Changeset 87597 in webkit


Ignore:
Timestamp:
May 27, 2011 8:27:16 PM (13 years ago)
Author:
jochen@chromium.org
Message:

2011-05-27 Jochen Eisinger <jochen@chromium.org>

Reviewed by Adam Barth.

Check access policy on all storage operations
https://bugs.webkit.org/show_bug.cgi?id=61581

  • platform/chromium/permissionclient/storage-permission-expected.txt: Added.
  • platform/chromium/permissionclient/storage-permission.html: Added.

2011-05-27 Jochen Eisinger <jochen@chromium.org>

Reviewed by Adam Barth.

Add Frame parameter to all StorageArea methods. The chromium
embedder uses the Frame as context to decide whether or not
to allow usage of the storage API.
https://bugs.webkit.org/show_bug.cgi?id=61581

Test: platform/chromium/permissionclient/storage-permission.html

  • storage/Storage.cpp: (WebCore::Storage::length): (WebCore::Storage::key): (WebCore::Storage::getItem): (WebCore::Storage::contains):
  • storage/StorageArea.h:
  • storage/StorageAreaImpl.cpp: (WebCore::StorageAreaImpl::length): (WebCore::StorageAreaImpl::key): (WebCore::StorageAreaImpl::getItem): (WebCore::StorageAreaImpl::contains):
  • storage/StorageAreaImpl.h:

2011-05-27 Jochen Eisinger <jochen@chromium.org>

Reviewed by Adam Barth.

Check access policy on all storage operations
https://bugs.webkit.org/show_bug.cgi?id=61581

  • src/StorageAreaProxy.cpp: (WebCore::StorageAreaProxy::length): (WebCore::StorageAreaProxy::key): (WebCore::StorageAreaProxy::getItem): (WebCore::StorageAreaProxy::setItem): (WebCore::StorageAreaProxy::removeItem): (WebCore::StorageAreaProxy::clear): (WebCore::StorageAreaProxy::contains): (WebCore::StorageAreaProxy::canAccessStorage):
  • src/StorageAreaProxy.h:
  • src/WebStorageAreaImpl.cpp: (WebKit::WebStorageAreaImpl::length): (WebKit::WebStorageAreaImpl::key): (WebKit::WebStorageAreaImpl::getItem):

2011-05-27 Jochen Eisinger <jochen@chromium.org>

Reviewed by Adam Barth.

Add layoutTestController.setStorageAllowed() to control whether access
to the localStorage API is enabled via the WebPermissionClient
https://bugs.webkit.org/show_bug.cgi?id=61581

  • DumpRenderTree/chromium/LayoutTestController.cpp: (LayoutTestController::LayoutTestController): (LayoutTestController::setStorageAllowed):
  • DumpRenderTree/chromium/LayoutTestController.h:
  • DumpRenderTree/chromium/TestShell.cpp: (TestShell::TestShell): (TestShell::createNewWindow):
  • DumpRenderTree/chromium/TestShell.h:
  • DumpRenderTree/chromium/WebPermissions.h: Added. (WebPermissions::WebPermissions): (WebPermissions::allowStorage): (WebPermissions::setStorageAllowed): (WebPermissions::reset):
Location:
trunk
Files:
4 added
15 edited

Legend:

Unmodified
Added
Removed
  • trunk/LayoutTests/ChangeLog

    r87590 r87597  
     12011-05-27  Jochen Eisinger  <jochen@chromium.org>
     2
     3        Reviewed by Adam Barth.
     4
     5        Check access policy on all storage operations
     6        https://bugs.webkit.org/show_bug.cgi?id=61581
     7
     8        * platform/chromium/permissionclient/storage-permission-expected.txt: Added.
     9        * platform/chromium/permissionclient/storage-permission.html: Added.
     10
    1112011-05-27  Adam Klein  <adamk@chromium.org>
    212
  • trunk/Source/WebCore/ChangeLog

    r87595 r87597  
     12011-05-27  Jochen Eisinger  <jochen@chromium.org>
     2
     3        Reviewed by Adam Barth.
     4
     5        Add Frame parameter to all StorageArea methods. The chromium
     6        embedder uses the Frame as context to decide whether or not
     7        to allow usage of the storage API.
     8        https://bugs.webkit.org/show_bug.cgi?id=61581
     9
     10        Test: platform/chromium/permissionclient/storage-permission.html
     11
     12        * storage/Storage.cpp:
     13        (WebCore::Storage::length):
     14        (WebCore::Storage::key):
     15        (WebCore::Storage::getItem):
     16        (WebCore::Storage::contains):
     17        * storage/StorageArea.h:
     18        * storage/StorageAreaImpl.cpp:
     19        (WebCore::StorageAreaImpl::length):
     20        (WebCore::StorageAreaImpl::key):
     21        (WebCore::StorageAreaImpl::getItem):
     22        (WebCore::StorageAreaImpl::contains):
     23        * storage/StorageAreaImpl.h:
     24
    1252011-05-27  Nate Chapin  <japhet@chromium.org>
    226
  • trunk/Source/WebCore/storage/Storage.cpp

    r73015 r87597  
    6060        return 0;
    6161
    62     return m_storageArea->length();
     62    return m_storageArea->length(m_frame);
    6363}
    6464
     
    6868        return String();
    6969
    70     return m_storageArea->key(index);
     70    return m_storageArea->key(index, m_frame);
    7171}
    7272
     
    7676        return String();
    7777
    78     return m_storageArea->getItem(key);
     78    return m_storageArea->getItem(key, m_frame);
    7979}
    8080
     
    109109        return false;
    110110
    111     return m_storageArea->contains(key);
     111    return m_storageArea->contains(key, m_frame);
    112112}
    113113
  • trunk/Source/WebCore/storage/StorageArea.h

    r53710 r87597  
    4848
    4949        // The HTML5 DOM Storage API
    50         virtual unsigned length() const = 0;
    51         virtual String key(unsigned index) const = 0;
    52         virtual String getItem(const String& key) const = 0;
     50        // FIXME: We should pass Document instead of Frame. Also, that parameter should go first.
     51        virtual unsigned length(Frame* sourceFrame) const = 0;
     52        virtual String key(unsigned index, Frame* sourceFrame) const = 0;
     53        virtual String getItem(const String& key, Frame* sourceFrame) const = 0;
    5354        virtual String setItem(const String& key, const String& value, ExceptionCode& ec, Frame* sourceFrame) = 0;
    5455        virtual String removeItem(const String& key, Frame* sourceFrame) = 0;
    5556        virtual bool clear(Frame* sourceFrame) = 0;
    56         virtual bool contains(const String& key) const = 0;
     57        virtual bool contains(const String& key, Frame* sourceFrame) const = 0;
    5758    };
    5859
  • trunk/Source/WebCore/storage/StorageAreaImpl.cpp

    r87114 r87597  
    108108}
    109109
    110 unsigned StorageAreaImpl::length() const
     110unsigned StorageAreaImpl::length(Frame*) const
    111111{
    112112    ASSERT(!m_isShutdown);
     
    116116}
    117117
    118 String StorageAreaImpl::key(unsigned index) const
     118String StorageAreaImpl::key(unsigned index, Frame*) const
    119119{
    120120    ASSERT(!m_isShutdown);
     
    124124}
    125125
    126 String StorageAreaImpl::getItem(const String& key) const
     126String StorageAreaImpl::getItem(const String& key, Frame*) const
    127127{
    128128    ASSERT(!m_isShutdown);
     
