Changeset 116608 in webkit
- Timestamp:
- May 9, 2012 10:31:29 PM (12 years ago)
- Location:
- trunk/Source
- Files:
-
- 1 added
- 9 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r116601 r116608 1 2012-05-09 Charlie Reis <creis@chromium.org> 2 3 Add dispatchMessageEventWithOriginCheck to DOMWindow 4 https://bugs.webkit.org/show_bug.cgi?id=85815 5 6 Reviewed by Adam Barth. 7 8 Useful for ports that support cross-process postMessage. 9 No new tests, since covered by existing postMessage tests. 10 11 * page/DOMWindow.cpp: 12 (WebCore::DOMWindow::postMessageTimerFired): 13 (WebCore): 14 (WebCore::DOMWindow::dispatchMessageEventWithOriginCheck): 15 * page/DOMWindow.h: 16 (WebCore): 17 (DOMWindow): 18 1 19 2012-05-09 Jason Liu <jason.liu@torchmobile.com.cn> 2 20 -
trunk/Source/WebCore/page/DOMWindow.cpp
r116595 r116608 867 867 return; 868 868 869 if (timer->targetOrigin()) { 869 dispatchMessageEventWithOriginCheck(timer->targetOrigin(), event, timer->stackTrace()); 870 } 871 872 void DOMWindow::dispatchMessageEventWithOriginCheck(SecurityOrigin* intendedTargetOrigin, PassRefPtr<Event> event, PassRefPtr<ScriptCallStack> stackTrace) 873 { 874 if (intendedTargetOrigin) { 870 875 // Check target origin now since the target document may have changed since the timer was scheduled. 871 if (! timer->targetOrigin()->isSameSchemeHostPort(document()->securityOrigin())) {872 String message = "Unable to post message to " + timer->targetOrigin()->toString() +876 if (!intendedTargetOrigin->isSameSchemeHostPort(document()->securityOrigin())) { 877 String message = "Unable to post message to " + intendedTargetOrigin->toString() + 873 878 ". Recipient has origin " + document()->securityOrigin()->toString() + ".\n"; 874 console()->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, message, timer->stackTrace());879 console()->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, message, stackTrace); 875 880 return; 876 881 } -
trunk/Source/WebCore/page/DOMWindow.h
r116595 r116608 55 55 class Location; 56 56 class MediaQueryList; 57 class MessageEvent; 57 58 class Navigator; 58 59 class Node; … … 62 63 class ScheduledAction; 63 64 class Screen; 65 class ScriptCallStack; 64 66 class SecurityOrigin; 65 67 class SerializedScriptValue; … … 234 236 void postMessage(PassRefPtr<SerializedScriptValue> message, MessagePort*, const String& targetOrigin, DOMWindow* source, ExceptionCode&); 235 237 void postMessageTimerFired(PassOwnPtr<PostMessageTimer>); 238 void dispatchMessageEventWithOriginCheck(SecurityOrigin* intendedTargetOrigin, PassRefPtr<Event>, PassRefPtr<ScriptCallStack>); 236 239 237 240 void scrollBy(int x, int y) const; -
trunk/Source/WebKit/chromium/ChangeLog
r116607 r116608 1 2012-05-09 Charlie Reis <creis@chromium.org> 2 3 Add dispatchMessageEventWithOriginCheck to WebFrame 4 https://bugs.webkit.org/show_bug.cgi?id=85815 5 6 Reviewed by Adam Barth. 7 8 Tested by WebFrameTest.DispatchMessageEventWithOriginCheck. 9 Also fixes source frame bug in willCheckAndDispatchMessageEvent. 10 11 * public/WebFrame.h: 12 (WebFrame): 13 * src/FrameLoaderClientImpl.cpp: 14 (WebKit::FrameLoaderClientImpl::willCheckAndDispatchMessageEvent): 15 * src/WebFrameImpl.cpp: 16 (WebKit::WebFrameImpl::checkAndDispatchMessageEvent): 17 (WebKit): 18 * src/WebFrameImpl.h: 19 (WebFrameImpl): 20 1 21 2012-05-09 Hironori Bono <hbono@chromium.org> 2 22 -
trunk/Source/WebKit/chromium/public/WebFrame.h
r116558 r116608 582 582 WebDOMEventListener*, bool useCapture) = 0; 583 583 virtual bool dispatchEvent(const WebDOMEvent&) = 0; 584 virtual void dispatchMessageEventWithOriginCheck( 585 const WebSecurityOrigin& intendedTargetOrigin, 586 const WebDOMEvent&) = 0; 584 587 585 588 -
