@ +1 @@
+2015-10-09  Anders Carlsson  <andersca@apple.com>
+
+        Don't allow plug-ins to override image types for <embed> elements
+        https://bugs.webkit.org/show_bug.cgi?id=149979
+
+        Reviewed by Tim Horton.
+
+        * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
+        (WebKit::WebFrameLoaderClient::objectContentType):
+        * WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
+
 2015-10-12  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
 

trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp

@@ -1513 +1513 @@
 }
 
-ObjectContentType WebFrameLoaderClient::objectContentType(const URL& url, const String& mimeTypeIn, bool shouldPreferPlugInsForImages)
+ObjectContentType WebFrameLoaderClient::objectContentType(const URL& url, const String& mimeTypeIn)
 {
     // FIXME: This should be merged with WebCore::FrameLoader::defaultObjectContentType when the plugin code
@@ -1547 +1547 @@
     
     if (MIMETypeRegistry::isSupportedImageMIMEType(mimeType))
-        return shouldPreferPlugInsForImages && plugInSupportsMIMEType ? ObjectContentNetscapePlugin : ObjectContentImage;
+        return ObjectContentImage;
 
     if (plugInSupportsMIMEType)

trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.h

@@ -201 +201 @@
     virtual PassRefPtr<WebCore::Widget> createJavaAppletWidget(const WebCore::IntSize&, WebCore::HTMLAppletElement*, const WebCore::URL& baseURL, const Vector<String>& paramNames, const Vector<String>& paramValues) override;
     
-    virtual WebCore::ObjectContentType objectContentType(const WebCore::URL&, const String& mimeType, bool shouldPreferPlugInsForImages) override;
+    virtual WebCore::ObjectContentType objectContentType(const WebCore::URL&, const String& mimeType) override;
     virtual String overrideMediaType() const override;