Changeset 141621 in webkit

Timestamp:

Feb 1, 2013 11:58:47 AM (11 years ago)

Author:

mkwst@chromium.org

Message:

Remove call to SecurityOrigin::canAccessDatabase from IDB constructor.
​https://bugs.webkit.org/show_bug.cgi?id=108477

Reviewed by Adam Barth.

Source/WebCore:

This change removes the 'SecurityOrigin::canAccessDatabase' check from
the constructor for the 'indexedDB' property on both DOMWindow and
WorkerContext. After the patch for ​http://wkbug.com/94171 this check
is redundant, as all the entry points to IDB are now gated on access
being granted.

As a side-effect, dropping the check in WorkerContextIndexedDatabase
allows us to stop holding a pointer to the ScriptExecutionContext we're
extending, which can only be a good thing.

The tests in storage/indexeddb should continue to pass.

• Modules/indexeddb/DOMWindowIndexedDatabase.cpp:

(WebCore::DOMWindowIndexedDatabase::indexedDB):

Drop the SecurityOrigin::canAccessDatabase check.

• Modules/indexeddb/WorkerContextIndexedDatabase.cpp:

(WebCore::WorkerContextIndexedDatabase::WorkerContextIndexedDatabase):
(WebCore::WorkerContextIndexedDatabase::from):

Drop the ScriptExecutionContext parameter from the class's
constructor and callsites.

(WebCore::WorkerContextIndexedDatabase::indexedDB):

Drop the SecurityOrigin::canAccessDatabase check.

• Modules/indexeddb/WorkerContextIndexedDatabase.h:

(WorkerContextIndexedDatabase):

Drop the stored pointer to ScriptExecutionContext, as we no longer
need it in ::indexedDB.

LayoutTests:

• http/tests/security/no-indexeddb-from-sandbox-expected.txt:
• http/tests/security/no-indexeddb-from-sandbox.html:

This test expected the 'webkitIndexedDB' property to be missing
entirely inside a sandbox. The expectation has been updated to
expect 'webkitIndexedDB.open()' to throw a SECURITY_ERR.

• platform/efl/TestExpectations:
• platform/mac-snowleopard/TestExpectations:
• platform/mac/TestExpectations:
• platform/qt/TestExpectations:
• platform/win/TestExpectations:
• platform/wincairo/TestExpectations:

This test was accidentally passing on a variety of platforms that
don't yet implement IndexedDB. Now that failure is distinguishable
we should skip it on a variety of platforms.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/http/tests/security/no-indexeddb-from-sandbox-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/no-indexeddb-from-sandbox.html (modified) (1 diff)
• LayoutTests/platform/efl/TestExpectations (modified) (1 diff)
• LayoutTests/platform/mac-snowleopard/TestExpectations (modified) (1 diff)
• LayoutTests/platform/mac/TestExpectations (modified) (1 diff)
• LayoutTests/platform/qt/TestExpectations (modified) (1 diff)
• LayoutTests/platform/win/TestExpectations (modified) (1 diff)
• LayoutTests/platform/wincairo/TestExpectations (modified) (1 diff)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/Modules/indexeddb/DOMWindowIndexedDatabase.cpp (modified) (1 diff)
• Source/WebCore/Modules/indexeddb/WorkerContextIndexedDatabase.cpp (modified) (3 diffs)
• Source/WebCore/Modules/indexeddb/WorkerContextIndexedDatabase.h (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2013-02-01  Mike West  <mkwst@chromium.org>
+
+        Remove call to SecurityOrigin::canAccessDatabase from IDB constructor.
+        https://bugs.webkit.org/show_bug.cgi?id=108477
+
+        Reviewed by Adam Barth.
+
+        * http/tests/security/no-indexeddb-from-sandbox-expected.txt:
+        * http/tests/security/no-indexeddb-from-sandbox.html:
+            This test expected the 'webkitIndexedDB' property to be missing
+            entirely inside a sandbox. The expectation has been updated to
+            expect 'webkitIndexedDB.open()' to throw a SECURITY_ERR.
+        * platform/efl/TestExpectations:
+        * platform/mac-snowleopard/TestExpectations:
+        * platform/mac/TestExpectations:
+        * platform/qt/TestExpectations:
+        * platform/win/TestExpectations:
+        * platform/wincairo/TestExpectations:
+            This test was accidentally passing on a variety of platforms that
+            don't yet implement IndexedDB. Now that failure is distinguishable
+            we should skip it on a variety of platforms.
+
 2013-02-01  Ryosuke Niwa  <rniwa@webkit.org>
 

trunk/LayoutTests/http/tests/security/no-indexeddb-from-sandbox-expected.txt

@@ -1 @@
-ALERT: PASS
+ALERT: PASS: db.open() threw a SECURITY_ERR!
 

trunk/LayoutTests/http/tests/security/no-indexeddb-from-sandbox.html

@@ -6 +6 @@
     src="data:text/html,
          <script>
-         var db = window.webkitIndexedDB;
-         alert(db ? 'FAIL' : 'PASS');
+             var db = window.webkitIndexedDB;
+             try {
+                 db.open('test');
+                 alert('FAIL: db.open() should throw a SECURITY_ERR in a sandbox.');
+             } catch (e) {
+                 if (e.code === DOMException.SECURITY_ERR)
+                     alert('PASS: db.open() threw a SECURITY_ERR!');
+                 else
+                     alert('FAIL: db.open() threw a ' + e.name);
+             }
          </script>"
      ></iframe>

trunk/LayoutTests/platform/efl/TestExpectations

@@ -1126 +1126 @@
 Bug(EFL) http/tests/security/cross-origin-worker-indexeddb-allowed.html
 Bug(EFL) http/tests/security/cross-origin-worker-indexeddb.html
+Bug(EFL) http/tests/security/no-indexeddb-from-sandbox.html
 
