Changeset 85453 in webkit
- Timestamp:
- May 1, 2011 6:55:17 PM (13 years ago)
- Location:
- trunk
- Files:
-
- 4 added
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r85451 r85453 1 2011-05-01 Adam Barth <abarth@webkit.org> 2 3 Reviewed by Eric Seidel. 4 5 Polish CSP host and port matching 6 https://bugs.webkit.org/show_bug.cgi?id=59899 7 8 Test two host wildcard cases. 9 10 * http/tests/security/contentSecurityPolicy/image-full-host-wildcard-allowed-expected.txt: Added. 11 * http/tests/security/contentSecurityPolicy/image-full-host-wildcard-allowed.html: Added. 12 * http/tests/security/contentSecurityPolicy/image-host-wildcard-allowed-expected.txt: Added. 13 * http/tests/security/contentSecurityPolicy/image-host-wildcard-allowed.html: Added. 14 1 15 2011-05-01 Adam Barth <abarth@webkit.org> 2 16 -
trunk/Source/WebCore/ChangeLog
r85451 r85453 1 2011-05-01 Adam Barth <abarth@webkit.org> 2 3 Reviewed by Eric Seidel. 4 5 Polish CSP host and port matching 6 https://bugs.webkit.org/show_bug.cgi?id=59899 7 8 Finish last two details of host and port matching. I don't think the 9 default port handling is testable with our current testing 10 infrastructure. 11 12 Tests: http/tests/security/contentSecurityPolicy/image-full-host-wildcard-allowed.html 13 http/tests/security/contentSecurityPolicy/image-host-wildcard-allowed.html 14 15 * page/ContentSecurityPolicy.cpp: 16 (WebCore::CSPSource::hostMatches): 17 (WebCore::CSPSource::portMatches): 18 1 19 2011-05-01 Adam Barth <abarth@webkit.org> 2 20 -
trunk/Source/WebCore/page/ContentSecurityPolicy.cpp
r85451 r85453 32 32 #include "FormDataList.h" 33 33 #include "Frame.h" 34 #include "NotImplemented.h"35 34 #include "PingLoader.h" 36 35 #include "SecurityOrigin.h" … … 137 136 bool hostMatches(const KURL& url) const 138 137 { 139 if (m_hostHasWildcard) 140 notImplemented(); 141 142 return equalIgnoringCase(url.host(), m_host); 138 const String& host = url.host(); 139 if (equalIgnoringCase(host, m_host)) 140 return true; 141 return m_hostHasWildcard && host.endsWith("." + m_host, false); 142 143 143 } 144 144 … … 147 147 if (m_portHasWildcard) 148 148 return true; 149 150 // FIXME: Handle explicit default ports correctly. 151 return url.port() == m_port; 149 int port = url.port(); 150 return port ? port == m_port : isDefaultPortForProtocol(m_port, url.protocol()); 152 151 } 153 152
Note: See TracChangeset
for help on using the changeset viewer.