    205205}
    206206
    207 bool StorageAreaImpl::contains(const String& key) const
     207bool StorageAreaImpl::contains(const String& key, Frame*) const
    208208{
    209209    ASSERT(!m_isShutdown);
  • trunk/Source/WebCore/storage/StorageAreaImpl.h

    r80892 r87597  
    4646
    4747        // The HTML5 DOM Storage API (and contains)
    48         virtual unsigned length() const;
    49         virtual String key(unsigned index) const;
    50         virtual String getItem(const String& key) const;
     48        virtual unsigned length(Frame* sourceFrame) const;
     49        virtual String key(unsigned index, Frame* sourceFrame) const;
     50        virtual String getItem(const String& key, Frame* sourceFrame) const;
    5151        virtual String setItem(const String& key, const String& value, ExceptionCode& ec, Frame* sourceFrame);
    5252        virtual String removeItem(const String& key, Frame* sourceFrame);
    5353        virtual bool clear(Frame* sourceFrame);
    54         virtual bool contains(const String& key) const;
     54        virtual bool contains(const String& key, Frame* sourceFrame) const;
    5555
    5656        PassRefPtr<StorageAreaImpl> copy();
  • trunk/Source/WebKit/chromium/ChangeLog

    r87525 r87597  
     12011-05-27  Jochen Eisinger  <jochen@chromium.org>
     2
     3        Reviewed by Adam Barth.
     4
     5        Check access policy on all storage operations
     6        https://bugs.webkit.org/show_bug.cgi?id=61581
     7
     8        * src/StorageAreaProxy.cpp:
     9        (WebCore::StorageAreaProxy::length):
     10        (WebCore::StorageAreaProxy::key):
     11        (WebCore::StorageAreaProxy::getItem):
     12        (WebCore::StorageAreaProxy::setItem):
     13        (WebCore::StorageAreaProxy::removeItem):
     14        (WebCore::StorageAreaProxy::clear):
     15        (WebCore::StorageAreaProxy::contains):
     16        (WebCore::StorageAreaProxy::canAccessStorage):
     17        * src/StorageAreaProxy.h:
     18        * src/WebStorageAreaImpl.cpp:
     19        (WebKit::WebStorageAreaImpl::length):
     20        (WebKit::WebStorageAreaImpl::key):
     21        (WebKit::WebStorageAreaImpl::getItem):
     22
    1232011-05-27  Jochen Eisinger  <jochen@chromium.org>
    224
  • trunk/Source/WebKit/chromium/src/StorageAreaProxy.cpp

    r87525 r87597  
    6464}
    6565
    66 unsigned StorageAreaProxy::length() const
     66unsigned StorageAreaProxy::length(Frame* frame) const
    6767{
    68     return m_storageArea->length();
     68    if (canAccessStorage(frame))
     69        return m_storageArea->length();
     70    return 0;
    6971}
    7072
    71 String StorageAreaProxy::key(unsigned index) const
     73String StorageAreaProxy::key(unsigned index, Frame* frame) const
    7274{
    73     return m_storageArea->key(index);
     75    if (canAccessStorage(frame))
     76        return m_storageArea->key(index);
     77    return String();
    7478}
    7579
    76 String StorageAreaProxy::getItem(const String& key) const
     80String StorageAreaProxy::getItem(const String& key, Frame* frame) const
    7781{
    78     return m_storageArea->getItem(key);
     82    if (canAccessStorage(frame))
     83        return m_storageArea->getItem(key);
     84    return String();
    7985}
    8086
     
    8389    WebKit::WebStorageArea::Result result = WebKit::WebStorageArea::ResultOK;
    8490    WebKit::WebString oldValue;
    85     WebKit::WebFrameImpl* webFrame = WebKit::WebFrameImpl::fromFrame(frame);
    86     WebKit::WebViewImpl* webView = webFrame->viewImpl();
    87     if (webView->permissionClient() && !webView->permissionClient()->allowStorage(webFrame, m_storageType == LocalStorage))
     91    if (!canAccessStorage(frame))
    8892        ec = QUOTA_EXCEEDED_ERR;
    8993    else {
     
    99103String StorageAreaProxy::removeItem(const String& key, Frame* frame)
    100104{
     105    if (!canAccessStorage(frame))
     106        return String();
    101107    WebKit::WebString oldValue;
    102108    m_storageArea->removeItem(key, frame->document()->url(), oldValue);
     
