Changeset 126365 in webkit
- Timestamp:
- Aug 22, 2012 3:58:59 PM (12 years ago)
- Location:
- trunk
- Files:
-
- 7 added
- 20 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r126364 r126365 1 2012-08-17 Jeffrey Pfau <jpfau@apple.com> 2 3 Allow blocking of Web SQL databases in third-party web workers 4 https://bugs.webkit.org/show_bug.cgi?id=94170 5 6 Reviewed by Adam Barth. 7 8 Created tests for accessing openDatabase from a third party and first party dedicated workers when third-party blocking is on and off. 9 10 * http/tests/security/cross-origin-worker-websql-allowed-expected.txt: Added. 11 * http/tests/security/cross-origin-worker-websql-allowed.html: Added. 12 * http/tests/security/cross-origin-worker-websql-expected.txt: Added. 13 * http/tests/security/cross-origin-worker-websql.html: Added. 14 * http/tests/security/resources/cross-origin-iframe-for-worker-websql.html: Added. 15 * http/tests/security/resources/document-for-cross-origin-worker-websql.html: Added. 16 * http/tests/security/resources/worker-for-websql.js: Added. 17 (self.onmessage): 18 1 19 2012-08-22 Anna Cavender <annacc@chromium.org> 2 20 -
trunk/Source/WebCore/ChangeLog
r126363 r126365 1 2012-08-17 Jeffrey Pfau <jpfau@apple.com> 2 3 Allow blocking of Web SQL databases in third-party web workers 4 https://bugs.webkit.org/show_bug.cgi?id=94170 5 6 Reviewed by Adam Barth. 7 8 Web workers did not previously know anything about the document that 9 spawned them. This is undefined for shared workers, but for dedicated 10 workers, we now pipe the information through. 11 12 Tests: http/tests/security/cross-origin-worker-websql-allowed.html 13 http/tests/security/cross-origin-worker-websql.html 14 15 * Modules/webdatabase/WorkerContextWebDatabase.cpp: Pass information about the top origin to canAccessDatabase 16 (WebCore::WorkerContextWebDatabase::openDatabase): 17 (WebCore::WorkerContextWebDatabase::openDatabaseSync): 18 * WebCore.exp.in: Make SecurityOrigin::isolatedCopy const 19 * page/SecurityOrigin.cpp: 20 (WebCore::SecurityOrigin::isolatedCopy): 21 (WebCore::SecurityOrigin::canAccessStorage): 22 * page/SecurityOrigin.h: 23 * workers/DedicatedWorkerContext.cpp: Pass topOrigin 24 (WebCore::DedicatedWorkerContext::create): 25 (WebCore::DedicatedWorkerContext::DedicatedWorkerContext): 26 * workers/DedicatedWorkerContext.h: 27 (DedicatedWorkerContext): 28 * workers/DedicatedWorkerThread.cpp: Pass topOrigin 29 (WebCore::DedicatedWorkerThread::create): 30 (WebCore::DedicatedWorkerThread::DedicatedWorkerThread): 31 (WebCore::DedicatedWorkerThread::createWorkerContext): 32 * workers/DedicatedWorkerThread.h: 33 (DedicatedWorkerThread): 34 * workers/SharedWorkerContext.cpp: Pass topOrigin 35 (WebCore::SharedWorkerContext::SharedWorkerContext): 36 * workers/SharedWorkerThread.cpp: 37 (WebCore::SharedWorkerThread::SharedWorkerThread): 38 (WebCore::SharedWorkerThread::createWorkerContext): 39 * workers/SharedWorkerThread.h: 40 (SharedWorkerThread): Pass topOrigin 41 * workers/WorkerContext.cpp: 42 (WebCore::WorkerContext::WorkerContext): 43 * workers/WorkerContext.h: 44 (WebCore::WorkerContext::topOrigin): 45 (WorkerContext): 46 * workers/WorkerMessagingProxy.cpp: Pass topOrigin 47 (WebCore::WorkerMessagingProxy::startWorkerContext): 48 * workers/WorkerThread.cpp: 49 (WebCore::WorkerThreadStartupData::create): 50 (WorkerThreadStartupData): 51 (WebCore::WorkerThreadStartupData::WorkerThreadStartupData): 52 (WebCore::WorkerThread::WorkerThread): 53 (WebCore::WorkerThread::workerThread): 54 * workers/WorkerThread.h: 55 (WorkerThread): 56 1 57 2012-08-22 Kentaro Hara <haraken@chromium.org> 2 58 -
