Changeset 127749 in webkit
- Timestamp:
- Sep 6, 2012 9:49:30 AM (12 years ago)
- Location:
- trunk/Source/WebKit/gtk
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebKit/gtk/ChangeLog
r127577 r127749 1 2012-09-06 Carlos Garcia Campos <cgarcia@igalia.com> 2 3 [GTK] Add API to get/set the security policy of a given URI scheme 4 https://bugs.webkit.org/show_bug.cgi?id=95549 5 6 Reviewed by Martin Robinson. 7 8 Add WebKitSecurityPolicy enum with flags that represent the 9 security policy of a URI scheme. Add methods to get and set the 10 security policy flags for a given URI scheme. 11 12 * docs/webkitgtk-sections.txt: Add new symbols. 13 * tests/testglobals.c: 14 (test_globals_security_policy): 15 (main): 16 * webkit/webkitglobals.cpp: 17 (webkit_set_security_policy_for_uri_scheme): 18 (webkit_get_security_policy_for_uri_scheme): 19 * webkit/webkitglobals.h: 20 1 21 2012-09-05 Kaustubh Atrawalkar <kaustubh@motorola.com> 2 22 -
trunk/Source/WebKit/gtk/docs/webkitgtk-sections.txt
r124427 r127749 537 537 WebKitContextMenuAction 538 538 webkit_context_menu_item_get_action 539 <SUBSECTION SecurityPolicy> 540 WebKitSecurityPolicy 541 webkit_set_security_policy_for_uri_scheme 542 webkit_get_security_policy_for_uri_scheme 539 543 <SUBSECTION Private> 540 544 WEBKITGTK_API_VERSION -
trunk/Source/WebKit/gtk/tests/testglobals.c
r98239 r127749 46 46 } 47 47 48 static void test_globals_security_policy() 49 { 50 // Check default policy for well known schemes. 51 WebKitSecurityPolicy policy = webkit_get_security_policy_for_uri_scheme("http"); 52 guint mask = WEBKIT_SECURITY_POLICY_CORS_ENABLED; 53 g_assert_cmpuint(policy & mask, ==, mask); 54 55 policy = webkit_get_security_policy_for_uri_scheme("https"); 56 mask = WEBKIT_SECURITY_POLICY_SECURE | WEBKIT_SECURITY_POLICY_CORS_ENABLED; 57 g_assert_cmpuint(policy & mask, ==, mask); 58 59 policy = webkit_get_security_policy_for_uri_scheme("file"); 60 mask = WEBKIT_SECURITY_POLICY_LOCAL; 61 g_assert_cmpuint(policy & mask, ==, mask); 62 63 policy = webkit_get_security_policy_for_uri_scheme("data"); 64 mask = WEBKIT_SECURITY_POLICY_NO_ACCESS_TO_OTHER_SCHEME | WEBKIT_SECURITY_POLICY_SECURE; 65 g_assert_cmpuint(policy & mask, ==, mask); 66 67 policy = webkit_get_security_policy_for_uri_scheme("about"); 68 mask = WEBKIT_SECURITY_POLICY_NO_ACCESS_TO_OTHER_SCHEME | WEBKIT_SECURITY_POLICY_SECURE | WEBKIT_SECURITY_POLICY_EMPTY_DOCUMENT; 69 g_assert_cmpuint(policy & mask, ==, mask); 70 71 // Custom scheme. 