Changeset 66815 in webkit
- Timestamp:
- Sep 6, 2010 12:59:30 AM (14 years ago)
- Location:
- trunk
- Files:
-
- 21 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/WebCore/ChangeLog
r66813 r66815 1 2010-09-06 Adam Barth <abarth@webkit.org> 2 3 Reviewed by Darin Adler. 4 5 Rename SecurityOrigin::canLoad to canDisplay 6 https://bugs.webkit.org/show_bug.cgi?id=45214 7 8 canLoad is a pretty opaque name. This function is really about whether 9 you can display the contents of the URL in an iframe, an image, or a 10 plugin. 11 12 * WebCore.exp.in: 13 * html/HTMLMediaElement.cpp: 14 (WebCore::HTMLMediaElement::isSafeToLoadURL): 15 * loader/Cache.cpp: 16 (WebCore::Cache::requestResource): 17 * loader/FrameLoader.cpp: 18 (WebCore::FrameLoader::loadFrameRequest): 19 * loader/PingLoader.cpp: 20 (WebCore::PingLoader::loadImage): 21 * loader/SubframeLoader.cpp: 22 (WebCore::SubframeLoader::loadMediaPlayerProxyPlugin): 23 (WebCore::SubframeLoader::createJavaAppletWidget): 24 (WebCore::SubframeLoader::loadSubframe): 25 (WebCore::SubframeLoader::loadPlugin): 26 * loader/SubresourceLoader.cpp: 27 (WebCore::SubresourceLoader::create): 28 * page/SecurityOrigin.cpp: 29 (WebCore::SecurityOrigin::canDisplay): 30 * page/SecurityOrigin.h: 31 * plugins/PluginView.cpp: 32 (WebCore::PluginView::load): 33 1 34 2010-08-31 Yury Semikhatsky <yurys@chromium.org> 2 35 -
trunk/WebCore/WebCore.exp.in
r66794 r66815 315 315 __ZN7WebCore14SchemeRegistry25registerURLSchemeAsSecureERKN3WTF6StringE 316 316 __ZN7WebCore14SchemeRegistry32registerURLSchemeAsEmptyDocumentERKN3WTF6StringE 317 __ZN7WebCore14SecurityOrigin10canDisplayERKNS_4KURLERKN3WTF6StringEPNS_8DocumentE 317 318 __ZN7WebCore14SecurityOrigin16createFromStringERKN3WTF6StringE 318 319 __ZN7WebCore14SecurityOrigin18setLocalLoadPolicyENS0_15LocalLoadPolicyE … … 323 324 __ZN7WebCore14SecurityOrigin40setDomainRelaxationForbiddenForURLSchemeEbRKN3WTF6StringE 324 325 __ZN7WebCore14SecurityOrigin6createERKNS_4KURLEi 325 __ZN7WebCore14SecurityOrigin7canLoadERKNS_4KURLERKN3WTF6StringEPNS_8DocumentE326 326 __ZN7WebCore15ArchiveResource6createEN3WTF10PassRefPtrINS_12SharedBufferEEERKNS_4KURLERKNS1_6StringESA_SA_RKNS_16ResourceResponseE 327 327 __ZN7WebCore15DOMWrapperWorld15unregisterWorldEv -
trunk/WebCore/html/HTMLMediaElement.cpp
r66710 r66815 700 700 701 701 // don't allow remote to local urls, and check with the frame loader client. 702 if (!loader || !SecurityOrigin::can Load(url, String(), document())) {702 if (!loader || !SecurityOrigin::canDisplay(url, String(), document())) { 703 703 if (actionIfInvalid == Complain) 704 704 FrameLoader::reportLocalLoadFailed(frame, url.string()); -
trunk/WebCore/loader/Cache.cpp
r66037 r66815 107 107 return 0; 108 108 109 if (SecurityOrigin::restrictAccessToLocal() && !SecurityOrigin::can Load(url, String(), docLoader->doc())) {109 if (SecurityOrigin::restrictAccessToLocal() && !SecurityOrigin::canDisplay(url, String(), docLoader->doc())) { 110 110 Document* doc = docLoader->doc(); 111 111 if (doc && !requestIsPreload) -
trunk/WebCore/loader/FrameLoader.cpp
r66794 r66815 1262 1262 ASSERT(frame()->document()); 1263 1263 if (SchemeRegistry::shouldTreatURLAsLocal(url.string()) && !isFeedWithNestedProtocolInHTTPFamily(url)) { 1264 if (!SecurityOrigin::can Load(url, String(), frame()->document()) && !SecurityOrigin::canLoad(url, referrer, 0)) {1264 if (!SecurityOrigin::canDisplay(url, String(), frame()->document()) && !SecurityOrigin::canDisplay(url, referrer, 0)) { 1265 1265 FrameLoader::reportLocalLoadFailed(m_frame, url.string()); 1266 1266 return; -
trunk/WebCore/loader/PingLoader.cpp
