Changeset 251887 in webkit
- Timestamp:
- Oct 31, 2019 3:40:16 PM (5 years ago)
- Location:
- trunk/Source
- Files:
-
- 13 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r251877 r251887 1 2019-10-31 Russell Epstein <repstein@apple.com> 2 3 Unreviewed, rolling out r251861. 4 5 Caused 50+ Layout Test Crashes 6 7 Reverted changeset: 8 9 "Use SecurityOriginData in NetworkProcess where possible 10 without other changes" 11 https://bugs.webkit.org/show_bug.cgi?id=203615 12 https://trac.webkit.org/changeset/251861 13 1 14 2019-10-31 Said Abou-Hallawa <sabouhallawa@apple.com> 2 15 -
trunk/Source/WebCore/page/SecurityOrigin.cpp
r251861 r251887 172 172 } 173 173 174 SecurityOrigin::SecurityOrigin(const SecurityOrigin &other)175 : m_data { other .m_data.isolatedCopy() }176 , m_domain { other .m_domain.isolatedCopy() }177 , m_filePath { other .m_filePath.isolatedCopy() }178 , m_isUnique { other .m_isUnique }179 , m_universalAccess { other .m_universalAccess }180 , m_domainWasSetInDOM { other .m_domainWasSetInDOM }181 , m_canLoadLocalResources { other .m_canLoadLocalResources }182 , m_storageBlockingPolicy { other .m_storageBlockingPolicy }183 , m_enforcesFilePathSeparation { other .m_enforcesFilePathSeparation }184 , m_needsStorageAccessFromFileURLsQuirk { other .m_needsStorageAccessFromFileURLsQuirk }185 , m_isPotentiallyTrustworthy { other .m_isPotentiallyTrustworthy }186 , m_isLocal { other .m_isLocal }174 SecurityOrigin::SecurityOrigin(const SecurityOrigin* other) 175 : m_data { other->m_data.isolatedCopy() } 176 , m_domain { other->m_domain.isolatedCopy() } 177 , m_filePath { other->m_filePath.isolatedCopy() } 178 , m_isUnique { other->m_isUnique } 179 , m_universalAccess { other->m_universalAccess } 180 , m_domainWasSetInDOM { other->m_domainWasSetInDOM } 181 , m_canLoadLocalResources { other->m_canLoadLocalResources } 182 , m_storageBlockingPolicy { other->m_storageBlockingPolicy } 183 , m_enforcesFilePathSeparation { other->m_enforcesFilePathSeparation } 184 , m_needsStorageAccessFromFileURLsQuirk { other->m_needsStorageAccessFromFileURLsQuirk } 185 , m_isPotentiallyTrustworthy { other->m_isPotentiallyTrustworthy } 186 , m_isLocal { other->m_isLocal } 187 187 { 188 188 } … … 219 219 Ref<SecurityOrigin> SecurityOrigin::isolatedCopy() const 220 220 { 221 return adoptRef(*new SecurityOrigin( *this));221 return adoptRef(*new SecurityOrigin(this)); 222 222 } 223 223 -
trunk/Source/WebCore/page/SecurityOrigin.h
r251861 r251887 222 222 SecurityOrigin(); 223 223 explicit SecurityOrigin(const URL&); 224 explicit SecurityOrigin(const SecurityOrigin &);224 explicit SecurityOrigin(const SecurityOrigin*); 225 225 226 226 // FIXME: Rename this function to something more semantic. -
trunk/Source/WebCore/page/SecurityOriginData.h
r251861 r251887 98 98 void SecurityOriginData::encode(Encoder& encoder) const 99 99 { 100 ASSERT(!isEmpty());101 100 encoder << protocol; 102 101 encoder << host; -
trunk/Source/WebCore/page/csp/ContentSecurityPolicy.cpp
r251861 r251887 509 509 } 510 510 511 bool ContentSecurityPolicy::allowFrameAncestors(const Vector< SecurityOriginData>& ancestorOrigins, const URL& url, bool overrideContentSecurityPolicy) const511 bool ContentSecurityPolicy::allowFrameAncestors(const Vector<RefPtr<SecurityOrigin>>& ancestorOrigins, const URL& url, bool overrideContentSecurityPolicy) const 512 512 { 513 513 if (overrideContentSecurityPolicy) -
trunk/Source/WebCore/page/csp/ContentSecurityPolicy.h
r251861 r251887 100 100 101 101 bool allowFrameAncestors(const Frame&, const URL&, bool overrideContentSecurityPolicy = false) const; 102 WEBCORE_EXPORT bool allowFrameAncestors(const Vector< SecurityOriginData>& ancestorOrigins, const URL&, bool overrideContentSecurityPolicy = false) const;102 WEBCORE_EXPORT bool allowFrameAncestors(const Vector<RefPtr<SecurityOrigin>>& ancestorOrigins, const URL&, bool overrideContentSecurityPolicy = false) const; 103 103 WEBCORE_EXPORT bool overridesXFrameOptions() const; 104 104 -
trunk/Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.cpp
