Changeset 207318 in webkit
- Timestamp:
- Oct 13, 2016 6:14:05 PM (8 years ago)
- Location:
- trunk/Source/WebCore
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r207317 r207318 1 2016-10-13 Andy Estes <aestes@apple.com> 2 3 [iOS] Support Web Archive previews generated by QuickLook 4 https://bugs.webkit.org/show_bug.cgi?id=162951 5 <rdar://problem/28607920> 6 7 Reviewed by Brady Eidson. 8 9 QuickLook might generate a Web Archive preview for some resource types, but WebKit would 10 refuse to load it due to the prohibition on loading remote Web Archives. Even though the 11 original resource might be from a remote origin, the QuickLook-generated preview is a 12 trusted local resource, so allow it to be loaded. 13 14 No test possible. 15 16 * loader/DocumentLoader.cpp: 17 (WebCore::isRemoteWebArchive): Added. Moved the remote web archive check from 18 continueAfterContentPolicy() to here, and added a check for responses containing the 19 QuickLook preview protocol. 20 (WebCore::DocumentLoader::continueAfterContentPolicy): Called isRemoteWebArchive(). 21 1 22 2016-10-13 Dean Jackson <dino@apple.com> 2 23 -
trunk/Source/WebCore/loader/DocumentLoader.cpp
r206903 r207318 82 82 #endif 83 83 84 #if USE(QUICK_LOOK) 85 #include "QuickLook.h" 86 #endif 87 84 88 #define RELEASE_LOG_IF_ALLOWED(fmt, ...) RELEASE_LOG_IF(isAlwaysOnLoggingAllowed(), Network, "%p - DocumentLoader::" fmt, this, ##__VA_ARGS__) 85 89 … … 745 749 } 746 750 751 static bool isRemoteWebArchive(const DocumentLoader& documentLoader) 752 { 753 using MIMETypeHashSet = HashSet<String, ASCIICaseInsensitiveHash>; 754 static NeverDestroyed<MIMETypeHashSet> webArchiveMIMETypes { 755 MIMETypeHashSet { 756 ASCIILiteral("application/x-webarchive"), 757 ASCIILiteral("application/x-mimearchive"), 758 ASCIILiteral("multipart/related"), 759 #if PLATFORM(GTK) 760 ASCIILiteral("message/rfc822"), 761 #endif 762 } 763 }; 764 765 const ResourceResponse& response = documentLoader.response(); 766 if (!webArchiveMIMETypes.get().contains(response.mimeType())) 767 return false; 768 769 #if USE(QUICK_LOOK) 770 if (response.url().protocolIs(QLPreviewProtocol())) 771 return false; 772 #endif 773 774 return !documentLoader.substituteData().isValid() && !SchemeRegistry::shouldTreatURLSchemeAsLocal(documentLoader.request().url().protocol()); 775 } 776 747 777 void DocumentLoader::continueAfterContentPolicy(PolicyAction policy) 748 778 { … … 752 782 return; 753 783 754 URL url = m_request.url();755 const String& mimeType = m_response.mimeType();756 757 784 switch (policy) { 758 785 case PolicyUse: { 759 786 // Prevent remote web archives from loading because they can claim to be from any domain and thus avoid cross-domain security checks (4120255). 760 bool isRemoteWebArchive = (equalLettersIgnoringASCIICase(mimeType, "application/x-webarchive") 761 || equalLettersIgnoringASCIICase(mimeType, "application/x-mimearchive") 762 #if PLATFORM(GTK) 763 || equalLettersIgnoringASCIICase(mimeType, "message/rfc822") 764 #endif 765 || equalLettersIgnoringASCIICase(mimeType, "multipart/related")) 766 && !m_substituteData.isValid() && !SchemeRegistry::shouldTreatURLSchemeAsLocal(url.protocol()); 767 if (!frameLoader()->client().canShowMIMEType(mimeType) || isRemoteWebArchive) { 787 if (!frameLoader()->client().canShowMIMEType(m_response.mimeType()) || isRemoteWebArchive(*this)) { 768 788 frameLoader()->policyChecker().cannotShowMIMEType(m_response); 769 789 // Check reachedTerminalState since the load may have already been canceled inside of _handleUnimplementablePolicyWithErrorCode::.
Note: See TracChangeset
for help on using the changeset viewer.