Changeset 57537 in webkit
- Timestamp:
- Apr 13, 2010 3:23:56 PM (14 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 24 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r57535 r57537 1 2010-04-12 Timothy Hatcher <timothy@apple.com> 2 3 SecurityOrigin needs a way to remove individual OriginAccessEntries 4 https://bugs.webkit.org/show_bug.cgi?id=37449 5 6 Reviewed by Dave Hyatt. 7 8 * http/tests/xmlhttprequest/origin-whitelisting-removal-expected.txt: Added. 9 * http/tests/xmlhttprequest/origin-whitelisting-removal.html: Added. 10 * platform/gtk/Skipped: Added origin-whitelisting-removal.html. 11 * platform/qt/Skipped: Ditto. 12 1 13 2010-04-13 Timothy Hatcher <timothy@apple.com> 2 14 -
trunk/LayoutTests/platform/gtk/Skipped
r57481 r57537 5625 5625 editing/selection/5825350-2.html 5626 5626 5627 # Missing layoutTestController.removeOriginAccessWhitelistEntry() 5628 http/tests/xmlhttprequest/origin-whitelisting-removal.html 5629 5627 5630 # Need proper frame loader callbacks reporting 5628 5631 # See https://bugs.webkit.org/show_bug.cgi?id=32170 -
trunk/LayoutTests/platform/qt/Skipped
r57477 r57537 305 305 # Missing layoutTestController.evaluateScriptInIsolatedWorld() 306 306 http/tests/security/isolatedWorld 307 308 # Missing layoutTestController.removeOriginAccessWhitelistEntry() 309 http/tests/xmlhttprequest/origin-whitelisting-removal.html 307 310 308 311 # Evaluate expected results for frame loader callbacks -
trunk/WebCore/ChangeLog
r57535 r57537 1 2010-04-12 Timothy Hatcher <timothy@apple.com> 2 3 SecurityOrigin needs a way to remove individual OriginAccessEntries 4 https://bugs.webkit.org/show_bug.cgi?id=37449 5 6 Test: http/tests/xmlhttprequest/origin-whitelisting-removal.html 7 8 Reviewed by Dave Hyatt. 9 10 * WebCore.base.exp: Added SecurityOrigin::removeOriginAccessWhitelistEntry. 11 * page/OriginAccessEntry.h: 12 (WebCore::OriginAccessEntry::protocol): Added. Returns m_protocol. 13 (WebCore::OriginAccessEntry::host): Added. Returns m_host. 14 (WebCore::OriginAccessEntry::subdomainSettings): Added. Returns m_subdomainSettings. 15 (WebCore::operator==): Added. Compares OriginAccessEntry. 16 (WebCore::operator!=): Ditto. 17 * page/SecurityOrigin.cpp: 18 (WebCore::SecurityOrigin::addOriginAccessWhitelistEntry): Use the add method to prevent a 19 second hash lookup. 20 (WebCore::SecurityOrigin::removeOriginAccessWhitelistEntry): Added. Find a matching 21 OriginAccessEntry and remove it. 22 * page/SecurityOrigin.h: Added removeOriginAccessWhitelistEntry. 23 1 24 2010-04-13 Timothy Hatcher <timothy@apple.com> 2 25 -
trunk/WebCore/WebCore.base.exp
r57535 r57537 314 314 __ZN7WebCore14SecurityOrigin25registerURLSchemeAsSecureERKNS_6StringE 315 315 __ZN7WebCore14SecurityOrigin29addOriginAccessWhitelistEntryERKS0_RKNS_6StringES5_b 316 __ZN7WebCore14SecurityOrigin32removeOriginAccessWhitelistEntryERKS0_RKNS_6StringES5_b 316 317 __ZN7WebCore14SecurityOrigin27resetOriginAccessWhitelistsEv 317 318 __ZN7WebCore14SecurityOrigin40setDomainRelaxationForbiddenForURLSchemeEbRKNS_6StringE -
trunk/WebCore/page/OriginAccessEntry.h
r47548 r57537 48 48 OriginAccessEntry(const String& protocol, const String& host, SubdomainSetting); 49 49 bool matchesOrigin(const SecurityOrigin&) const; 50 50 51 const String& protocol() const { return m_protocol; } 52 const String& host() const { return m_host; } 53 SubdomainSetting subdomainSettings() const { return m_subdomainSettings; } 54 51 55 private: 52 56 String m_protocol; … … 54 58 SubdomainSetting m_subdomainSettings; 55 59 bool m_hostIsIPAddress; 56 57 60 }; 61 62 inline bool operator==(const OriginAccessEntry& a, const OriginAccessEntry& b) 63 { 64 return equalIgnoringCase(a.protocol(), b.protocol()) && equalIgnoringCase(a.host(), b.host()) && a.subdomainSettings() == b.subdomainSettings(); 65 } 66 67 inline bool operator!=(const OriginAccessEntry& a, const OriginAccessEntry& b) 68 { 69 return !(a == b); 70 } 58 71 59 72 } // namespace WebCore -