trunk/Source/WebCore/Modules/webdatabase/WorkerContextWebDatabase.cpp
r112035 r126365 44 44 PassRefPtr<Database> WorkerContextWebDatabase::openDatabase(WorkerContext* context, const String& name, const String& version, const String& displayName, unsigned long estimatedSize, PassRefPtr<DatabaseCallback> creationCallback, ExceptionCode& ec) 45 45 { 46 if (!context->securityOrigin()->canAccessDatabase( ) || !AbstractDatabase::isAvailable()) {46 if (!context->securityOrigin()->canAccessDatabase(context->topOrigin()) || !AbstractDatabase::isAvailable()) { 47 47 ec = SECURITY_ERR; 48 48 return 0; … … 54 54 PassRefPtr<DatabaseSync> WorkerContextWebDatabase::openDatabaseSync(WorkerContext* context, const String& name, const String& version, const String& displayName, unsigned long estimatedSize, PassRefPtr<DatabaseCallback> creationCallback, ExceptionCode& ec) 55 55 { 56 if (!context->securityOrigin()->canAccessDatabase( ) || !AbstractDatabase::isAvailable()) {56 if (!context->securityOrigin()->canAccessDatabase(context->topOrigin()) || !AbstractDatabase::isAvailable()) { 57 57 ec = SECURITY_ERR; 58 58 return 0; -
trunk/Source/WebCore/WebCore.exp.in
r126343 r126365 294 294 __ZN7WebCore14ScrollableAreaD2Ev 295 295 __ZN7WebCore14ScrollbarTheme5themeEv 296 __ZN7WebCore14SecurityOrigin12isolatedCopyEv297 296 __ZN7WebCore14SecurityOrigin16createFromStringERKN3WTF6StringE 298 297 __ZN7WebCore14SecurityOrigin28createFromDatabaseIdentifierERKN3WTF6StringE … … 1175 1174 __ZNK7WebCore14SecurityOrigin10canDisplayERKNS_4KURLE 1176 1175 __ZNK7WebCore14SecurityOrigin11toRawStringEv 1176 __ZNK7WebCore14SecurityOrigin12isolatedCopyEv 1177 1177 __ZNK7WebCore14SecurityOrigin18databaseIdentifierEv 1178 1178 __ZNK7WebCore14SecurityOrigin5equalEPKS0_ -
trunk/Source/WebCore/page/SecurityOrigin.cpp
r125736 r126365 216 216 } 217 217 218 PassRefPtr<SecurityOrigin> SecurityOrigin::isolatedCopy() 218 PassRefPtr<SecurityOrigin> SecurityOrigin::isolatedCopy() const 219 219 { 220 220 return adoptRef(new SecurityOrigin(this)); … … 401 401 return true; 402 402 403 if ( m_blockThirdPartyStorage&& topOrigin->isThirdParty(this))403 if ((m_blockThirdPartyStorage || topOrigin->m_blockThirdPartyStorage) && topOrigin->isThirdParty(this)) 404 404 return false; 405 405 -
trunk/Source/WebCore/page/SecurityOrigin.h
r125736 r126365 55 55 // Create a deep copy of this SecurityOrigin. This method is useful 56 56 // when marshalling a SecurityOrigin to another thread. 57 PassRefPtr<SecurityOrigin> isolatedCopy() ;57 PassRefPtr<SecurityOrigin> isolatedCopy() const; 58 58 59 59 // Set the domain property of this security origin to newDomain. This -
trunk/Source/WebCore/workers/DedicatedWorkerContext.cpp
r125120 r126365 43 43 44 44 // static 45 PassRefPtr<DedicatedWorkerContext> DedicatedWorkerContext::create(const KURL& url, const String& userAgent, PassOwnPtr<GroupSettings> settings, DedicatedWorkerThread* thread, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType )45 PassRefPtr<DedicatedWorkerContext> DedicatedWorkerContext::create(const KURL& url, const String& userAgent, PassOwnPtr<GroupSettings> settings, DedicatedWorkerThread* thread, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType, PassRefPtr<SecurityOrigin> topOrigin) 46 46 { 47 RefPtr<DedicatedWorkerContext> context = adoptRef(new DedicatedWorkerContext(url, userAgent, settings, thread ));47 RefPtr<DedicatedWorkerContext> context = adoptRef(new DedicatedWorkerContext(url, userAgent, settings, thread, topOrigin)); 