Changeset 124636 in webkit
- Timestamp:
- Aug 3, 2012 12:14:10 PM (12 years ago)
- Location:
- trunk/Source
- Files:
-
- 12 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r124634 r124636 1 2012-08-03 Mike West <mkwst@chromium.org> 2 3 Blocking a plugin via CSP should result in one (and only one) console message. 4 https://bugs.webkit.org/show_bug.cgi?id=92649 5 6 Reviewed by Adam Barth. 7 8 Currently, blocking a plugin via Content Security Policy results in some 9 leakage of console log messages between tests. I'm unclear as to the 10 root cause, but the symptoms exhibited include 11 `SubframeLoader::requestPlugin` being called multiple times for a single 12 element, which in turn causes multiple console logs to be sent. These 13 messages tend to appear in the subsequent test, making the 14 `http/test/security/contentSecurityPolicy/object-src-*` set of tests 15 flakey indeed. 16 17 This patch addresses the issue by marking elements' plugins as 18 unavailable when they're blocked by CSP. No new tests have been added: 19 this patch should simply make the current tests actually pass. 20 21 * loader/SubframeLoader.cpp: 22 (WebCore::SubframeLoader::requestPlugin): 23 We check the CSP status in `SubframeLoader::loadPlugin`, which is 24 called at the end of this function. Checking CSP status in both 25 locations is redundant. 26 (WebCore::SubframeLoader::loadPlugin): 27 If the plugin is blocked by CSP, tell the element's embedded object 28 renderer that the plugin is unavailable. 29 * platform/LocalizedStrings.cpp: 30 (WebCore::blockedPluginByContentSecurityPolicyText): 31 (WebCore): 32 * platform/LocalizedStrings.h: 33 (WebCore): 34 * platform/blackberry/LocalizedStringsBlackBerry.cpp: 35 (WebCore::blockedPluginByContentSecurityPolicyText): 36 (WebCore): 37 * platform/efl/LocalizedStringsEfl.cpp: 38 (WebCore::blockedPluginByContentSecurityPolicyText): 39 (WebCore): 40 * platform/gtk/LocalizedStringsGtk.cpp: 41 (WebCore::blockedPluginByContentSecurityPolicyText): 42 (WebCore): 43 * platform/qt/LocalizedStringsQt.cpp: 44 (WebCore::blockedPluginByContentSecurityPolicyText): 45 (WebCore): 46 * rendering/RenderEmbeddedObject.cpp: 47 (WebCore::unavailablePluginReplacementText): 48 * rendering/RenderEmbeddedObject.h: 49 Return appropriate text when the plugin is blocked by CSP. 50 1 51 2012-08-03 Kentaro Hara <haraken@chromium.org> 2 52 -
trunk/Source/WebCore/loader/SubframeLoader.cpp
r124102 r124636 127 127 if (m_frame->document()->isSandboxed(SandboxPlugins)) 128 128 return false; 129 if (!m_frame->document()->contentSecurityPolicy()->allowObjectFromSource(url))130 return false;131 129 } 132 130 … … 422 420 } 423 421 424 if (!document()->contentSecurityPolicy()->allowObjectFromSource(url)) 425 return false; 422 if (!document()->contentSecurityPolicy()->allowObjectFromSource(url)) { 423 renderer->setPluginUnavailabilityReason(RenderEmbeddedObject::PluginBlockedByContentSecurityPolicy); 424 return false; 425 } 426 426 427 427 FrameLoader* frameLoader = m_frame->loader(); -
trunk/Source/WebCore/platform/LocalizedStrings.cpp
r122673 r124636 674 674 } 675 675 676 String blockedPluginByContentSecurityPolicyText() 677 { 678 return WEB_UI_STRING("Blocked Plug-in", "Label text to be used if plugin is blocked by a page's Content Security Policy"); 679 } 680 676 681 String insecurePluginVersionText() 677 682 { -
trunk/Source/WebCore/platform/LocalizedStrings.h
r116695 r124636 168 168 String missingPluginText(); 169 169 String crashedPluginText(); 170 String blockedPluginByContentSecurityPolicyText(); 170 171 String insecurePluginVersionText(); 171 172 String multipleFileUploadText(unsigned numberOfFiles); -
trunk/Source/WebCore/platform/blackberry/LocalizedStringsBlackBerry.cpp
r123950 r124636 573 573 } 574 574 575 String blockedPluginByContentSecurityPolicyText() 576 { 577 notImplemented(); 578 return String(); 579 } 580 575 581 String insecurePluginVersionText() 576 582 { -
trunk/Source/WebCore/platform/efl/LocalizedStringsEfl.cpp
r116708 r124636 561 561 } 562 562 563 String blockedPluginByContentSecurityPolicyText() 564 { 565 notImplemented(); 566 return String(); 567 } 568 563 569 String insecurePluginVersionText() 564 570 { -
trunk/Source/WebCore/platform/gtk/LocalizedStringsGtk.cpp
r116710 r124636 472 472 notImplemented(); 473 473 return String::fromUTF8(_("Plug-in Failure")); 474 } 475 476 String blockedPluginByContentSecurityPolicyText() 477 { 478 notImplemented(); 479 return String(); 474 480 } 475 481 -
trunk/Source/WebCore/platform/qt/LocalizedStringsQt.cpp
r116708 r124636 441 441 442 442 String crashedPluginText() 443 { 444 notImplemented(); 445 return String(); 446 } 447 448 String blockedPluginByContentSecurityPolicyText() 443 449 { 444 450 notImplemented(); -
trunk/Source/WebCore/rendering/RenderEmbeddedObject.cpp
r120824 r124636 110 110 case RenderEmbeddedObject::PluginCrashed: 111 111 return crashedPluginText(); 112 case RenderEmbeddedObject::PluginBlockedByContentSecurityPolicy: 113 return blockedPluginByContentSecurityPolicyText(); 112 114 case RenderEmbeddedObject::InsecurePluginVersion: 113 115 return insecurePluginVersionText(); -
trunk/Source/WebCore/rendering/RenderEmbeddedObject.h
r123811 r124636 40 40 PluginMissing, 41 41 PluginCrashed, 42 PluginBlockedByContentSecurityPolicy, 42 43 InsecurePluginVersion 43 44 }; -
trunk/Source/WebKit/chromium/ChangeLog
r124632 r124636 1 2012-08-03 Mike West <mkwst@chromium.org> 2 3 Blocking a plugin via CSP should result in one (and only one) console message. 4 https://bugs.webkit.org/show_bug.cgi?id=92649 5 6 Reviewed by Adam Barth. 7 8 * src/LocalizedStrings.cpp: 9 (WebCore::blockedPluginByContentSecurityPolicyText): 10 (WebCore): 11 Adding a stub for the newly added string. 12 1 13 2012-08-03 Oli Lan <olilan@chromium.org> 2 14 -
trunk/Source/WebKit/chromium/src/LocalizedStrings.cpp
r118384 r124636 214 214 notImplemented(); 215 215 return String("Plug-in Failure"); 216 } 217 218 String blockedPluginByContentSecurityPolicyText() 219 { 220 notImplemented(); 221 return String(); 216 222 } 217 223
Note: See TracChangeset
for help on using the changeset viewer.