trunk/WebCore/page/SecurityOrigin.cpp
r57535 r57537 658 658 659 659 String sourceString = sourceOrigin.toString(); 660 OriginAccessWhiteList* list = originAccessMap().get(sourceString);661 if ( !list) {662 list= new OriginAccessWhiteList;663 originAccessMap().set(sourceString, list); 664 }660 pair<OriginAccessMap::iterator, bool> result = originAccessMap().add(sourceString, 0); 661 if (result.second) 662 result.first->second = new OriginAccessWhiteList; 663 664 OriginAccessWhiteList* list = result.first->second; 665 665 list->append(OriginAccessEntry(destinationProtocol, destinationDomains, allowDestinationSubdomains ? OriginAccessEntry::AllowSubdomains : OriginAccessEntry::DisallowSubdomains)); 666 } 667 668 void SecurityOrigin::removeOriginAccessWhitelistEntry(const SecurityOrigin& sourceOrigin, const String& destinationProtocol, const String& destinationDomains, bool allowDestinationSubdomains) 669 { 670 ASSERT(isMainThread()); 671 ASSERT(!sourceOrigin.isEmpty()); 672 if (sourceOrigin.isEmpty()) 673 return; 674 675 String sourceString = sourceOrigin.toString(); 676 OriginAccessMap& map = originAccessMap(); 677 OriginAccessMap::iterator it = map.find(sourceString); 678 if (it == map.end()) 679 return; 680 681 OriginAccessWhiteList* list = it->second; 682 size_t index = list->find(OriginAccessEntry(destinationProtocol, destinationDomains, allowDestinationSubdomains ? OriginAccessEntry::AllowSubdomains : OriginAccessEntry::DisallowSubdomains)); 683 if (index == notFound) 684 return; 685 686 list->remove(index); 687 688 if (!list->isEmpty()) 689 return; 690 691 map.remove(it); 692 delete list; 666 693 } 667 694 -
trunk/WebCore/page/SecurityOrigin.h
r57535 r57537 196 196 197 197 static void addOriginAccessWhitelistEntry(const SecurityOrigin& sourceOrigin, const String& destinationProtocol, const String& destinationDomains, bool allowDestinationSubdomains); 198 static void removeOriginAccessWhitelistEntry(const SecurityOrigin& sourceOrigin, const String& destinationProtocol, const String& destinationDomains, bool allowDestinationSubdomains); 198 199 static void resetOriginAccessWhitelists(); 199 200 -
trunk/WebKit/mac/ChangeLog
r57535 r57537 1 2010-04-12 Timothy Hatcher <timothy@apple.com> 2 3 SecurityOrigin needs a way to remove individual OriginAccessEntries 4 https://bugs.webkit.org/show_bug.cgi?id=37449 5 6 Reviewed by Dave Hyatt. 7 8 * WebView/WebView.mm: 9 (+[WebView _removeOriginAccessWhitelistEntryWithSourceOrigin:destinationProtocol:destinationHost:allowDestinationSubdomains:]): 10 Call SecurityOrigin::removeOriginAccessWhitelistEntry. 11 * WebView/WebViewPrivate.h: Added _removeOriginAccessWhitelistEntryWithSourceOrigin. 12 1 13 2010-04-13 Timothy Hatcher <timothy@apple.com> 2 14 -
trunk/WebKit/mac/WebView/WebView.mm
r57535 r57537 2253 2253 } 2254 2254 2255 + (void)_removeOriginAccessWhitelistEntryWithSourceOrigin:(NSString *)sourceOrigin destinationProtocol:(NSString *)destinationProtocol destinationHost:(NSString *)destinationHost allowDestinationSubdomains:(BOOL)allowDestinationSubdomains 2256 { 2257 SecurityOrigin::removeOriginAccessWhitelistEntry(*SecurityOrigin::createFromString(sourceOrigin), destinationProtocol, destinationHost, allowDestinationSubdomains); 2258 } 2259 2255 2260 +(void)_resetOriginAccessWhitelists 2256 2261 { -
trunk/WebKit/mac/WebView/WebViewPrivate.h
r57535 r57537 491 491 // - allowDestinationSubdomains: If host is a domain, setting this to YES will whitelist host and all its subdomains, recursively. 492 492 + (void)_addOriginAccessWhitelistEntryWithSourceOrigin:(NSString *)sourceOrigin destinationProtocol:(NSString *)destinationProtocol destinationHost:(NSString *)destinationHost allowDestinationSubdomains:(BOOL)allowDestinationSubdomains; 493 + (void)_removeOriginAccessWhitelistEntryWithSourceOrigin:(NSString *)sourceOrigin destinationProtocol:(NSString *)destinationProtocol destinationHost:(NSString *)destinationHost allowDestinationSubdomains:(BOOL)allowDestinationSubdomains; 493 494 494 495 // Removes all white list entries created with _addOriginAccessWhitelistEntryWithSourceOrigin. -
trunk/WebKit/win/ChangeLog
r57535 r57537 1 2010-04-12 Timothy Hatcher <timothy@apple.com> 2 3 SecurityOrigin needs a way to remove individual OriginAccessEntries 4 https://bugs.webkit.org/show_bug.cgi?id=37449 5 6 Reviewed by Dave Hyatt. 7 8 * Interfaces/IWebViewPrivate.idl: 9 * WebView.cpp: 10 (WebView::removeOriginAccessWhitelistEntry): Call SecurityOrigin::removeOriginAccessWhitelistEntry. 11 * WebView.h: Added removeOriginAccessWhitelistEntry. 12 1 13 2010-04-13 Timothy Hatcher <timothy@apple.com> 2 14 -
trunk/WebKit/win/Interfaces/IWebViewPrivate.idl
r57535 r57537 210 210 HRESULT addOriginAccessWhitelistEntry([in] BSTR sourceOrigin, [in] BSTR destinationProtocol, [in] BSTR destinationHost, [in] BOOL allowDestinationSubdomains); 211 211 212 // Removes a white list entry created with addOriginAccessWhitelistEntry. See above. 213 HRESULT removeOriginAccessWhitelistEntry([in] BSTR sourceOrigin, [in] BSTR destinationProtocol, [in] BSTR destinationHost, [in] BOOL allowDestinationSubdomains); 214 212 215 // Removes all white list entries created with addOriginAccessWhitelistEntry. 213 216 HRESULT resetOriginAccessWhitelists(); -
trunk/WebKit/win/Interfaces/WebKit.idl
r56939 r57537 295 295 } 296 296 } 297 -
trunk/WebKit/win/WebView.cpp
r57535 r57537 6041 6041 } 6042 6042 6043 HRESULT WebView::removeOriginAccessWhitelistEntry(BSTR sourceOrigin, BSTR destinationProtocol, BSTR destinationHost, BOOL allowDestinationSubdomains) 6044 { 6045 SecurityOrigin::removeOriginAccessWhitelistEntry(*SecurityOrigin::createFromString(String(sourceOrigin, SysStringLen(sourceOrigin))), String(destinationProtocol, SysStringLen(destinationProtocol)), String(destinationHost, SysStringLen(destinationHost)), allowDestinationSubdomains); 6046 return S_OK; 6047 } 6048 6043 6049 HRESULT WebView::resetOriginAccessWhitelists() 6044 6050 { -
trunk/WebKit/win/WebView.h
r57535 r57537 763 763 764 764 virtual HRESULT STDMETHODCALLTYPE addOriginAccessWhitelistEntry(BSTR sourceOrigin, BSTR destinationProtocol, BSTR destinationHost, BOOL allowDestinationSubdomains); 765 virtual HRESULT STDMETHODCALLTYPE removeOriginAccessWhitelistEntry(BSTR sourceOrigin, BSTR destinationProtocol, BSTR destinationHost, BOOL allowDestinationSubdomains); 765 766 virtual HRESULT STDMETHODCALLTYPE resetOriginAccessWhitelists(); 766 767 -
trunk/WebKitTools/ChangeLog
