Title: [91306] trunk
- Revision
- 91306
- Author
- [email protected]
- Date
- 2011-07-19 14:56:38 -0700 (Tue, 19 Jul 2011)
Log Message
Sending a `Ping-From` header for cross-origin pings from non-HTTPS documents.
https://bugs.webkit.org/show_bug.cgi?id=64789
Also a drive-by cleanup of whitespace.
Patch by Mike West <[email protected]> on 2011-07-19
Reviewed by Nate Chapin.
Source/WebCore:
* loader/PingLoader.cpp:
(WebCore::PingLoader::loadImage):
(WebCore::PingLoader::sendPing):
LayoutTests:
* http/tests/navigation/ping-cross-origin-expected.txt:
Modified Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (91305 => 91306)
--- trunk/LayoutTests/ChangeLog 2011-07-19 21:51:34 UTC (rev 91305)
+++ trunk/LayoutTests/ChangeLog 2011-07-19 21:56:38 UTC (rev 91306)
@@ -1,3 +1,14 @@
+2011-07-19 Mike West <[email protected]>
+
+ Sending a `Ping-From` header for cross-origin pings from non-HTTPS documents.
+ https://bugs.webkit.org/show_bug.cgi?id=64789
+
+ Also a drive-by cleanup of whitespace.
+
+ Reviewed by Nate Chapin.
+
+ * http/tests/navigation/ping-cross-origin-expected.txt:
+
2011-07-19 Gavin Barraclough <[email protected]>
https://bugs.webkit.org/show_bug.cgi?id=64809
Modified: trunk/LayoutTests/http/tests/navigation/ping-cross-origin-expected.txt (91305 => 91306)
--- trunk/LayoutTests/http/tests/navigation/ping-cross-origin-expected.txt 2011-07-19 21:51:34 UTC (rev 91305)
+++ trunk/LayoutTests/http/tests/navigation/ping-cross-origin-expected.txt 2011-07-19 21:56:38 UTC (rev 91306)
@@ -1,5 +1,6 @@
Ping sent successfully
CONTENT_TYPE: text/ping
+HTTP_PING_FROM: http://127.0.0.1:8000/navigation/ping-cross-origin.html
HTTP_PING_TO: http://127.0.0.1:8000/navigation/resources/check-ping.php
HTTP_REFERER: http://127.0.0.1:8000/navigation/ping-cross-origin.html
REQUEST_METHOD: POST
Modified: trunk/Source/WebCore/ChangeLog (91305 => 91306)
--- trunk/Source/WebCore/ChangeLog 2011-07-19 21:51:34 UTC (rev 91305)
+++ trunk/Source/WebCore/ChangeLog 2011-07-19 21:56:38 UTC (rev 91306)
@@ -1,3 +1,16 @@
+2011-07-19 Mike West <[email protected]>
+
+ Sending a `Ping-From` header for cross-origin pings from non-HTTPS documents.
+ https://bugs.webkit.org/show_bug.cgi?id=64789
+
+ Also a drive-by cleanup of whitespace.
+
+ Reviewed by Nate Chapin.
+
+ * loader/PingLoader.cpp:
+ (WebCore::PingLoader::loadImage):
+ (WebCore::PingLoader::sendPing):
+
2011-07-15 Luke Zarko <[email protected]>
Bring V8's SerializedScriptValue implementation up to date.
Modified: trunk/Source/WebCore/loader/PingLoader.cpp (91305 => 91306)
--- trunk/Source/WebCore/loader/PingLoader.cpp 2011-07-19 21:51:34 UTC (rev 91305)
+++ trunk/Source/WebCore/loader/PingLoader.cpp 2011-07-19 21:56:38 UTC (rev 91306)
@@ -61,7 +61,7 @@
request.setHTTPReferrer(frame->loader()->outgoingReferrer());
frame->loader()->addExtraFieldsToSubresourceRequest(request);
OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request));
-
+
// Leak the ping loader, since it will kill itself as soon as it receives a response.
PingLoader* leakedPingLoader = pingLoader.leakPtr();
UNUSED_PARAM(leakedPingLoader);
@@ -82,12 +82,13 @@
RefPtr<SecurityOrigin> pingOrigin = SecurityOrigin::create(pingURL);
FrameLoader::addHTTPOriginIfNeeded(request, sourceOrigin->toString());
request.setHTTPHeaderField("Ping-To", destinationURL);
- if (sourceOrigin->isSameSchemeHostPort(pingOrigin.get()))
- request.setHTTPHeaderField("Ping-From", frame->document()->url());
- else if (!SecurityOrigin::shouldHideReferrer(pingURL, frame->loader()->outgoingReferrer()))
+ if (!SecurityOrigin::shouldHideReferrer(pingURL, frame->loader()->outgoingReferrer())) {
+ request.setHTTPHeaderField("Ping-From", frame->document()->url());
+ if (!sourceOrigin->isSameSchemeHostPort(pingOrigin.get()))
request.setHTTPReferrer(frame->loader()->outgoingReferrer());
+ }
OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request));
-
+
// Leak the ping loader, since it will kill itself as soon as it receives a response.
PingLoader* leakedPingLoader = pingLoader.leakPtr();
UNUSED_PARAM(leakedPingLoader);
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes
