Context Navigation

← Previous Changeset
Next Changeset →

Changeset 34532 in webkit

Timestamp:

Jun 13, 2008 10:39:55 PM (16 years ago)

Author:

abarth@webkit.org

Message:

2008-06-13 Adam Barth <abarth@webkit.org>

Reviewed by Darin Adler.

Fixes <https://bugs.webkit.org/show_bug.cgi?id=15100>:

XMLHttpRequest::urlMatchesDocumentDomain raises error if port
information does not match exactly

Refactor our security check for XMLHttpRequest into SecurityOrigin so
we can reuse it in other places. This leverages our default port
technology in SecurityOrigin.

I wasn't sure how to write a test for this because the LayoutTests run
on non-default ports.

platform/SecurityOrigin.cpp: (WebCore::SecurityOrigin::canRequest):
platform/SecurityOrigin.h:
xml/XMLHttpRequest.cpp: (WebCore::XMLHttpRequest::send): (WebCore::XMLHttpRequest::willSendRequest):
xml/XMLHttpRequest.h:

Location:

trunk/WebCore

Files:

: 5 edited

ChangeLog (modified) (1 diff)
platform/SecurityOrigin.cpp (modified) (1 diff)
platform/SecurityOrigin.h (modified) (1 diff)
xml/XMLHttpRequest.cpp (modified) (3 diffs)
xml/XMLHttpRequest.h (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/WebCore/ChangeLog

-                      r34530
+                      r34532
+-06-13  Adam Barth  <abarth@webkit.org>
+        Reviewed by Darin Adler.
+        Fixes <https://bugs.webkit.org/show_bug.cgi?id=15100>:
+          XMLHttpRequest::urlMatchesDocumentDomain raises error if port
+          information does not match exactly
+        Refactor our security check for XMLHttpRequest into SecurityOrigin so
+        we can reuse it in other places.  This leverages our default port
+        technology in SecurityOrigin.
+        I wasn't sure how to write a test for this because the LayoutTests run
+        on non-default ports.
+        * platform/SecurityOrigin.cpp:
+        (WebCore::SecurityOrigin::canRequest):
+        * platform/SecurityOrigin.h:
+        * xml/XMLHttpRequest.cpp:
+        (WebCore::XMLHttpRequest::send):
+        (WebCore::XMLHttpRequest::willSendRequest):
+        * xml/XMLHttpRequest.h:
 -06-13  Adam Barth  <abarth@webkit.org>

trunk/WebCore/platform/SecurityOrigin.cpp

-                      r34530
+                      r34532
+}
+bool SecurityOrigin::canRequest(const KURL& url) const
+{
+    if (FrameLoader::shouldTreatSchemeAsLocal(m_protocol))
+        return true;
+    if (m_noAccess)
+        return false;
+    RefPtr<SecurityOrigin> targetOrigin = SecurityOrigin::create(url);
+    // We call isSameSchemeHostPort here instead of canAccess because we want
+    // to ignore document.domain effects.
+    return isSameSchemeHostPort(targetOrigin.get());
+}
 bool SecurityOrigin::isSecureTransitionTo(const KURL& url) const
+{

trunk/WebCore/platform/SecurityOrigin.h

-                      r34530
+                      r34532
         unsigned short port() const { return m_port; }
+        // Returns true if this SecurityOrigin can script objects in the given
+        // SecurityOrigin.
         bool canAccess(const SecurityOrigin*) const;
+        // Returns true if this SecurityOrigin can read content retrieved from
+        // the given URL. For example, call this function before issuing
+        // XMLHttpRequests.
+        bool canRequest(const KURL&) const;
         bool isSecureTransitionTo(const KURL&) const;

trunk/WebCore/xml/XMLHttpRequest.cpp

-                      r34504
+                      r34532
+}
-bool XMLHttpRequest::urlMatchesDocumentDomain(const KURL& url) const
+{
-    // a local file can load anything
-    if (m_doc->isAllowedToLoadLocalResources())
-        return true;
-    // but a remote document can only load from the same port on the server
-    KURL documentURL(m_doc->url());
-    if (documentURL.protocol().lower() == url.protocol().lower()
-            && documentURL.host().lower() == url.host().lower()
-            && documentURL.port() == url.port())
-        return true;
-    return false;
+}
 void XMLHttpRequest::open(const String& method, const KURL& url, bool async, ExceptionCode& ec)
+{
 …
     m_error = false;
     m_sameOriginRequest = urlMatchesDocumentDomain(m_url);
+    m_sameOriginRequest = m_doc->securityOrigin()->canRequest(m_url);
     ResourceRequest request;
 …
+{
     // FIXME: This needs to be fixed to follow the redirect correctly even for cross-domain requests.
     if (!urlMatchesDocumentDomain(request.url()))
+    if (!m_doc->securityOrigin()->canRequest(request.url()))
         internalAbort();
+}

trunk/WebCore/xml/XMLHttpRequest.h

r34504	r34532
95	95	virtual void derefEventTarget() { deref(); }
96	96
97		~~bool urlMatchesDocumentDomain(const KURL&) const;~~
98
99	97	virtual void willSendRequest(SubresourceLoader*, ResourceRequest& request, const ResourceResponse& redirectResponse);
100	98	virtual void didReceiveResponse(SubresourceLoader*, const ResourceResponse&);

Note: See TracChangeset for help on using the changeset viewer.