trunk/Source/WebKit/chromium/src/FrameLoaderClientImpl.cpp
r116605 r116608 1599 1599 return false; 1600 1600 1601 WebFrame* source = 0; 1602 if (event && event->source() && event->source()->document()) 1603 source = WebFrameImpl::fromFrame(event->source()->document()->frame()); 1601 1604 return m_webFrame->client()->willCheckAndDispatchMessageEvent( 1602 m_webFrame, WebSecurityOrigin(target), WebDOMMessageEvent(event));1605 source, WebSecurityOrigin(target), WebDOMMessageEvent(event)); 1603 1606 } 1604 1607 -
trunk/Source/WebKit/chromium/src/WebFrameImpl.cpp
r116558 r116608 123 123 #include "ResourceRequest.h" 124 124 #include "SchemeRegistry.h" 125 #include "ScriptCallStack.h" 125 126 #include "ScriptController.h" 126 127 #include "ScriptSourceCode.h" … … 1894 1895 } 1895 1896 1897 void WebFrameImpl::dispatchMessageEventWithOriginCheck(const WebSecurityOrigin& intendedTargetOrigin, const WebDOMEvent& event) 1898 { 1899 ASSERT(!event.isNull()); 1900 // Pass an empty call stack, since we don't have the one from the other process. 1901 m_frame->domWindow()->dispatchMessageEventWithOriginCheck(intendedTargetOrigin.get(), event, 0); 1902 } 1903 1896 1904 WebString WebFrameImpl::contentAsText(size_t maxChars) const 1897 1905 { -
trunk/Source/WebKit/chromium/src/WebFrameImpl.h
r116558 r116608 215 215 WebDOMEventListener*, bool useCapture); 216 216 virtual bool dispatchEvent(const WebDOMEvent&); 217 virtual void dispatchMessageEventWithOriginCheck( 218 const WebSecurityOrigin& intendedTargetOrigin, 219 const WebDOMEvent&); 217 220 218 221 virtual WebString contentAsText(size_t maxChars) const; -
trunk/Source/WebKit/chromium/tests/WebFrameTest.cpp
r115206 r116608 41 41 #include "WebScriptSource.h" 42 42 #include "WebSearchableFormData.h" 43 #include "WebSecurityOrigin.h" 43 44 #include "WebSecurityPolicy.h" 44 45 #include "WebSettings.h" … … 151 152 EXPECT_NE(std::string::npos, content.find("Simulated Chromium History Page")); 152 153 EXPECT_EQ(std::string::npos, content.find("Clobbered")); 154 } 155 156 TEST_F(WebFrameTest, DispatchMessageEventWithOriginCheck) 157 { 158 registerMockedHttpURLLoad("postmessage_test.html"); 159 160 // Pass true to enable JavaScript. 161 WebView* webView = FrameTestHelpers::createWebViewAndLoad(m_baseURL + "postmessage_test.html", true); 162 163 // Send a message with the correct origin. 164 WebSecurityOrigin correctOrigin(WebSecurityOrigin::create(GURL(m_baseURL))); 165 WebDOMEvent event = webView->mainFrame()->document().createEvent("MessageEvent"); 166 WebDOMMessageEvent message = event.to<WebDOMMessageEvent>(); 167 WebSerializedScriptValue data(WebSerializedScriptValue::fromString("foo")); 168 message.initMessageEvent("message", false, false, data, "http://origin.com", 0, ""); 169 webView->mainFrame()->dispatchMessageEventWithOriginCheck(correctOrigin, message); 170 171 // Send another message with incorrect origin. 172 WebSecurityOrigin incorrectOrigin(WebSecurityOrigin::create(GURL(m_chromeURL))); 173 webView->mainFrame()->dispatchMessageEventWithOriginCheck(incorrectOrigin, message); 174 175 // Required to see any updates in contentAsText. 176 webView->layout(); 177 178 // Verify that only the first addition is in the body of the page. 179 std::string content = webView->mainFrame()->contentAsText(1024).utf8(); 180 EXPECT_NE(std::string::npos, content.find("Message 1.")); 181 EXPECT_EQ(std::string::npos, content.find("Message 2.")); 153 182 } 154 183
Note: See TracChangeset
for help on using the changeset viewer.