72 policy = webkit_get_security_policy_for_uri_scheme("foo"); 73 g_assert(!policy); 74 75 policy |= WEBKIT_SECURITY_POLICY_LOCAL; 76 webkit_set_security_policy_for_uri_scheme("foo", policy); 77 g_assert_cmpuint(webkit_get_security_policy_for_uri_scheme("foo"), ==, policy); 78 79 policy |= WEBKIT_SECURITY_POLICY_NO_ACCESS_TO_OTHER_SCHEME; 80 webkit_set_security_policy_for_uri_scheme("foo", policy); 81 g_assert_cmpuint(webkit_get_security_policy_for_uri_scheme("foo"), ==, policy); 82 83 policy |= WEBKIT_SECURITY_POLICY_DISPLAY_ISOLATED; 84 webkit_set_security_policy_for_uri_scheme("foo", policy); 85 g_assert_cmpuint(webkit_get_security_policy_for_uri_scheme("foo"), ==, policy); 86 87 policy |= WEBKIT_SECURITY_POLICY_SECURE; 88 webkit_set_security_policy_for_uri_scheme("foo", policy); 89 g_assert_cmpuint(webkit_get_security_policy_for_uri_scheme("foo"), ==, policy); 90 91 policy |= WEBKIT_SECURITY_POLICY_CORS_ENABLED; 92 webkit_set_security_policy_for_uri_scheme("foo", policy); 93 g_assert_cmpuint(webkit_get_security_policy_for_uri_scheme("foo"), ==, policy); 94 95 policy |= WEBKIT_SECURITY_POLICY_EMPTY_DOCUMENT; 96 webkit_set_security_policy_for_uri_scheme("foo", policy); 97 g_assert_cmpuint(webkit_get_security_policy_for_uri_scheme("foo"), ==, policy); 98 } 99 48 100 int main(int argc, char** argv) 49 101 { … … 53 105 g_test_add_func("/webkit/globals/default_session", 54 106 test_globals_default_session); 107 g_test_add_func("/webkit/globals/security-policy", 108 test_globals_security_policy); 55 109 return g_test_run(); 56 110 } -
trunk/Source/WebKit/gtk/webkit/webkitglobals.cpp
r125258 r127749 41 41 #include "ResourceHandleInternal.h" 42 42 #include "ResourceResponse.h" 43 #include "SchemeRegistry.h" 43 44 #include "webkitapplicationcache.h" 44 45 #include "webkitfavicondatabase.h" … … 492 493 } 493 494 495 /** 496 * webkit_set_security_policy_for_uri_scheme: 497 * @scheme: a URI scheme 498 * @policy: a #WebKitSecurityPolicy 499 * 500 * Set the security policy for the given URI scheme. 501 * 502 * Since: 2.0 503 */ 504 void webkit_set_security_policy_for_uri_scheme(const char *scheme, WebKitSecurityPolicy policy) 505 { 506 g_return_if_fail(scheme); 507 508 if (!policy) 509 return; 510 511 String urlScheme = String::fromUTF8(scheme); 512 513 if (policy & WEBKIT_SECURITY_POLICY_LOCAL) 514 SchemeRegistry::registerURLSchemeAsLocal(urlScheme); 515 if (policy & WEBKIT_SECURITY_POLICY_NO_ACCESS_TO_OTHER_SCHEME) 516 SchemeRegistry::registerURLSchemeAsNoAccess(urlScheme); 517 if (policy & WEBKIT_SECURITY_POLICY_DISPLAY_ISOLATED) 518 SchemeRegistry::registerURLSchemeAsDisplayIsolated(urlScheme); 519 if (policy & WEBKIT_SECURITY_POLICY_SECURE) 520 SchemeRegistry::registerURLSchemeAsSecure(urlScheme); 521 if (policy & WEBKIT_SECURITY_POLICY_CORS_ENABLED) 522 SchemeRegistry::registerURLSchemeAsCORSEnabled(urlScheme); 523 if (policy & WEBKIT_SECURITY_POLICY_EMPTY_DOCUMENT) 524 SchemeRegistry::registerURLSchemeAsEmptyDocument(urlScheme); 525 } 526 527 /** 528 * webkit_get_security_policy_for_uri_scheme: 529 * @scheme: a URI scheme 530 * 531 * Get the security policy for the given URI scheme. 