Changeset 49211 in webkit
- Timestamp:
- Oct 6, 2009 6:05:05 PM (15 years ago)
- Location:
- trunk
- Files:
-
- 13 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/WebCore/ChangeLog
r49210 r49211 1 2009-10-06 Adam Barth <abarth@webkit.org> 2 3 Reviewed by Eric Seidel. 4 5 Move setLocalLoadPolicy and friends to SecurityOrigin 6 https://bugs.webkit.org/show_bug.cgi?id=30110 7 8 These have more to do with security policies than with loading frames. 9 10 * WebCore.base.exp: 11 * dom/Document.cpp: 12 (WebCore::Document::initSecurityContext): 13 * loader/Cache.cpp: 14 (WebCore::Cache::requestResource): 15 * loader/FrameLoader.cpp: 16 * loader/FrameLoader.h: 17 * loader/SubresourceLoader.cpp: 18 (WebCore::SubresourceLoader::create): 19 * page/SecurityOrigin.cpp: 20 (WebCore::SecurityOrigin::setLocalLoadPolicy): 21 (WebCore::SecurityOrigin::restrictAccessToLocal): 22 (WebCore::SecurityOrigin::allowSubstituteDataAccessToLocal): 23 * page/SecurityOrigin.h: 24 (WebCore::SecurityOrigin::): 25 1 26 2009-10-06 Brian Weinstein <bweinstein@apple.com> 2 27 -
trunk/WebCore/WebCore.base.exp
r49136 r49211 165 165 __ZN7WebCore11FrameLoader17stopForUserCancelEb 166 166 __ZN7WebCore11FrameLoader18currentHistoryItemEv 167 __ZN7WebCore11FrameLoader18setLocalLoadPolicyENS0_15LocalLoadPolicyE168 167 __ZN7WebCore11FrameLoader18shouldHideReferrerERKNS_4KURLERKNS_6StringE 169 168 __ZN7WebCore11FrameLoader21loadURLIntoChildFrameERKNS_4KURLERKNS_6StringEPNS_5FrameE … … 303 302 __ZN7WebCore14ResourceLoader19setShouldBufferDataEb 304 303 __ZN7WebCore14SecurityOrigin16createFromStringERKNS_6StringE 304 __ZN7WebCore14SecurityOrigin18setLocalLoadPolicyENS0_15LocalLoadPolicyE 305 305 __ZN7WebCore14SecurityOrigin24registerURLSchemeAsLocalERKNS_6StringE 306 306 __ZN7WebCore14SecurityOrigin25whiteListAccessFromOriginERKS0_RKNS_6StringES5_b -
trunk/WebCore/dom/Document.cpp
r49043 r49211 4240 4240 ScriptExecutionContext::setSecurityOrigin(SecurityOrigin::create(url)); 4241 4241 4242 if ( FrameLoader::allowSubstituteDataAccessToLocal()) {4242 if (SecurityOrigin::allowSubstituteDataAccessToLocal()) { 4243 4243 // If this document was loaded with substituteData, then the document can 4244 4244 // load local resources. See https://bugs.webkit.org/show_bug.cgi?id=16756 -
trunk/WebCore/loader/Cache.cpp
r47907 r49211 35 35 #include "Image.h" 36 36 #include "ResourceHandle.h" 37 #include "SecurityOrigin.h" 37 38 #include <stdio.h> 38 39 #include <wtf/CurrentTime.h> … … 105 106 return 0; 106 107 107 if ( FrameLoader::restrictAccessToLocal() && !FrameLoader::canLoad(url, String(), docLoader->doc())) {108 if (SecurityOrigin::restrictAccessToLocal() && !FrameLoader::canLoad(url, String(), docLoader->doc())) { 108 109 Document* doc = docLoader->doc(); 109 110 if (doc && !requestIsPreload) -
trunk/WebCore/loader/FrameLoader.cpp