r57535 r57537 1 2010-04-12 Timothy Hatcher <timothy@apple.com> 2 3 SecurityOrigin needs a way to remove individual OriginAccessEntries 4 https://bugs.webkit.org/show_bug.cgi?id=37449 5 6 Reviewed by Dave Hyatt. 7 8 * DumpRenderTree/LayoutTestController.cpp: 9 (removeOriginAccessWhitelistEntryCallback): Added. Call LayoutTestController::removeOriginAccessWhitelistEntry. 10 (LayoutTestController::staticFunctions): Added removeOriginAccessWhitelistEntry. 11 * DumpRenderTree/LayoutTestController.h: 12 * DumpRenderTree/gtk/LayoutTestControllerGtk.cpp: 13 (LayoutTestController::removeOriginAccessWhitelistEntry): Added. FIXME to implement. 14 * DumpRenderTree/mac/LayoutTestControllerMac.mm: 15 (LayoutTestController::removeOriginAccessWhitelistEntry): Added. 16 * DumpRenderTree/qt/LayoutTestControllerQt.cpp: 17 (LayoutTestController::removeOriginAccessWhitelistEntry): Added. FIXME to implement. 18 * DumpRenderTree/win/LayoutTestControllerWin.cpp: 19 (LayoutTestController::removeOriginAccessWhitelistEntry): Added. 20 * DumpRenderTree/wx/LayoutTestControllerWx.cpp: 21 (LayoutTestController::whiteListAccessFromOrigin): FIXME to implement. 22 (LayoutTestController::removeOriginAccessWhitelistEntry): Added. FIXME to implement. 23 1 24 2010-04-13 Timothy Hatcher <timothy@apple.com> 2 25 -
trunk/WebKitTools/DumpRenderTree/LayoutTestController.cpp
r57535 r57537 1290 1290 LayoutTestController* controller = static_cast<LayoutTestController*>(JSObjectGetPrivate(thisObject)); 1291 1291 controller->addOriginAccessWhitelistEntry(sourceOrigin.get(), destinationProtocol.get(), destinationHost.get(), allowDestinationSubdomains); 1292 return JSValueMakeUndefined(context); 1293 } 1294 1295 static JSValueRef removeOriginAccessWhitelistEntryCallback(JSContextRef context, JSObjectRef, JSObjectRef thisObject, size_t argumentCount, const JSValueRef arguments[], JSValueRef* exception) 1296 { 1297 if (argumentCount != 4) 1298 return JSValueMakeUndefined(context); 1299 1300 JSRetainPtr<JSStringRef> sourceOrigin(Adopt, JSValueToStringCopy(context, arguments[0], exception)); 1301 ASSERT(!*exception); 1302 JSRetainPtr<JSStringRef> destinationProtocol(Adopt, JSValueToStringCopy(context, arguments[1], exception)); 1303 ASSERT(!*exception); 1304 JSRetainPtr<JSStringRef> destinationHost(Adopt, JSValueToStringCopy(context, arguments[2], exception)); 1305 ASSERT(!*exception); 1306 bool allowDestinationSubdomains = JSValueToBoolean(context, arguments[3]); 1307 1308 LayoutTestController* controller = static_cast<LayoutTestController*>(JSObjectGetPrivate(thisObject)); 1309 controller->removeOriginAccessWhitelistEntry(sourceOrigin.get(), destinationProtocol.get(), destinationHost.get(), allowDestinationSubdomains); 1292 1310 return JSValueMakeUndefined(context); 1293 1311 } … … 1501 1519 { "queueReload", queueReloadCallback, kJSPropertyAttributeReadOnly | kJSPropertyAttributeDontDelete }, 1502 1520 { "removeAllVisitedLinks", removeAllVisitedLinksCallback, kJSPropertyAttributeReadOnly | kJSPropertyAttributeDontDelete }, 1521 { "removeOriginAccessWhitelistEntry", removeOriginAccessWhitelistEntryCallback, kJSPropertyAttributeReadOnly | kJSPropertyAttributeDontDelete }, 1503 1522 { "repaintSweepHorizontally", repaintSweepHorizontallyCallback, kJSPropertyAttributeReadOnly | kJSPropertyAttributeDontDelete }, 1504 1523 { "setAcceptsEditing", setAcceptsEditingCallback, kJSPropertyAttributeReadOnly | kJSPropertyAttributeDontDelete }, -
trunk/WebKitTools/DumpRenderTree/LayoutTestController.h