532 * 533 * Returns: a #WebKitSecurityPolicy 534 * 535 * Since: 2.0 536 */ 537 WebKitSecurityPolicy webkit_get_security_policy_for_uri_scheme(const char *scheme) 538 { 539 g_return_val_if_fail(scheme, static_cast<WebKitSecurityPolicy>(0)); 540 541 guint policy = 0; 542 String urlScheme = String::fromUTF8(scheme); 543 544 if (SchemeRegistry::shouldTreatURLSchemeAsLocal(urlScheme)) 545 policy |= WEBKIT_SECURITY_POLICY_LOCAL; 546 if (SchemeRegistry::shouldTreatURLSchemeAsNoAccess(urlScheme)) 547 policy |= WEBKIT_SECURITY_POLICY_NO_ACCESS_TO_OTHER_SCHEME; 548 if (SchemeRegistry::shouldTreatURLSchemeAsDisplayIsolated(urlScheme)) 549 policy |= WEBKIT_SECURITY_POLICY_DISPLAY_ISOLATED; 550 if (SchemeRegistry::shouldTreatURLSchemeAsSecure(urlScheme)) 551 policy |= WEBKIT_SECURITY_POLICY_SECURE; 552 if (SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(urlScheme)) 553 policy |= WEBKIT_SECURITY_POLICY_CORS_ENABLED; 554 if (SchemeRegistry::shouldLoadURLSchemeAsEmptyDocument(urlScheme)) 555 policy |= WEBKIT_SECURITY_POLICY_EMPTY_DOCUMENT; 556 557 return static_cast<WebKitSecurityPolicy>(policy); 558 } 559 494 560 void webkitInit() 495 561 { -
trunk/Source/WebKit/gtk/webkit/webkitglobals.h
r111847 r127749 143 143 } WebKitContextMenuAction; 144 144 145 /** 146 * WebKitSecurityPolicy: 147 * @WEBKIT_SECURITY_POLICY_LOCAL: Local URI scheme, other non-local pages 148 * cannot link to or access URIs of this scheme. 149 * @WEBKIT_SECURITY_POLICY_NO_ACCESS_TO_OTHER_SCHEME: Pages loaded with this URI scheme 150 * cannot access pages loaded with any other URI scheme. 151 * @WEBKIT_SECURITY_POLICY_DISPLAY_ISOLATED: Pages cannot display these URIs 152 * unless they are from the same scheme. 153 * @WEBKIT_SECURITY_POLICY_SECURE: Secure URI scheme, doesn't generate mixed 154 * content warnings when included by an HTTPS page. 155 * @WEBKIT_SECURITY_POLICY_CORS_ENABLED: URI scheme that can be sent 156 * CORS (Cross-origin resource sharing) requests. See W3C CORS specification 157 * http://www.w3.org/TR/cors/. 158 * @WEBKIT_SECURITY_POLICY_EMPTY_DOCUMENT: Strictly empty documents allowed 159 * to commit synchronously. 160 * 161 * Flags used to represent the security policy of a URI scheme. 162 * 163 * Since: 2.0 164 */ 165 typedef enum { 166 WEBKIT_SECURITY_POLICY_LOCAL = 1 << 1, 167 WEBKIT_SECURITY_POLICY_NO_ACCESS_TO_OTHER_SCHEME = 1 << 2, 168 WEBKIT_SECURITY_POLICY_DISPLAY_ISOLATED = 1 << 3, 169 WEBKIT_SECURITY_POLICY_SECURE = 1 << 4, 170 WEBKIT_SECURITY_POLICY_CORS_ENABLED = 1 << 5, 171 WEBKIT_SECURITY_POLICY_EMPTY_DOCUMENT = 1 << 6 172 } WebKitSecurityPolicy; 173 145 174 WEBKIT_API SoupSession* 146 175 webkit_get_default_session (void); … … 172 201 webkit_context_menu_item_get_action (GtkMenuItem* item); 173 202 203 WEBKIT_API void 204 webkit_set_security_policy_for_uri_scheme (const gchar *scheme, 205 WebKitSecurityPolicy policy); 206 207 WEBKIT_API WebKitSecurityPolicy 208 webkit_get_security_policy_for_uri_scheme (const gchar *scheme); 209 174 210 G_END_DECLS 175 211
Note: See TracChangeset
for help on using the changeset viewer.