r251861 r251887 80 80 } 81 81 82 static inline URL urlFromOrigin(const SecurityOriginData& origin)83 {84 return { URL { }, origin.toString() };85 }86 87 82 static inline bool checkFrameAncestors(ContentSecurityPolicySourceListDirective* directive, const Frame& frame) 88 83 { … … 98 93 } 99 94 100 static inline bool checkFrameAncestors(ContentSecurityPolicySourceListDirective* directive, const Vector< SecurityOriginData>& ancestorOrigins)95 static inline bool checkFrameAncestors(ContentSecurityPolicySourceListDirective* directive, const Vector<RefPtr<SecurityOrigin>>& ancestorOrigins) 101 96 { 102 97 if (!directive) … … 104 99 bool didReceiveRedirectResponse = false; 105 100 for (auto& origin : ancestorOrigins) { 106 URL originURL = urlFromOrigin( origin);101 URL originURL = urlFromOrigin(*origin); 107 102 if (!originURL.isValid() || !directive->allows(originURL, didReceiveRedirectResponse, ContentSecurityPolicySourceListDirective::ShouldAllowEmptyURLIfSourceListIsNotNone::No)) 108 103 return false; … … 264 259 } 265 260 266 const ContentSecurityPolicyDirective* ContentSecurityPolicyDirectiveList::violatedDirectiveForFrameAncestorOrigins(const Vector< SecurityOriginData>& ancestorOrigins) const261 const ContentSecurityPolicyDirective* ContentSecurityPolicyDirectiveList::violatedDirectiveForFrameAncestorOrigins(const Vector<RefPtr<SecurityOrigin>>& ancestorOrigins) const 267 262 { 268 263 if (checkFrameAncestors(m_frameAncestors.get(), ancestorOrigins)) -
trunk/Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.h
r251861 r251887 63 63 const ContentSecurityPolicyDirective* violatedDirectiveForFrame(const URL&, bool didReceiveRedirectResponse) const; 64 64 const ContentSecurityPolicyDirective* violatedDirectiveForFrameAncestor(const Frame&) const; 65 const ContentSecurityPolicyDirective* violatedDirectiveForFrameAncestorOrigins(const Vector< SecurityOriginData>&) const;65 const ContentSecurityPolicyDirective* violatedDirectiveForFrameAncestorOrigins(const Vector<RefPtr<SecurityOrigin>>&) const; 66 66 const ContentSecurityPolicyDirective* violatedDirectiveForImage(const URL&, bool didReceiveRedirectResponse) const; 67 67 #if ENABLE(APPLICATION_MANIFEST) -
trunk/Source/WebKit/ChangeLog
r251868 r251887 1 2019-10-31 Russell Epstein <repstein@apple.com> 2 3 Unreviewed, rolling out r251861. 4 5 Caused 50+ Layout Test Crashes 6 7 Reverted changeset: 8 9 "Use SecurityOriginData in NetworkProcess where possible 10 without other changes" 11 https://bugs.webkit.org/show_bug.cgi?id=203615 12 https://trac.webkit.org/changeset/251861 13 1 14 2019-10-31 Truitt Savell <tsavell@apple.com> 2 15 -
trunk/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp
r251861 r251887 93 93 encoder << *sourceOrigin; 94 94 encoder << static_cast<bool>(topOrigin); 95 if ( topOrigin)95 if (sourceOrigin) 96 96 encoder << *topOrigin; 97 97 encoder << options; -
trunk/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.h
r251861 r251887 59 59 WebCore::PreflightPolicy preflightPolicy { WebCore::PreflightPolicy::Consider }; 60 60 bool shouldEnableCrossOriginResourcePolicy { false }; 61 Vector< WebCore::SecurityOriginData> frameAncestorOrigins;61 Vector<RefPtr<WebCore::SecurityOrigin>> frameAncestorOrigins; 62 62 bool isHTTPSUpgradeEnabled { false }; 63 63 -
trunk/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp
r251861 r251887 411 411 case XFrameOptionsSameOrigin: { 412 412 auto origin = SecurityOrigin::create(url); 413 auto topFrameOrigin = m_parameters.frameAncestorOrigins.last(); 414 if (!origin->isSameSchemeHostPort(*topFrameOrigin)) 415 return true; 413 416 for (auto& ancestorOrigin : m_parameters.frameAncestorOrigins) { 414 if (!origin->isSameSchemeHostPort( ancestorOrigin.securityOrigin()))417 if (!origin->isSameSchemeHostPort(*ancestorOrigin)) 415 418 return true; 416 419 } -
trunk/Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp
r251861 r251887 337 337 338 338 if (resourceLoader.options().mode == FetchOptions::Mode::Navigate) { 339 Vector< SecurityOriginData> frameAncestorOrigins;339 Vector<RefPtr<SecurityOrigin>> frameAncestorOrigins; 340 340 for (auto* frame = resourceLoader.frame()->tree().parent(); frame; frame = frame->tree().parent()) 341 frameAncestorOrigins.append( frame->document()->securityOrigin().data());341 frameAncestorOrigins.append(makeRefPtr(frame->document()->securityOrigin())); 342 342 loadParameters.frameAncestorOrigins = WTFMove(frameAncestorOrigins); 343 343 }
Note: See TracChangeset
for help on using the changeset viewer.