    108114bool StorageAreaProxy::clear(Frame* frame)
    109115{
     116    if (!canAccessStorage(frame))
     117        return false;
    110118    bool clearedSomething;
    111119    m_storageArea->clear(frame->document()->url(), clearedSomething);
     
    115123}
    116124
    117 bool StorageAreaProxy::contains(const String& key) const
     125bool StorageAreaProxy::contains(const String& key, Frame* frame) const
    118126{
    119     return !getItem(key).isNull();
     127    return !getItem(key, frame).isNull();
    120128}
    121129
     
    163171}
    164172
     173bool StorageAreaProxy::canAccessStorage(Frame* frame) const
     174{
     175    WebKit::WebFrameImpl* webFrame = WebKit::WebFrameImpl::fromFrame(frame);
     176    WebKit::WebViewImpl* webView = webFrame->viewImpl();
     177    return !webView->permissionClient() || webView->permissionClient()->allowStorage(webFrame, m_storageType == LocalStorage);
     178}
     179
    165180} // namespace WebCore
    166181
  • trunk/Source/WebKit/chromium/src/StorageAreaProxy.h

    r53710 r87597  
    4444
    4545    // The HTML5 DOM Storage API
    46     virtual unsigned length() const;
    47     virtual String key(unsigned index) const;
    48     virtual String getItem(const String& key) const;
     46    virtual unsigned length(Frame* sourceFrame) const;
     47    virtual String key(unsigned index, Frame* sourceFrame) const;
     48    virtual String getItem(const String& key, Frame* sourceFrame) const;
    4949    virtual String setItem(const String& key, const String& value, ExceptionCode& ec, Frame* sourceFrame);
    5050    virtual String removeItem(const String& key, Frame* sourceFrame);
    5151    virtual bool clear(Frame* sourceFrame);
    52     virtual bool contains(const String& key) const;
     52    virtual bool contains(const String& key, Frame* sourceFrame) const;
    5353
    5454private:
    5555    void storageEvent(const String& key, const String& oldValue, const String& newValue, StorageType, SecurityOrigin*, Frame* sourceFrame);
     56    bool canAccessStorage(Frame*) const;
    5657
    5758    OwnPtr<WebKit::WebStorageArea> m_storageArea;
  • trunk/Source/WebKit/chromium/src/WebStorageAreaImpl.cpp

    r87525 r87597  
    5454unsigned WebStorageAreaImpl::length()
    5555{
    56     return m_storageArea->length();
     56    return m_storageArea->length(0);
    5757}
    5858
    5959WebString WebStorageAreaImpl::key(unsigned index)
    6060{
    61     return m_storageArea->key(index);
     61    return m_storageArea->key(index, 0);
    6262}
    6363
    6464WebString WebStorageAreaImpl::getItem(const WebString& key)
    6565{
    66     return m_storageArea->getItem(key);
     66    return m_storageArea->getItem(key, 0);
    6767}
    6868
  • trunk/Tools/ChangeLog

    r87596 r87597  
     12011-05-27  Jochen Eisinger  <jochen@chromium.org>
     2
     3        Reviewed by Adam Barth.
     4
     5        Add layoutTestController.setStorageAllowed() to control whether access
     6        to the localStorage API is enabled via the WebPermissionClient
     7        https://bugs.webkit.org/show_bug.cgi?id=61581
     8
     9        * DumpRenderTree/chromium/LayoutTestController.cpp:
     10        (LayoutTestController::LayoutTestController):
     11        (LayoutTestController::setStorageAllowed):
     12        * DumpRenderTree/chromium/LayoutTestController.h:
     13        * DumpRenderTree/chromium/TestShell.cpp:
     14        (TestShell::TestShell):
     15        (TestShell::createNewWindow):
     16        * DumpRenderTree/chromium/TestShell.h:
     17        * DumpRenderTree/chromium/WebPermissions.h: Added.
     18        (WebPermissions::WebPermissions):
     19        (WebPermissions::allowStorage):
     20        (WebPermissions::setStorageAllowed):
     21        (WebPermissions::reset):
     22
    1232011-05-27  Dirk Pranke  <dpranke@chromium.org>
    224
  • trunk/Tools/DumpRenderTree/chromium/LayoutTestController.cpp

    r87423 r87597  
    4848#include "WebKit.h"
    4949#include "WebNotificationPresenter.h"
     50#include "WebPermissions.h"
    5051#include "WebScriptSource.h"
    5152#include "WebSecurityPolicy.h"
     