48 48 context->applyContentSecurityPolicyFromString(contentSecurityPolicy, contentSecurityPolicyType); 49 49 return context.release(); 50 50 } 51 51 52 DedicatedWorkerContext::DedicatedWorkerContext(const KURL& url, const String& userAgent, PassOwnPtr<GroupSettings> settings, DedicatedWorkerThread* thread )53 : WorkerContext(url, userAgent, settings, thread )52 DedicatedWorkerContext::DedicatedWorkerContext(const KURL& url, const String& userAgent, PassOwnPtr<GroupSettings> settings, DedicatedWorkerThread* thread, PassRefPtr<SecurityOrigin> topOrigin) 53 : WorkerContext(url, userAgent, settings, thread, topOrigin) 54 54 { 55 55 } -
trunk/Source/WebCore/workers/DedicatedWorkerContext.h
r125120 r126365 45 45 public: 46 46 typedef WorkerContext Base; 47 static PassRefPtr<DedicatedWorkerContext> create(const KURL&, const String& userAgent, PassOwnPtr<GroupSettings>, DedicatedWorkerThread*, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType );47 static PassRefPtr<DedicatedWorkerContext> create(const KURL&, const String& userAgent, PassOwnPtr<GroupSettings>, DedicatedWorkerThread*, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType, PassRefPtr<SecurityOrigin> topOrigin); 48 48 49 49 virtual bool isDedicatedWorkerContext() const { return true; } … … 64 64 DedicatedWorkerThread* thread(); 65 65 private: 66 DedicatedWorkerContext(const KURL&, const String& userAgent, PassOwnPtr<GroupSettings>, DedicatedWorkerThread* );66 DedicatedWorkerContext(const KURL&, const String& userAgent, PassOwnPtr<GroupSettings>, DedicatedWorkerThread*, PassRefPtr<SecurityOrigin> topOrigin); 67 67 }; 68 68 -
trunk/Source/WebCore/workers/DedicatedWorkerThread.cpp
r122463 r126365 40 40 namespace WebCore { 41 41 42 PassRefPtr<DedicatedWorkerThread> DedicatedWorkerThread::create(const KURL& scriptURL, const String& userAgent, const GroupSettings* settings, const String& sourceCode, WorkerLoaderProxy& workerLoaderProxy, WorkerObjectProxy& workerObjectProxy, WorkerThreadStartMode startMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType )42 PassRefPtr<DedicatedWorkerThread> DedicatedWorkerThread::create(const KURL& scriptURL, const String& userAgent, const GroupSettings* settings, const String& sourceCode, WorkerLoaderProxy& workerLoaderProxy, WorkerObjectProxy& workerObjectProxy, WorkerThreadStartMode startMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType, const SecurityOrigin* topOrigin) 43 43 { 44 return adoptRef(new DedicatedWorkerThread(scriptURL, userAgent, settings, sourceCode, workerLoaderProxy, workerObjectProxy, startMode, contentSecurityPolicy, contentSecurityPolicyType ));44 return adoptRef(new DedicatedWorkerThread(scriptURL, userAgent, settings, sourceCode, workerLoaderProxy, workerObjectProxy, startMode, contentSecurityPolicy, contentSecurityPolicyType, topOrigin)); 45 45 } 46 46 47 DedicatedWorkerThread::DedicatedWorkerThread(const KURL& url, const String& userAgent, const GroupSettings* settings, const String& sourceCode, WorkerLoaderProxy& workerLoaderProxy, WorkerObjectProxy& workerObjectProxy, WorkerThreadStartMode startMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType )48 : WorkerThread(url, userAgent, settings, sourceCode, workerLoaderProxy, workerObjectProxy, startMode, contentSecurityPolicy, contentSecurityPolicyType )47 DedicatedWorkerThread::DedicatedWorkerThread(const KURL& url, const String& userAgent, const GroupSettings* settings, const String& sourceCode, WorkerLoaderProxy& workerLoaderProxy, WorkerObjectProxy& workerObjectProxy, WorkerThreadStartMode startMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType, const SecurityOrigin* topOrigin) 48 : WorkerThread(url, userAgent, settings, sourceCode, workerLoaderProxy, workerObjectProxy, startMode, contentSecurityPolicy, contentSecurityPolicyType, topOrigin) 49 49 , m_workerObjectProxy(workerObjectProxy) 50 50 { … … 55 55 } 56 56 57 PassRefPtr<WorkerContext> DedicatedWorkerThread::createWorkerContext(const KURL& url, const String& userAgent, PassOwnPtr<GroupSettings> settings, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType )57 PassRefPtr<WorkerContext> DedicatedWorkerThread::createWorkerContext(const KURL& url, const String& userAgent, PassOwnPtr<GroupSettings> settings, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType, PassRefPtr<SecurityOrigin> topOrigin) 58 58 { 59 return DedicatedWorkerContext::create(url, userAgent, settings, this, contentSecurityPolicy, contentSecurityPolicyType );59 return DedicatedWorkerContext::create(url, userAgent, settings, this, contentSecurityPolicy, contentSecurityPolicyType, topOrigin); 60 60 } 61 61 -
trunk/Source/WebCore/workers/DedicatedWorkerThread.h
r122463 r126365 42 42 class DedicatedWorkerThread : public WorkerThread { 43 43 public: 44 static PassRefPtr<DedicatedWorkerThread> create(const KURL& scriptURL, const String& userAgent, const GroupSettings*, const String& sourceCode, WorkerLoaderProxy&, WorkerObjectProxy&, WorkerThreadStartMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType );44 static PassRefPtr<DedicatedWorkerThread> create(const KURL& scriptURL, const String& userAgent, const GroupSettings*, const String& sourceCode, WorkerLoaderProxy&, WorkerObjectProxy&, WorkerThreadStartMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType, const SecurityOrigin* topOrigin); 45 45 WorkerObjectProxy& workerObjectProxy() const { return m_workerObjectProxy; } 46 46 ~DedicatedWorkerThread(); 47 47 48 48 protected: 49 virtual PassRefPtr<WorkerContext> createWorkerContext(const KURL&, const String& userAgent, PassOwnPtr<GroupSettings>, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType );49 virtual PassRefPtr<WorkerContext> createWorkerContext(const KURL&, const String& userAgent, PassOwnPtr<GroupSettings>, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType, PassRefPtr<SecurityOrigin> topOrigin); 50 50 virtual void runEventLoop(); 51 51 52 52 private: 53 DedicatedWorkerThread(const KURL&, const String& userAgent, const GroupSettings*, const String& sourceCode, WorkerLoaderProxy&, WorkerObjectProxy&, WorkerThreadStartMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType );53 DedicatedWorkerThread(const KURL&, const String& userAgent, const GroupSettings*, const String& sourceCode, WorkerLoaderProxy&, WorkerObjectProxy&, WorkerThreadStartMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType, const SecurityOrigin* topOrigin); 54 54 55 55 WorkerObjectProxy& m_workerObjectProxy; -
trunk/Source/WebCore/workers/SharedWorkerContext.cpp
r125120 r126365 60 60 61 61 SharedWorkerContext::SharedWorkerContext(const String& name, const KURL& url, const String& userAgent, PassOwnPtr<GroupSettings> settings, SharedWorkerThread* thread) 62 : WorkerContext(url, userAgent, settings, thread )62 : WorkerContext(url, userAgent, settings, thread, 0) 63 63 , m_name(name) 64 64 { -
trunk/Source/WebCore/workers/SharedWorkerThread.cpp
r122463 r126365 45 45 46 46 SharedWorkerThread::SharedWorkerThread(const String& name, const KURL& url, const String& userAgent, const GroupSettings* settings, const String& sourceCode, WorkerLoaderProxy& workerLoaderProxy, WorkerReportingProxy& workerReportingProxy, WorkerThreadStartMode startMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType) 47 : WorkerThread(url, userAgent, settings, sourceCode, workerLoaderProxy, workerReportingProxy, startMode, contentSecurityPolicy, contentSecurityPolicyType )47 : WorkerThread(url, userAgent, settings, sourceCode, workerLoaderProxy, workerReportingProxy, startMode, contentSecurityPolicy, contentSecurityPolicyType, 0) 48 48 , m_name(name.isolatedCopy()) 49 49 { … … 54 54 } 55 55 56 PassRefPtr<WorkerContext> SharedWorkerThread::createWorkerContext(const KURL& url, const String& userAgent, PassOwnPtr<GroupSettings> settings, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType )56 PassRefPtr<WorkerContext> SharedWorkerThread::createWorkerContext(const KURL& url, const String& userAgent, PassOwnPtr<GroupSettings> settings, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType, PassRefPtr<SecurityOrigin>) 57 57 { 58 58 return SharedWorkerContext::create(m_name, url, userAgent, settings, this, contentSecurityPolicy, contentSecurityPolicyType); -
trunk/Source/WebCore/workers/SharedWorkerThread.h
r122463 r126365 44 44 45 45 protected: 46 virtual PassRefPtr<WorkerContext> createWorkerContext(const KURL&, const String& userAgent, PassOwnPtr<GroupSettings>, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType );46 virtual PassRefPtr<WorkerContext> createWorkerContext(const KURL&, const String& userAgent, PassOwnPtr<GroupSettings>, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType, PassRefPtr<SecurityOrigin> topOrigin); 47 47 48 48 private: -
trunk/Source/WebCore/workers/WorkerContext.cpp
r125120 r126365 86 86 }; 87 87 88 WorkerContext::WorkerContext(const KURL& url, const String& userAgent, PassOwnPtr<GroupSettings> settings, WorkerThread* thread )88 WorkerContext::WorkerContext(const KURL& url, const String& userAgent, PassOwnPtr<GroupSettings> settings, WorkerThread* thread, PassRefPtr<SecurityOrigin> topOrigin) 89 89 : m_url(url) 90 90 , m_userAgent(userAgent) … … 97 97 , m_closing(false) 98 98 , m_eventQueue(WorkerEventQueue::create(this)) 99 , m_topOrigin(topOrigin) 99 100 { 100 101 setSecurityOrigin(SecurityOrigin::create(url)); -
trunk/Source/WebCore/workers/WorkerContext.h
r125120 r126365 139 139 void notifyObserversOfStop(); 140 140 141 const SecurityOrigin* topOrigin() const { return m_topOrigin.get(); } 142 141 143 protected: 142 WorkerContext(const KURL&, const String& userAgent, PassOwnPtr<GroupSettings>, WorkerThread* );144 WorkerContext(const KURL&, const String& userAgent, PassOwnPtr<GroupSettings>, WorkerThread*, PassRefPtr<SecurityOrigin> topOrigin); 143 145 void applyContentSecurityPolicyFromString(const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType); 144 146 … … 184 186 185 187 OwnPtr<WorkerEventQueue> m_eventQueue; 188 189 RefPtr<SecurityOrigin> m_topOrigin; 186 190 }; 187 191 -
trunk/Source/WebCore/workers/WorkerMessagingProxy.cpp
r121742 r126365 281 281 settings = document->page()->group().groupSettings(); 282 282 RefPtr<DedicatedWorkerThread> thread = DedicatedWorkerThread::create(scriptURL, userAgent, settings, sourceCode, *this, *this, startMode, 283 m_scriptExecutionContext->contentSecurityPolicy()->deprecatedHeader(), 284 m_scriptExecutionContext->contentSecurityPolicy()->deprecatedHeaderType()); 283 document->contentSecurityPolicy()->deprecatedHeader(), 284 document->contentSecurityPolicy()->deprecatedHeaderType(), 285 document->topDocument()->securityOrigin()); 285 286 workerThreadCreated(thread); 286 287 thread->start(); -