r49196 r49211 130 130 #endif 131 131 static double storedTimeOfLastCompletedLoad; 132 static FrameLoader::LocalLoadPolicy localLoadPolicy = FrameLoader::AllowLocalLoadsForLocalOnly;133 132 134 133 bool isBackForwardLoadType(FrameLoadType type) … … 1057 1056 1058 1057 m_iconLoader->startLoading(); 1059 }1060 1061 void FrameLoader::setLocalLoadPolicy(LocalLoadPolicy policy)1062 {1063 localLoadPolicy = policy;1064 }1065 1066 bool FrameLoader::restrictAccessToLocal()1067 {1068 return localLoadPolicy != FrameLoader::AllowLocalLoadsForAll;1069 }1070 1071 bool FrameLoader::allowSubstituteDataAccessToLocal()1072 {1073 return localLoadPolicy != FrameLoader::AllowLocalLoadsForLocalOnly;1074 1058 } 1075 1059 -
trunk/WebCore/loader/FrameLoader.h
r49196 r49211 315 315 void setCurrentHistoryItem(PassRefPtr<HistoryItem>); 316 316 317 enum LocalLoadPolicy {318 AllowLocalLoadsForAll, // No restriction on local loads.319 AllowLocalLoadsForLocalAndSubstituteData,320 AllowLocalLoadsForLocalOnly,321 };322 static void setLocalLoadPolicy(LocalLoadPolicy);323 static bool restrictAccessToLocal();324 static bool allowSubstituteDataAccessToLocal();325 326 317 bool committingFirstRealLoad() const { return !m_creatingInitialEmptyDocument && !m_committedFirstRealDocumentLoad; } 327 318 bool committedFirstRealDocumentLoad() const { return m_committedFirstRealDocumentLoad; } -
trunk/WebCore/loader/SubresourceLoader.cpp
r43650 r49211 34 34 #include "FrameLoader.h" 35 35 #include "ResourceHandle.h" 36 #include "SecurityOrigin.h" 36 37 #include "SubresourceLoaderClient.h" 37 38 #include <wtf/RefCountedLeakCounter.h> … … 73 74 74 75 if (!skipCanLoadCheck 75 && FrameLoader::restrictAccessToLocal()76 && SecurityOrigin::restrictAccessToLocal() 76 77 && !FrameLoader::canLoad(request.url(), String(), frame->document())) { 77 78 FrameLoader::reportLocalLoadFailed(frame, request.url().string()); -
trunk/WebCore/page/SecurityOrigin.cpp
r49160 r49211 31 31 32 32 #include "CString.h" 33 #include "FrameLoader.h"34 33 #include "KURL.h" 35 34 #include "OriginAccessEntry.h" … … 37 36 38 37 namespace WebCore { 38 39 static SecurityOrigin::LocalLoadPolicy localLoadPolicy = SecurityOrigin::AllowLocalLoadsForLocalOnly; 39 40 40 41 typedef Vector<OriginAccessEntry> OriginAccessWhiteList; … … 245 246 // the privilege can obtain the privilege by injecting script into the 246 247 // documents that have been granted the privilege. 247 ASSERT( FrameLoader::allowSubstituteDataAccessToLocal());248 ASSERT(allowSubstituteDataAccessToLocal()); 248 249 m_canLoadLocalResources = true; 249 250 } … … 371 372 } 372 373 373 // static374 374 void SecurityOrigin::registerURLSchemeAsLocal(const String& scheme) 375 375 { … … 377 377 } 378 378 379 // static380 379 void SecurityOrigin::removeURLSchemeRegisteredAsLocal(const String& scheme) 381 380 { … … 393 392 } 394 393 395 // static396 394 const URLSchemesMap& SecurityOrigin::localURLSchemes() 397 395 { … … 399 397 } 400 398 401 // static402 399 bool SecurityOrigin::shouldTreatURLAsLocal(const String& url) 403 400 { … … 420 417 } 421 418 422 // static423 419 bool SecurityOrigin::shouldTreatURLSchemeAsLocal(const String& scheme) 424 420 { … … 439 435 } 440 436 441 // static442 437 void SecurityOrigin::registerURLSchemeAsNoAccess(const String& scheme) 443 438 { … … 445 440 } 446 441 447 // static448 442 bool SecurityOrigin::shouldTreatURLSchemeAsNoAccess(const String& scheme) 