r66083 r66815 43 43 void PingLoader::loadImage(Frame* frame, const KURL& url) 44 44 { 45 if (SecurityOrigin::restrictAccessToLocal() && !SecurityOrigin::can Load(url, String(), frame->document())) {45 if (SecurityOrigin::restrictAccessToLocal() && !SecurityOrigin::canDisplay(url, String(), frame->document())) { 46 46 FrameLoader::reportLocalLoadFailed(frame, url); 47 47 return; -
trunk/WebCore/loader/SubframeLoader.cpp
r66657 r66815 148 148 completedURL = completeURL(url); 149 149 150 if (!SecurityOrigin::can Load(completedURL, String(), m_frame->document())) {150 if (!SecurityOrigin::canDisplay(completedURL, String(), m_frame->document())) { 151 151 FrameLoader::reportLocalLoadFailed(m_frame, completedURL.string()); 152 152 return 0; … … 206 206 if (!codeBaseURLString.isEmpty()) { 207 207 KURL codeBaseURL = completeURL(codeBaseURLString); 208 if (!SecurityOrigin::can Load(codeBaseURL, String(), element->document())) {208 if (!SecurityOrigin::canDisplay(codeBaseURL, String(), element->document())) { 209 209 FrameLoader::reportLocalLoadFailed(m_frame, codeBaseURL.string()); 210 210 return 0; … … 248 248 } 249 249 250 if (!SecurityOrigin::can Load(url, String(), ownerElement->document())) {250 if (!SecurityOrigin::canDisplay(url, String(), ownerElement->document())) { 251 251 FrameLoader::reportLocalLoadFailed(m_frame, url.string()); 252 252 return 0; … … 337 337 return false; 338 338 339 if (!SecurityOrigin::can Load(url, String(), document())) {339 if (!SecurityOrigin::canDisplay(url, String(), document())) { 340 340 FrameLoader::reportLocalLoadFailed(m_frame, url.string()); 341 341 return false; -
trunk/WebCore/loader/SubresourceLoader.cpp
r63766 r66815 74 74 if (securityCheck == DoSecurityCheck 75 75 && SecurityOrigin::restrictAccessToLocal() 76 && !SecurityOrigin::can Load(request.url(), String(), frame->document())) {76 && !SecurityOrigin::canDisplay(request.url(), String(), frame->document())) { 77 77 FrameLoader::reportLocalLoadFailed(frame, request.url().string()); 78 78 return 0; -
trunk/WebCore/page/SecurityOrigin.cpp
r66537 r66815 285 285 } 286 286 287 bool SecurityOrigin::can Load(const KURL& url, const String& referrer, Document* document)287 bool SecurityOrigin::canDisplay(const KURL& url, const String& referrer, Document* document) 288 288 { 289 289 #if ENABLE(BLOB) -
trunk/WebCore/page/SecurityOrigin.h
r65077 r66815 85 85 bool taintsCanvas(const KURL&) const; 86 86 87 // Returns true for any non-local URL. If document parameter is supplied, 88 // its local load policy dictates, otherwise if referrer is non-empty and 89 // represents a local file, then the local load is allowed. 90 static bool canLoad(const KURL&, const String& referrer, Document* document); 87 // Returns true if |document| can display content from the given URL (e.g., 88 // in an iframe or as an image). For example, web sites generally cannot 89 // display content from the user's files system. If |document| is 0, 90 // |referrer| is used to make this determination. 91 static bool canDisplay(const KURL&, const String& referrer, Document* document); 91 92 92 93 // Returns true if this SecurityOrigin can load local resources, such -
trunk/WebCore/plugins/PluginView.cpp
r65707 r66815 538 538 if (!targetFrameName.isNull() && m_parentFrame->tree()->find(targetFrameName) != m_parentFrame) 539 539 return NPERR_INVALID_PARAM; 540 } else if (!SecurityOrigin::can Load(url, String(), m_parentFrame->document()))540 } else if (!SecurityOrigin::canDisplay(url, String(), m_parentFrame->document())) 541 541 return NPERR_GENERIC_ERROR; 542 542 -
trunk/WebKit/mac/ChangeLog
