Changeset 47388 in webkit
- Timestamp:
- Aug 17, 2009 1:43:57 PM (15 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 11 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r47348 r47388 1 2009-08-17 Aaron Boodman <aa@chromium.org> 2 3 Reviewed by Alexey Proskuryakov. 4 5 https://bugs.webkit.org/show_bug.cgi?id=28313: Combine ThreadableLoaderOptions::crossOriginRequestPolicy and 6 ThreadableLoaderOptions::crossOriginRedirectPolicy since they are always set the same way. 7 8 Also, tightened up behavior of XMLHttpRequest with cross-origin redirects and access control. We have not implemented redirects 9 for access control, so we should never redirect across origins. But in two edge cases, we were: 10 11 * Asynchronous XHR: Script on origin A requests resource from origin B. Server redirects (without sending access control 12 authorization headers) to a resource on origin A. 13 * Synchronous XHR: Script on origin A requests resource from origin B. Server redirects (without sending access control 14 authorization headers) to another resource on origin B (this time sending access control authorization headers). 15 16 * http/tests/xmlhttprequest/access-control-and-redirects-expected.txt: Added. 17 * http/tests/xmlhttprequest/access-control-and-redirects.html: Added. 18 1 19 2009-08-16 Darin Adler <darin@apple.com> 2 20 -
trunk/WebCore/ChangeLog
r47386 r47388 1 2009-08-17 Aaron Boodman <aa@chromium.org> 2 3 Reviewed by Alexey Proskuryakov. 4 5 https://bugs.webkit.org/show_bug.cgi?id=28313: Combine ThreadableLoaderOptions::crossOriginRequestPolicy and 6 ThreadableLoaderOptions::crossOriginRedirectPolicy since they are always set the same way. 7 8 Also, tightened up behavior of XMLHttpRequest with cross-origin redirects and access control. We have not implemented 9 redirects access control, so we should never redirect across origins. But in two edge cases, we were: 10 11 * Asynchronous XHR: Script on origin A requests resource from origin B. Server redirects (without sending access control 12 authorization headers) to a resource on origin A. 13 * Synchronous XHR: Script on origin A requests resource from origin B. Server redirects (without sending access control 14 authorization headers) to another resource on origin B (this time sending access control authorization headers). 15 16 Test: http/tests/xmlhttprequest/access-control-and-redirects.html 17 18 * loader/DocumentThreadableLoader.cpp: 19 (WebCore::DocumentThreadableLoader::willSendRequest): Refactor redirect checking code into shared location. 20 (WebCore::DocumentThreadableLoader::loadRequest): Ditto. 21 (WebCore::DocumentThreadableLoader::isAllowedRedirect): Ditto. 22 * loader/DocumentThreadableLoader.h: 23 * loader/ThreadableLoader.h: 24 (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Remove ThreadableLoaderOptions::crossOriginRedirectPolicy. 25 * page/EventSource.cpp: 26 (WebCore::EventSource::connect): Ditto. 27 * workers/Worker.cpp: Ditto. 28 (WebCore::Worker::Worker): Ditto. 29 * workers/WorkerContext.cpp: Ditto. 30 (WebCore::WorkerContext::importScripts): Ditto. 31 * workers/WorkerScriptLoader.cpp: 32 (WebCore::WorkerScriptLoader::loadSynchronously): Ditto. 33 (WebCore::WorkerScriptLoader::loadAsynchronously): Ditto. 34 * workers/WorkerScriptLoader.h: 35 * xml/XMLHttpRequest.cpp: 36 (WebCore::XMLHttpRequest::createRequest): Ditto. 37 1 38 2009-08-17 Adam Langley <agl@google.com> 2 39 -