449 443 { 450 444 return noAccessSchemes().contains(scheme); 445 } 446 447 void SecurityOrigin::setLocalLoadPolicy(LocalLoadPolicy policy) 448 { 449 localLoadPolicy = policy; 450 } 451 452 bool SecurityOrigin::restrictAccessToLocal() 453 { 454 return localLoadPolicy != SecurityOrigin::AllowLocalLoadsForAll; 455 } 456 457 bool SecurityOrigin::allowSubstituteDataAccessToLocal() 458 { 459 return localLoadPolicy != SecurityOrigin::AllowLocalLoadsForLocalOnly; 451 460 } 452 461 -
trunk/WebCore/page/SecurityOrigin.h
r49160 r49211 144 144 static bool shouldTreatURLSchemeAsLocal(const String&); 145 145 146 enum LocalLoadPolicy { 147 AllowLocalLoadsForAll, // No restriction on local loads. 148 AllowLocalLoadsForLocalAndSubstituteData, 149 AllowLocalLoadsForLocalOnly, 150 }; 151 static void setLocalLoadPolicy(LocalLoadPolicy); 152 static bool restrictAccessToLocal(); 153 static bool allowSubstituteDataAccessToLocal(); 154 146 155 static void registerURLSchemeAsNoAccess(const String&); 147 156 static bool shouldTreatURLSchemeAsNoAccess(const String&); -
trunk/WebKit/mac/ChangeLog
r49206 r49211 1 2009-10-06 Adam Barth <abarth@webkit.org> 2 3 Reviewed by Eric Seidel. 4 5 Move setLocalLoadPolicy and friends to SecurityOrigin 6 https://bugs.webkit.org/show_bug.cgi?id=30110 7 8 Call the new API. 9 10 * WebView/WebView.mm: 11 (-[WebView _commonInitializationWithFrameName:groupName:usesDocumentViews:]): 12 1 13 2009-10-06 Simon Fraser <simon.fraser@apple.com> 2 14 -
trunk/WebKit/mac/WebView/WebView.mm
r49149 r49211 664 664 if (!WebKitLinkedOnOrAfter(WEBKIT_FIRST_VERSION_WITH_LOCAL_RESOURCE_SECURITY_RESTRICTION)) { 665 665 // Originally, we allowed all local loads. 666 FrameLoader::setLocalLoadPolicy(FrameLoader::AllowLocalLoadsForAll);666 SecurityOrigin::setLocalLoadPolicy(SecurityOrigin::AllowLocalLoadsForAll); 667 667 } else if (!WebKitLinkedOnOrAfter(WEBKIT_FIRST_VERSION_WITH_MORE_STRICT_LOCAL_RESOURCE_SECURITY_RESTRICTION)) { 668 668 // Later, we allowed local loads for local URLs and documents loaded 669 669 // with substitute data. 670 FrameLoader::setLocalLoadPolicy(FrameLoader::AllowLocalLoadsForLocalAndSubstituteData);670 SecurityOrigin::setLocalLoadPolicy(SecurityOrigin::AllowLocalLoadsForLocalAndSubstituteData); 671 671 } 672 672 -
trunk/WebKit/qt/Api/qwebpage.cpp
r49102 r49211 272 272 WebCore::InitializeLoggingChannelsIfNecessary(); 273 273 JSC::initializeThreading(); 274 WebCore:: FrameLoader::setLocalLoadPolicy(WebCore::FrameLoader::AllowLocalLoadsForLocalAndSubstituteData);274 WebCore::SecurityOrigin::setLocalLoadPolicy(WebCore::SecurityOrigin::AllowLocalLoadsForLocalAndSubstituteData); 275 275 276 276 chromeClient = new ChromeClientQt(q); -
trunk/WebKit/qt/ChangeLog
r49200 r49211 1 2009-10-06 Adam Barth <abarth@webkit.org> 2 3 Reviewed by Eric Seidel. 4 5 Move setLocalLoadPolicy and friends to SecurityOrigin 6 https://bugs.webkit.org/show_bug.cgi?id=30110 7 8 Call the new API. 9 10 * Api/qwebpage.cpp: 11 (QWebPagePrivate::QWebPagePrivate): 12 1 13 2009-10-06 Benjamin C Meyer <bmeyer@rim.com> 2 14
Note: See TracChangeset
for help on using the changeset viewer.