Changeset 134339 in webkit


Ignore:
Timestamp:
Nov 12, 2012 6:47:43 PM (11 years ago)
Author:
commit-queue@webkit.org
Message:

Add WebCore::Setting to block displaying and/or running insecure content on secure pages
https://bugs.webkit.org/show_bug.cgi?id=58378

Patch by Josh Rickmar <jrick@devio.us> on 2012-11-12
Reviewed by Martin Robinson.

  • webkit/webkitwebsettings.cpp:

(webkit_web_settings_class_init):
(webkit_web_settings_set_property):
(webkit_web_settings_get_property):
(webkit_web_settings_copy):

  • webkit/webkitwebview.cpp:

(webkit_web_view_update_settings):
(webkit_web_view_settings_notify):

Location:
trunk/Source/WebKit/gtk
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/Source/WebKit/gtk/ChangeLog

    r133517 r134339  
     12012-11-12  Josh Rickmar  <jrick@devio.us>
     2
     3        Add WebCore::Setting to block displaying and/or running insecure content on secure pages
     4        https://bugs.webkit.org/show_bug.cgi?id=58378
     5
     6        Reviewed by Martin Robinson.
     7
     8        * webkit/webkitwebsettings.cpp:
     9        (webkit_web_settings_class_init):
     10        (webkit_web_settings_set_property):
     11        (webkit_web_settings_get_property):
     12        (webkit_web_settings_copy):
     13        * webkit/webkitwebview.cpp:
     14        (webkit_web_view_update_settings):
     15        (webkit_web_view_settings_notify):
     16
    1172012-11-05  Simon Fraser  <simon.fraser@apple.com>
    218
  • trunk/Source/WebKit/gtk/webkit/webkitwebsettings.cpp

    r129000 r134339  
    121121    PROP_MEDIA_PLAYBACK_REQUIRES_USER_GESTURE,
    122122    PROP_MEDIA_PLAYBACK_ALLOWS_INLINE,
    123     PROP_ENABLE_CSS_SHADERS
     123    PROP_ENABLE_CSS_SHADERS,
     124    PROP_ENABLE_RUNNING_OF_INSECURE_CONTENT,
     125    PROP_ENABLE_DISPLAY_OF_INSECURE_CONTENT
    124126};
    125127
     
    982984                                                         flags));
    983985
     986    /**
     987    * WebKitWebSettings:enable-display-of-insecure-content
     988    *
     989    * Whether pages loaded via HTTPS should load subresources such as
     990    * images and frames from non-HTTPS URLs.
     991    *
     992    * Since: 2.0
     993    */
     994    g_object_class_install_property(gobject_class,
     995        PROP_ENABLE_DISPLAY_OF_INSECURE_CONTENT,
     996        g_param_spec_boolean("enable-display-of-insecure-content",
     997            _("Enable display of insecure content"),
     998            _("Whether non-HTTPS resources can display on HTTPS pages."),
     999            TRUE,
     1000            flags));
     1001
     1002    /**
     1003    * WebKitWebSettings:enable-running-of-insecure-content
     1004    *
     1005    * Whether pages loaded via HTTPS should run subresources such as
     1006    * CSS, scripts, and plugins from non-HTTPS URLs.
     1007    *
     1008    * Since: 2.0
     1009    */
     1010    g_object_class_install_property(gobject_class,
     1011        PROP_ENABLE_RUNNING_OF_INSECURE_CONTENT,
     1012        g_param_spec_boolean("enable-running-of-insecure-content",
     1013            _("Enable running of insecure content"),
     1014            _("Whether non-HTTPS resources can run on HTTPS pages."),
     1015            TRUE,
     1016            flags));
    9841017}
    9851018
     
    11721205        priv->mediaPlaybackAllowsInline = g_value_get_boolean(value);
    11731206        break;
     1207    case PROP_ENABLE_DISPLAY_OF_INSECURE_CONTENT:
     1208        priv->enableDisplayOfInsecureContent = g_value_get_boolean(value);
     1209        break;
     1210    case PROP_ENABLE_RUNNING_OF_INSECURE_CONTENT:
     1211        priv->enableRunningOfInsecureContent = g_value_get_boolean(value);
     1212        break;
    11741213    default:
    11751214        G_OBJECT_WARN_INVALID_PROPERTY_ID(object, prop_id, pspec);
     
    13511390    case PROP_MEDIA_PLAYBACK_ALLOWS_INLINE:
    13521391        g_value_set_boolean(value, priv->mediaPlaybackAllowsInline);
     1392        break;
     1393    case PROP_ENABLE_DISPLAY_OF_INSECURE_CONTENT:
     1394        g_value_set_boolean(value, priv->enableDisplayOfInsecureContent);
     1395        break;
     1396    case PROP_ENABLE_RUNNING_OF_INSECURE_CONTENT:
     1397        g_value_set_boolean(value, priv->enableRunningOfInsecureContent);
    13531398        break;
    13541399    default:
  • trunk/Source/WebKit/gtk/webkit/webkitwebsettingsprivate.h

    r129000 r134339  
    8686    gboolean mediaPlaybackRequiresUserGesture;
    8787    gboolean mediaPlaybackAllowsInline;
     88    gboolean enableDisplayOfInsecureContent;
     89    gboolean enableRunningOfInsecureContent;
    8890};
    8991
  • trunk/Source/WebKit/gtk/webkit/webkitwebview.cpp

    r130867 r134339  
    34023402    coreSettings->setMediaPlaybackRequiresUserGesture(settingsPrivate->mediaPlaybackRequiresUserGesture);
    34033403    coreSettings->setMediaPlaybackAllowsInline(settingsPrivate->mediaPlaybackAllowsInline);
     3404    coreSettings->setAllowDisplayOfInsecureContent(settingsPrivate->enableDisplayOfInsecureContent);
     3405    coreSettings->setAllowRunningOfInsecureContent(settingsPrivate->enableRunningOfInsecureContent);
    34043406
    34053407#if ENABLE(SQL_DATABASE)
Note: See TracChangeset for help on using the changeset viewer.