trunk/WebCore/loader/DocumentThreadableLoader.cpp
r47291 r47388 170 170 ASSERT_UNUSED(loader, loader == m_loader); 171 171 172 // FIXME: This needs to be fixed to follow the redirect correctly even for cross-domain requests. 173 if (m_options.crossOriginRedirectPolicy == DenyCrossOriginRedirect && !m_document->securityOrigin()->canRequest(request.url())) { 172 if (!isAllowedRedirect(request.url())) { 174 173 RefPtr<DocumentThreadableLoader> protect(this); 175 174 m_client->didFailRedirectCheck(); … … 323 322 } 324 323 325 // FIXME: This check along with the one in willSendRequest is specific to xhr and 326 // should be made more generic. 327 if (m_sameOriginRequest && !m_document->securityOrigin()->canRequest(response.url())) { 324 // FIXME: FrameLoader::loadSynchronously() does not tell us whether a redirect happened or not, so we guess by comparing the 325 // request and response URLs. This isn't a perfect test though, since a server can serve a redirect to the same URL that was 326 // requested. 327 if (request.url() != response.url() && !isAllowedRedirect(response.url())) { 328 328 m_client->didFailRedirectCheck(); 329 329 return; … … 339 339 } 340 340 341 bool DocumentThreadableLoader::isAllowedRedirect(const KURL& url) 342 { 343 if (m_options.crossOriginRequestPolicy == AllowCrossOriginRequests) 344 return true; 345 346 // FIXME: We need to implement access control for each redirect. This will require some refactoring though, because the code 347 // that processes redirects doesn't know about access control and expects a synchronous answer from its client about whether 348 // a redirect should proceed. 349 return m_sameOriginRequest && m_document->securityOrigin()->canRequest(url); 350 } 351 341 352 } // namespace WebCore -
trunk/WebCore/loader/DocumentThreadableLoader.h
r47291 r47388 41 41 namespace WebCore { 42 42 class Document; 43 class KURL; 43 44 struct ResourceRequest; 44 45 class ThreadableLoaderClient; … … 86 87 87 88 void loadRequest(const ResourceRequest&, bool skipCanLoadCheck); 89 bool isAllowedRedirect(const KURL&); 88 90 89 91 RefPtr<SubresourceLoader> m_loader; -
trunk/WebCore/loader/ThreadableLoader.h
r47291 r47388 55 55 }; 56 56 57 enum CrossOriginRedirectPolicy {58 DenyCrossOriginRedirect,59 AllowCrossOriginRedirect60 };61 62 57 struct ThreadableLoaderOptions { 63 ThreadableLoaderOptions() : sendLoadCallbacks(false), sniffContent(false), allowCredentials(false), forcePreflight(false), crossOriginRequestPolicy(DenyCrossOriginRequests) , crossOriginRedirectPolicy(AllowCrossOriginRedirect){ }58 ThreadableLoaderOptions() : sendLoadCallbacks(false), sniffContent(false), allowCredentials(false), forcePreflight(false), crossOriginRequestPolicy(DenyCrossOriginRequests) { } 64 59 bool sendLoadCallbacks; 65 60 bool sniffContent; … … 67 62 bool forcePreflight; // If AccessControl is used, whether to force a preflight. 68 63 CrossOriginRequestPolicy crossOriginRequestPolicy; 69 CrossOriginRedirectPolicy crossOriginRedirectPolicy;70 64 }; 71 65 -
trunk/WebCore/page/EventSource.cpp
r47323 r47388 95 95 options.sniffContent = false; 96 96 options.allowCredentials = true; 97 options.crossOriginRedirectPolicy = DenyCrossOriginRedirect;98 97 99 98 m_loader = ThreadableLoader::create(scriptExecutionContext(), this, request, options); -
trunk/WebCore/workers/Worker.cpp