    215216    bindMethod("observeStorageTrackerNotifications", &LayoutTestController::observeStorageTrackerNotifications);
    216217    bindMethod("syncLocalStorage", &LayoutTestController::syncLocalStorage);
     218    bindMethod("setStorageAllowed", &LayoutTestController::setStorageAllowed);
    217219   
    218220    // The fallback method is called when an unknown method is invoked.
     
    18211823}
    18221824
     1825void LayoutTestController::setStorageAllowed(const CppArgumentList& arguments, CppVariant* result)
     1826{
     1827    if (arguments.size() > 0 && arguments[0].isBool())
     1828        m_shell->webPermissions()->setStorageAllowed(arguments[0].toBoolean());
     1829    result->setNull();
     1830}
     1831
    18231832void LayoutTestController::setPluginsEnabled(const CppArgumentList& arguments, CppVariant* result)
    18241833{
  • trunk/Tools/DumpRenderTree/chromium/LayoutTestController.h

    r87423 r87597  
    370370    void observeStorageTrackerNotifications(const CppArgumentList&, CppVariant*);
    371371    void syncLocalStorage(const CppArgumentList&, CppVariant*);
     372    void setStorageAllowed(const CppArgumentList&, CppVariant*);
    372373
    373374    // Enable or disable plugins.
  • trunk/Tools/DumpRenderTree/chromium/TestShell.cpp

    r86930 r87597  
    4141#include "WebHistoryItem.h"
    4242#include "WebKit.h"
     43#include "WebPermissions.h"
    4344#include "WebRuntimeFeatures.h"
    4445#include "WebScriptController.h"
     
    114115    WebRuntimeFeatures::enableFileSystem(true);
    115116    WebRuntimeFeatures::enableJavaScriptI18NAPI(true);
     117    m_webPermissions = adoptPtr(new WebPermissions());
    116118    m_accessibilityController = adoptPtr(new AccessibilityController(this));
    117119    m_layoutTestController = adoptPtr(new LayoutTestController(this));
     
    243245{
    244246    resetWebSettings(*webView());
     247    m_webPermissions->reset();
    245248    m_accessibilityController->reset();
    246249    m_layoutTestController->reset();
     
    597600    WebViewHost* host = new WebViewHost(this);
    598601    WebView* view = WebView::create(host);
     602    view->setPermissionClient(webPermissions());
    599603    view->setDevToolsAgentClient(devToolsAgent);
    600604    host->setWebWidget(view);
  • trunk/Tools/DumpRenderTree/chromium/TestShell.h

    r86930 r87597  
    5959class DRTDevToolsCallArgs;
    6060class DRTDevToolsClient;
     61class WebPermissions;
    6162
    6263struct TestParams {
     
    9798    void applyPreferences() { m_prefs.applyTo(m_webView); }
    9899
     100    WebPermissions* webPermissions() { return m_webPermissions.get(); }
     101
    99102    void bindJSObjectsToWindow(WebKit::WebFrame*);
    100103    void runFileTest(const TestParams&);
     
    192195    WebViewHost* m_webViewHost;
    193196    WebViewHost* m_devTools;
     197    OwnPtr<WebPermissions> m_webPermissions;
    194198    OwnPtr<DRTDevToolsAgent> m_drtDevToolsAgent;
    195199    OwnPtr<DRTDevToolsClient> m_drtDevToolsClient;
Note: See TracChangeset for help on using the changeset viewer.