r57535 r57537 227 227 228 228 void addOriginAccessWhitelistEntry(JSStringRef sourceOrigin, JSStringRef destinationProtocol, JSStringRef destinationHost, bool allowDestinationSubdomains); 229 void removeOriginAccessWhitelistEntry(JSStringRef sourceOrigin, JSStringRef destinationProtocol, JSStringRef destinationHost, bool allowDestinationSubdomains); 229 230 230 231 void addUserScript(JSStringRef source, bool runAtStart); -
trunk/WebKitTools/DumpRenderTree/gtk/LayoutTestControllerGtk.cpp
r57535 r57537 267 267 } 268 268 269 void LayoutTestController::removeOriginAccessWhitelistEntry(JSStringRef sourceOrigin, JSStringRef protocol, JSStringRef host, bool includeSubdomains) 270 { 271 // FIXME: implement 272 } 273 269 274 void LayoutTestController::setMainFrameIsFirstResponder(bool flag) 270 275 { -
trunk/WebKitTools/DumpRenderTree/mac/LayoutTestControllerMac.mm
r57535 r57537 574 574 } 575 575 576 void LayoutTestController::removeOriginAccessWhitelistEntry(JSStringRef sourceOrigin, JSStringRef destinationProtocol, JSStringRef destinationHost, bool allowDestinationSubdomains) 577 { 578 RetainPtr<CFStringRef> sourceOriginCF(AdoptCF, JSStringCopyCFString(kCFAllocatorDefault, sourceOrigin)); 579 NSString *sourceOriginNS = (NSString *)sourceOriginCF.get(); 580 RetainPtr<CFStringRef> protocolCF(AdoptCF, JSStringCopyCFString(kCFAllocatorDefault, destinationProtocol)); 581 NSString *destinationProtocolNS = (NSString *)protocolCF.get(); 582 RetainPtr<CFStringRef> hostCF(AdoptCF, JSStringCopyCFString(kCFAllocatorDefault, destinationHost)); 583 NSString *destinationHostNS = (NSString *)hostCF.get(); 584 [WebView _removeOriginAccessWhitelistEntryWithSourceOrigin:sourceOriginNS destinationProtocol:destinationProtocolNS destinationHost:destinationHostNS allowDestinationSubdomains:allowDestinationSubdomains]; 585 } 586 576 587 void LayoutTestController::setScrollbarPolicy(JSStringRef orientation, JSStringRef policy) 577 588 { -
trunk/WebKitTools/DumpRenderTree/qt/LayoutTestControllerQt.cpp
r57535 r57537 481 481 } 482 482 483 void LayoutTestController::removeOriginAccessWhitelistEntry(const QString& sourceOrigin, const QString& destinationProtocol, const QString& destinationHost, bool allowDestinationSubdomains) 484 { 485 // FIXME: Implement. 486 } 487 483 488 void LayoutTestController::waitForPolicyDelegate() 484 489 { -
trunk/WebKitTools/DumpRenderTree/win/LayoutTestControllerWin.cpp
r57535 r57537 993 993 } 994 994 995 void LayoutTestController::removeOriginAccessWhitelistEntry(JSStringRef sourceOrigin, JSStringRef destinationProtocol, JSStringRef destinationHost, bool allowDestinationSubdomains) 996 { 997 COMPtr<IWebViewPrivate> webView; 998 if (FAILED(WebKitCreateInstance(__uuidof(WebView), 0, __uuidof(webView), reinterpret_cast<void**>(&webView)))) 999 return; 1000 1001 webView->removeOriginAccessWhitelistEntry(bstrT(sourceOrigin).GetBSTR(), bstrT(destinationProtocol).GetBSTR(), bstrT(destinationHost).GetBSTR(), allowDestinationSubdomains); 1002 } 1003 995 1004 void LayoutTestController::setScrollbarPolicy(JSStringRef orientation, JSStringRef policy) 996 1005 { -
trunk/WebKitTools/DumpRenderTree/wx/LayoutTestControllerWx.cpp
r57535 r57537 363 363 void LayoutTestController::addOriginAccessWhitelistEntry(JSStringRef sourceOrigin, JSStringRef destinationProtocol, JSStringRef destinationHost, bool allowDestinationSubdomains) 364 364 { 365 365 // FIXME: implement 366 } 367 368 void LayoutTestController::removeOriginAccessWhitelistEntry(JSStringRef sourceOrigin, JSStringRef destinationProtocol, JSStringRef destinationHost, bool allowDestinationSubdomains) 369 { 370 // FIXME: implement 366 371 } 367 372
Note: See TracChangeset
for help on using the changeset viewer.