trunk/Source/WebCore/workers/WorkerThread.cpp
r122463 r126365 72 72 WTF_MAKE_NONCOPYABLE(WorkerThreadStartupData); WTF_MAKE_FAST_ALLOCATED; 73 73 public: 74 static PassOwnPtr<WorkerThreadStartupData> create(const KURL& scriptURL, const String& userAgent, const GroupSettings* settings, const String& sourceCode, WorkerThreadStartMode startMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType )75 { 76 return adoptPtr(new WorkerThreadStartupData(scriptURL, userAgent, settings, sourceCode, startMode, contentSecurityPolicy, contentSecurityPolicyType ));74 static PassOwnPtr<WorkerThreadStartupData> create(const KURL& scriptURL, const String& userAgent, const GroupSettings* settings, const String& sourceCode, WorkerThreadStartMode startMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType, const SecurityOrigin* topOrigin) 75 { 76 return adoptPtr(new WorkerThreadStartupData(scriptURL, userAgent, settings, sourceCode, startMode, contentSecurityPolicy, contentSecurityPolicyType, topOrigin)); 77 77 } 78 78 … … 84 84 String m_contentSecurityPolicy; 85 85 ContentSecurityPolicy::HeaderType m_contentSecurityPolicyType; 86 RefPtr<SecurityOrigin> m_topOrigin; 86 87 private: 87 WorkerThreadStartupData(const KURL& scriptURL, const String& userAgent, const GroupSettings*, const String& sourceCode, WorkerThreadStartMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType );88 WorkerThreadStartupData(const KURL& scriptURL, const String& userAgent, const GroupSettings*, const String& sourceCode, WorkerThreadStartMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType, const SecurityOrigin* topOrigin); 88 89 }; 89 90 90 WorkerThreadStartupData::WorkerThreadStartupData(const KURL& scriptURL, const String& userAgent, const GroupSettings* settings, const String& sourceCode, WorkerThreadStartMode startMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType )91 WorkerThreadStartupData::WorkerThreadStartupData(const KURL& scriptURL, const String& userAgent, const GroupSettings* settings, const String& sourceCode, WorkerThreadStartMode startMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType, const SecurityOrigin* topOrigin) 91 92 : m_scriptURL(scriptURL.copy()) 92 93 , m_userAgent(userAgent.isolatedCopy()) … … 95 96 , m_contentSecurityPolicy(contentSecurityPolicy.isolatedCopy()) 96 97 , m_contentSecurityPolicyType(contentSecurityPolicyType) 98 , m_topOrigin(topOrigin ? topOrigin->isolatedCopy() : 0) 97 99 { 98 100 if (!settings) … … 105 107 } 106 108 107 WorkerThread::WorkerThread(const KURL& scriptURL, const String& userAgent, const GroupSettings* settings, const String& sourceCode, WorkerLoaderProxy& workerLoaderProxy, WorkerReportingProxy& workerReportingProxy, WorkerThreadStartMode startMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType )109 WorkerThread::WorkerThread(const KURL& scriptURL, const String& userAgent, const GroupSettings* settings, const String& sourceCode, WorkerLoaderProxy& workerLoaderProxy, WorkerReportingProxy& workerReportingProxy, WorkerThreadStartMode startMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType contentSecurityPolicyType, const SecurityOrigin* topOrigin) 108 110 : m_threadID(0) 109 111 , m_workerLoaderProxy(workerLoaderProxy) 110 112 , m_workerReportingProxy(workerReportingProxy) 111 , m_startupData(WorkerThreadStartupData::create(scriptURL, userAgent, settings, sourceCode, startMode, contentSecurityPolicy, contentSecurityPolicyType ))113 , m_startupData(WorkerThreadStartupData::create(scriptURL, userAgent, settings, sourceCode, startMode, contentSecurityPolicy, contentSecurityPolicyType, topOrigin)) 112 114 #if ENABLE(NOTIFICATIONS) || ENABLE(LEGACY_NOTIFICATIONS) 113 115 , m_notificationClient(0) … … 147 149 { 148 150 MutexLocker lock(m_threadCreationMutex); 149 m_workerContext = createWorkerContext(m_startupData->m_scriptURL, m_startupData->m_userAgent, m_startupData->m_groupSettings.release(), m_startupData->m_contentSecurityPolicy, m_startupData->m_contentSecurityPolicyType );151 m_workerContext = createWorkerContext(m_startupData->m_scriptURL, m_startupData->m_userAgent, m_startupData->m_groupSettings.release(), m_startupData->m_contentSecurityPolicy, m_startupData->m_contentSecurityPolicyType, m_startupData->m_topOrigin.release()); 150 152 151 153 if (m_runLoop.terminated()) { -
trunk/Source/WebCore/workers/WorkerThread.h
r122463 r126365 32 32 #include "ContentSecurityPolicy.h" 33 33 #include "GroupSettings.h" 34 #include "SecurityOrigin.h" 34 35 #include "WorkerRunLoop.h" 35 36 #include <wtf/Forward.h> … … 70 71 71 72 protected: 72 WorkerThread(const KURL&, const String& userAgent, const GroupSettings*, const String& sourceCode, WorkerLoaderProxy&, WorkerReportingProxy&, WorkerThreadStartMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType );73 WorkerThread(const KURL&, const String& userAgent, const GroupSettings*, const String& sourceCode, WorkerLoaderProxy&, WorkerReportingProxy&, WorkerThreadStartMode, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType, const SecurityOrigin* topOrigin); 73 74 74 75 // Factory method for creating a new worker context for the thread. 75 virtual PassRefPtr<WorkerContext> createWorkerContext(const KURL&, const String& userAgent, PassOwnPtr<GroupSettings>, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType ) = 0;76 virtual PassRefPtr<WorkerContext> createWorkerContext(const KURL&, const String& userAgent, PassOwnPtr<GroupSettings>, const String& contentSecurityPolicy, ContentSecurityPolicy::HeaderType, PassRefPtr<SecurityOrigin> topOrigin) = 0; 76 77 77 78 // Executes the event loop for the worker thread. Derived classes can override to perform actions before/after entering the event loop. -
trunk/Source/WebKit/chromium/ChangeLog
r126363 r126365 1 2012-08-17 Jeffrey Pfau <jpfau@apple.com> 2 3 Allow blocking of Web SQL databases in third-party web workers 4 https://bugs.webkit.org/show_bug.cgi?id=94170 5 6 Reviewed by Adam Barth. 7 8 Web workers did not previously know anything about the document that 9 spawned them. This is undefined for shared workers, but for dedicated 10 workers, we now pipe the information through. 11 12 13 * src/WebWorkerClientImpl.cpp: 14 (WebKit::WebWorkerClientImpl::startWorkerContext): Pass top document's origin 15 1 16 2012-08-22 Kentaro Hara <haraken@chromium.org> 2 17 -
trunk/Source/WebKit/chromium/src/WebWorkerClientImpl.cpp
r125108 r126365 94 94 settings = document->page()->group().groupSettings(); 95 95 RefPtr<DedicatedWorkerThread> thread = DedicatedWorkerThread::create(scriptURL, userAgent, settings, sourceCode, *this, *this, startMode, 96 m_scriptExecutionContext->contentSecurityPolicy()->deprecatedHeader(), 97 m_scriptExecutionContext->contentSecurityPolicy()->deprecatedHeaderType()); 96 document->contentSecurityPolicy()->deprecatedHeader(), 97 document->contentSecurityPolicy()->deprecatedHeaderType(), 98 document->topDocument()->securityOrigin()); 98 99 m_proxy->workerThreadCreated(thread); 99 100 thread->start();
Note: See TracChangeset
for help on using the changeset viewer.