 # Quota API is not supported.

trunk/LayoutTests/platform/mac-snowleopard/TestExpectations

@@ -139 +139 @@
 http/tests/security/cross-origin-worker-indexeddb-allowed.html
 http/tests/security/cross-origin-worker-indexeddb.html
+http/tests/security/no-indexeddb-from-sandbox.html
 
 # Philip's canvas tests that fail on SnowLeopard only

trunk/LayoutTests/platform/mac/TestExpectations

@@ -140 +140 @@
 http/tests/security/cross-origin-worker-indexeddb-allowed.html
 http/tests/security/cross-origin-worker-indexeddb.html
+http/tests/security/no-indexeddb-from-sandbox.html
 
 # Remove from list after enabling CANVAS_PATH

trunk/LayoutTests/platform/qt/TestExpectations

@@ -122 +122 @@
 http/tests/security/cross-origin-worker-indexeddb-allowed.html
 http/tests/security/cross-origin-worker-indexeddb.html
+http/tests/security/no-indexeddb-from-sandbox.html
 
 inspector/timeline/timeline-animation-frame.html

trunk/LayoutTests/platform/win/TestExpectations

@@ -1101 +1101 @@
 http/tests/security/cross-origin-worker-indexeddb-allowed.html
 http/tests/security/cross-origin-worker-indexeddb.html
+http/tests/security/no-indexeddb-from-sandbox.html
 
 # StorageTracker is not enabled.

trunk/LayoutTests/platform/wincairo/TestExpectations

@@ -1623 +1623 @@
 http/tests/security/cross-origin-worker-indexeddb-allowed.html
 http/tests/security/cross-origin-worker-indexeddb.html
+http/tests/security/no-indexeddb-from-sandbox.html
 
 # StorageTracker is not enabled.

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2013-02-01  Mike West  <mkwst@chromium.org>
+
+        Remove call to SecurityOrigin::canAccessDatabase from IDB constructor.
+        https://bugs.webkit.org/show_bug.cgi?id=108477
+
+        Reviewed by Adam Barth.
+
+        This change removes the 'SecurityOrigin::canAccessDatabase' check from
+        the constructor for the 'indexedDB' property on both DOMWindow and
+        WorkerContext. After the patch for http://wkbug.com/94171 this check
+        is redundant, as all the entry points to IDB are now gated on access
+        being granted.
+
+        As a side-effect, dropping the check in WorkerContextIndexedDatabase
+        allows us to stop holding a pointer to the ScriptExecutionContext we're
+        extending, which can only be a good thing.
+
+        The tests in storage/indexeddb should continue to pass.
+
+        * Modules/indexeddb/DOMWindowIndexedDatabase.cpp:
+        (WebCore::DOMWindowIndexedDatabase::indexedDB):
+            Drop the SecurityOrigin::canAccessDatabase check.
+        * Modules/indexeddb/WorkerContextIndexedDatabase.cpp:
+        (WebCore::WorkerContextIndexedDatabase::WorkerContextIndexedDatabase):
+        (WebCore::WorkerContextIndexedDatabase::from):
+            Drop the ScriptExecutionContext parameter from the class's
+            constructor and callsites.
+        (WebCore::WorkerContextIndexedDatabase::indexedDB):
+            Drop the SecurityOrigin::canAccessDatabase check.
+        * Modules/indexeddb/WorkerContextIndexedDatabase.h:
+        (WorkerContextIndexedDatabase):
+            Drop the stored pointer to ScriptExecutionContext, as we no longer
+            need it in ::indexedDB.
+
 2013-02-01  Beth Dakin  <bdakin@apple.com>
 

trunk/Source/WebCore/Modules/indexeddb/DOMWindowIndexedDatabase.cpp

@@ -108 +108 @@
         return 0;
 
-    if (!document->securityOrigin()->canAccessDatabase())
-        return 0;
-
     if (!m_window->isCurrentlyDisplayedInFrame())
         return 0;

trunk/Source/WebCore/Modules/indexeddb/WorkerContextIndexedDatabase.cpp

@@ -39 +39 @@
 namespace WebCore {
 
-WorkerContextIndexedDatabase::WorkerContextIndexedDatabase(ScriptExecutionContext* context)
-    : m_context(context)
+WorkerContextIndexedDatabase::WorkerContextIndexedDatabase()
 {
 }
@@ -57 +56 @@
     WorkerContextIndexedDatabase* supplement = static_cast<WorkerContextIndexedDatabase*>(Supplement<ScriptExecutionContext>::from(context, supplementName()));
     if (!supplement) {
-        supplement = new WorkerContextIndexedDatabase(context);
+        supplement = new WorkerContextIndexedDatabase();
         provideTo(context, supplementName(), adoptPtr(supplement));
     }
@@ -70 +69 @@
 IDBFactory* WorkerContextIndexedDatabase::indexedDB()
 {
-    if (!m_context->securityOrigin()->canAccessDatabase())
-        return 0;
     if (!m_factoryBackend)
         m_factoryBackend = IDBFactoryBackendInterface::create();

trunk/Source/WebCore/Modules/indexeddb/WorkerContextIndexedDatabase.h

@@ -46 +46 @@
 
 private:
-    explicit WorkerContextIndexedDatabase(ScriptExecutionContext*);
+    WorkerContextIndexedDatabase();
 
     IDBFactory* indexedDB();
     static const char* supplementName();
 
-    ScriptExecutionContext* m_context;
     RefPtr<IDBFactoryBackendInterface> m_factoryBackend;
     RefPtr<IDBFactory> m_idbFactory;