r46845 r47388 59 59 60 60 m_scriptLoader = new WorkerScriptLoader(); 61 m_scriptLoader->loadAsynchronously(scriptExecutionContext(), scriptURL, DenyCrossOriginRe direct, this);61 m_scriptLoader->loadAsynchronously(scriptExecutionContext(), scriptURL, DenyCrossOriginRequests, this); 62 62 setPendingActivity(this); // The worker context does not exist while loading, so we must ensure that the worker object is not collected, as well as its event listeners. 63 63 } -
trunk/WebCore/workers/WorkerContext.cpp
r47056 r47388 257 257 for (Vector<KURL>::const_iterator it = completedURLs.begin(); it != end; ++it) { 258 258 WorkerScriptLoader scriptLoader; 259 scriptLoader.loadSynchronously(scriptExecutionContext(), *it, AllowCrossOriginRe direct);259 scriptLoader.loadSynchronously(scriptExecutionContext(), *it, AllowCrossOriginRequests); 260 260 261 261 // If the fetching attempt failed, throw a NETWORK_ERR exception and abort all these steps. -
trunk/WebCore/workers/WorkerScriptLoader.cpp
r47291 r47388 51 51 } 52 52 53 void WorkerScriptLoader::loadSynchronously(ScriptExecutionContext* scriptExecutionContext, const KURL& url, CrossOriginRe directPolicy crossOriginRedirectPolicy)53 void WorkerScriptLoader::loadSynchronously(ScriptExecutionContext* scriptExecutionContext, const KURL& url, CrossOriginRequestPolicy crossOriginRequestPolicy) 54 54 { 55 55 m_url = url; … … 63 63 ThreadableLoaderOptions options; 64 64 options.allowCredentials = true; 65 options.crossOriginRequestPolicy = AllowCrossOriginRequests; 66 options.crossOriginRedirectPolicy = crossOriginRedirectPolicy; 65 options.crossOriginRequestPolicy = crossOriginRequestPolicy; 67 66 68 67 WorkerThreadableLoader::loadResourceSynchronously(static_cast<WorkerContext*>(scriptExecutionContext), *request, *this, options); 69 68 } 70 69 71 void WorkerScriptLoader::loadAsynchronously(ScriptExecutionContext* scriptExecutionContext, const KURL& url, CrossOriginRe directPolicy crossOriginRedirectPolicy, WorkerScriptLoaderClient* client)70 void WorkerScriptLoader::loadAsynchronously(ScriptExecutionContext* scriptExecutionContext, const KURL& url, CrossOriginRequestPolicy crossOriginRequestPolicy, WorkerScriptLoaderClient* client) 72 71 { 73 72 ASSERT(client); … … 81 80 ThreadableLoaderOptions options; 82 81 options.allowCredentials = true; 83 options.crossOriginRequestPolicy = AllowCrossOriginRequests; 84 options.crossOriginRedirectPolicy = crossOriginRedirectPolicy; 82 options.crossOriginRequestPolicy = crossOriginRequestPolicy; 85 83 86 84 m_threadableLoader = ThreadableLoader::create(scriptExecutionContext, this, *request, options); -
trunk/WebCore/workers/WorkerScriptLoader.h
r46570 r47388 47 47 WorkerScriptLoader(); 48 48 49 void loadSynchronously(ScriptExecutionContext*, const KURL&, CrossOriginRe directPolicy);50 void loadAsynchronously(ScriptExecutionContext*, const KURL&, CrossOriginRe directPolicy, WorkerScriptLoaderClient*);49 void loadSynchronously(ScriptExecutionContext*, const KURL&, CrossOriginRequestPolicy); 50 void loadAsynchronously(ScriptExecutionContext*, const KURL&, CrossOriginRequestPolicy, WorkerScriptLoaderClient*); 51 51 52 52 void notifyError(); -
trunk/WebCore/xml/XMLHttpRequest.cpp
r47291 r47388 499 499 options.allowCredentials = m_sameOriginRequest || m_includeCredentials; 500 500 options.crossOriginRequestPolicy = UseAccessControl; 501 options.crossOriginRedirectPolicy = DenyCrossOriginRedirect;502 501 503 502 m_exceptionCode = 0;
Note: See TracChangeset
for help on using the changeset viewer.