r66794 r66815 1 2010-09-06 Adam Barth <abarth@webkit.org> 2 3 Reviewed by Darin Adler. 4 5 Rename SecurityOrigin::canLoad to canDisplay 6 https://bugs.webkit.org/show_bug.cgi?id=45214 7 8 Propagate name change. 9 10 * Plugins/Hosted/NetscapePluginInstanceProxy.mm: 11 (WebKit::NetscapePluginInstanceProxy::loadRequest): 12 * Plugins/WebNetscapePluginStream.mm: 13 (WebNetscapePluginStream::WebNetscapePluginStream): 14 * Plugins/WebNetscapePluginView.mm: 15 (-[WebNetscapePluginView loadRequest:inTarget:withNotifyData:sendNotification:]): 16 * Plugins/WebPluginContainerCheck.mm: 17 (-[WebPluginContainerCheck _isForbiddenFileLoad]): 18 * WebView/WebFrame.mm: 19 (-[WebFrame _allowsFollowingLink:]): 20 1 21 2010-09-03 Jesus Sanchez-Palencia <jesus.palencia@openbossa.org> 2 22 -
trunk/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm
r65697 r66815 763 763 } 764 764 } else { 765 if (!SecurityOrigin::can Load(URL, String(), core([m_pluginView webFrame])->document()))765 if (!SecurityOrigin::canDisplay(URL, String(), core([m_pluginView webFrame])->document())) 766 766 return NPERR_GENERIC_ERROR; 767 767 } -
trunk/WebKit/mac/Plugins/WebNetscapePluginStream.mm
r62679 r66815 162 162 163 163 // This check has already been done by the plug-in view. 164 ASSERT(SecurityOrigin::can Load([request URL], String(), core([view webFrame])->document()));164 ASSERT(SecurityOrigin::canDisplay([request URL], String(), core([view webFrame])->document())); 165 165 166 166 ASSERT([request URL]); -
trunk/WebKit/mac/Plugins/WebNetscapePluginView.mm
r66633 r66815 1729 1729 } 1730 1730 } else { 1731 if (!SecurityOrigin::can Load(URL, String(), core([self webFrame])->document()))1731 if (!SecurityOrigin::canDisplay(URL, String(), core([self webFrame])->document())) 1732 1732 return NPERR_GENERIC_ERROR; 1733 1733 } -
trunk/WebKit/mac/Plugins/WebPluginContainerCheck.mm
r49212 r66815 100 100 Frame* coreFrame = core([_controller webFrame]); 101 101 ASSERT(coreFrame); 102 if (!SecurityOrigin::can Load([_request URL], String(), coreFrame->document())) {102 if (!SecurityOrigin::canDisplay([_request URL], String(), coreFrame->document())) { 103 103 [self _continueWithPolicy:PolicyIgnore]; 104 104 return YES; -
trunk/WebKit/mac/WebView/WebFrame.mm
r66721 r66815 1283 1283 if (!_private->coreFrame) 1284 1284 return YES; 1285 return SecurityOrigin::can Load(URL, String(), _private->coreFrame->document());1285 return SecurityOrigin::canDisplay(URL, String(), _private->coreFrame->document()); 1286 1286 } 1287 1287 -
trunk/WebKit/win/ChangeLog
r66794 r66815 1 2010-09-06 Adam Barth <abarth@webkit.org> 2 3 Reviewed by Darin Adler. 4 5 Rename SecurityOrigin::canLoad to canDisplay 6 https://bugs.webkit.org/show_bug.cgi?id=45214 7 8 Propagate name change. 9 10 * WebFrame.cpp: 11 (WebFrame::allowsFollowingLink): 12 1 13 2010-09-03 Jesus Sanchez-Palencia <jesus.palencia@openbossa.org> 2 14 -
trunk/WebKit/win/WebFrame.cpp
r66794 r66815 1354 1354 return E_FAIL; 1355 1355 1356 *result = SecurityOrigin::can Load(MarshallingHelpers::BSTRToKURL(url), String(), frame->document());1356 *result = SecurityOrigin::canDisplay(MarshallingHelpers::BSTRToKURL(url), String(), frame->document()); 1357 1357 return S_OK; 1358 1358 } -
trunk/WebKit2/ChangeLog
r66799 r66815 1 2010-09-06 Adam Barth <abarth@webkit.org> 2 3 Reviewed by Darin Adler. 4 5 Rename SecurityOrigin::canLoad to canDisplay 6 https://bugs.webkit.org/show_bug.cgi?id=45214 7 8 Propagate name change. 9 10 * WebProcess/Plugins/PluginView.cpp: 11 (WebKit::PluginView::performFrameLoadURLRequest): 12 1 13 2010-09-04 Sam Weinig <sam@webkit.org> 2 14 -
trunk/WebKit2/WebProcess/Plugins/PluginView.cpp
r65817 r66815 516 516 517 517 // Check if this is URL can be loaded. 518 if (!SecurityOrigin::can Load(request->request().url(), String(), m_pluginElement->document())) {518 if (!SecurityOrigin::canDisplay(request->request().url(), String(), m_pluginElement->document())) { 519 519 // We can't load the request, send back a reply to the plug-in. 520 520 m_plugin->frameDidFail(request->requestID(), false);
Note: See TracChangeset
for help on using the changeset viewer.