Diff
Modified: trunk/Source/WebCore/CMakeLists.txt (99463 => 99464)
--- trunk/Source/WebCore/CMakeLists.txt 2011-11-07 20:50:13 UTC (rev 99463)
+++ trunk/Source/WebCore/CMakeLists.txt 2011-11-07 21:01:14 UTC (rev 99464)
@@ -579,6 +579,7 @@
dom/ScriptElement.cpp
dom/ScriptExecutionContext.cpp
dom/ScriptRunner.cpp
+ dom/SecurityContext.cpp
dom/SelectorQuery.cpp
dom/ShadowContentElement.cpp
dom/ShadowInclusionSelector.cpp
Modified: trunk/Source/WebCore/ChangeLog (99463 => 99464)
--- trunk/Source/WebCore/ChangeLog 2011-11-07 20:50:13 UTC (rev 99463)
+++ trunk/Source/WebCore/ChangeLog 2011-11-07 21:01:14 UTC (rev 99464)
@@ -1,3 +1,31 @@
+2011-11-07 Adam Barth <[email protected]>
+
+ Factor SecurityContext out of ScriptExecutionContext
+ https://bugs.webkit.org/show_bug.cgi?id=71721
+
+ Reviewed by Eric Seidel.
+
+ The new SecurityContext object lets us tightly scope control of
+ the security-critical information in ScriptExecutionContext.
+ Originally I had hoped to put all this state on SecurityOrigin, but
+ SecurityOrigin gets shared between documents in some corner cases, so
+ it's not a good fit for state like the sandbox flags and the CSP policy
+ that really needs to be per-document.
+
+ * CMakeLists.txt:
+ * GNUmakefile.list.am:
+ * Target.pri:
+ * WebCore.gypi:
+ * WebCore.vcproj/WebCore.vcproj:
+ * WebCore.xcodeproj/project.pbxproj:
+ * dom/DOMAllInOne.cpp:
+ * dom/ScriptExecutionContext.cpp:
+ (WebCore::ScriptExecutionContext::ScriptExecutionContext):
+ * dom/ScriptExecutionContext.h:
+ * loader/FrameLoader.h:
+ * loader/FrameLoaderTypes.h:
+ * page/SecurityOrigin.h:
+
2011-11-07 Kentaro Hara <[email protected]>
Refactor CodeGeneratorV8.pm before making a core change for bug 71093.
Modified: trunk/Source/WebCore/GNUmakefile.list.am (99463 => 99464)
--- trunk/Source/WebCore/GNUmakefile.list.am 2011-11-07 20:50:13 UTC (rev 99463)
+++ trunk/Source/WebCore/GNUmakefile.list.am 2011-11-07 21:01:14 UTC (rev 99464)
@@ -1330,6 +1330,8 @@
Source/WebCore/dom/ScriptExecutionContext.h \
Source/WebCore/dom/ScriptRunner.cpp \
Source/WebCore/dom/ScriptRunner.h \
+ Source/WebCore/dom/SecurityContext.cpp \
+ Source/WebCore/dom/SecurityContext.h \
Source/WebCore/dom/SelectorQuery.cpp \
Source/WebCore/dom/SelectorQuery.h \
Source/WebCore/dom/ShadowContentElement.cpp \
Modified: trunk/Source/WebCore/Target.pri (99463 => 99464)
--- trunk/Source/WebCore/Target.pri 2011-11-07 20:50:13 UTC (rev 99463)
+++ trunk/Source/WebCore/Target.pri 2011-11-07 21:01:14 UTC (rev 99464)
@@ -562,6 +562,7 @@
dom/ScriptElement.cpp \
dom/ScriptExecutionContext.cpp \
dom/ScriptRunner.cpp \
+ dom/SecurityContext.cpp \
dom/SelectorQuery.cpp \
dom/ShadowContentElement.cpp \
dom/ShadowInclusionSelector.cpp \
Modified: trunk/Source/WebCore/WebCore.gypi (99463 => 99464)
--- trunk/Source/WebCore/WebCore.gypi 2011-11-07 20:50:13 UTC (rev 99463)
+++ trunk/Source/WebCore/WebCore.gypi 2011-11-07 21:01:14 UTC (rev 99464)
@@ -5316,6 +5316,8 @@
'dom/ScriptableDocumentParser.h',
'dom/ScriptedAnimationController.cpp',
'dom/ScriptedAnimationController.h',
+ 'dom/SecurityContext.cpp',
+ 'dom/SecurityContext.h',
'dom/SelectorQuery.cpp',
'dom/SelectorQuery.h',
'dom/ShadowContentElement.cpp',
Modified: trunk/Source/WebCore/WebCore.vcproj/WebCore.vcproj (99463 => 99464)
--- trunk/Source/WebCore/WebCore.vcproj/WebCore.vcproj 2011-11-07 20:50:13 UTC (rev 99463)
+++ trunk/Source/WebCore/WebCore.vcproj/WebCore.vcproj 2011-11-07 21:01:14 UTC (rev 99464)
@@ -47962,6 +47962,62 @@
>
</File>
<File
+ RelativePath="..\dom\SecurityContext.cpp"
+ >
+ <FileConfiguration
+ Name="Debug|Win32"
+ ExcludedFromBuild="true"
+ >
+ <Tool
+ Name="VCCLCompilerTool"
+ />
+ </FileConfiguration>
+ <FileConfiguration
+ Name="Release|Win32"
+ ExcludedFromBuild="true"
+ >
+ <Tool
+ Name="VCCLCompilerTool"
+ />
+ </FileConfiguration>
+ <FileConfiguration
+ Name="Debug_Cairo_CFLite|Win32"
+ ExcludedFromBuild="true"
+ >
+ <Tool
+ Name="VCCLCompilerTool"
+ />
+ </FileConfiguration>
+ <FileConfiguration
+ Name="Release_Cairo_CFLite|Win32"
+ ExcludedFromBuild="true"
+ >
+ <Tool
+ Name="VCCLCompilerTool"
+ />
+ </FileConfiguration>
+ <FileConfiguration
+ Name="Debug_All|Win32"
+ ExcludedFromBuild="true"
+ >
+ <Tool
+ Name="VCCLCompilerTool"
+ />
+ </FileConfiguration>
+ <FileConfiguration
+ Name="Production|Win32"
+ ExcludedFromBuild="true"
+ >
+ <Tool
+ Name="VCCLCompilerTool"
+ />
+ </FileConfiguration>
+ </File>
+ <File
+ RelativePath="..\dom\SecurityContext.h"
+ >
+ </File>
+ <File
RelativePath="..\dom\SelectorQuery.cpp"
>
<FileConfiguration
Modified: trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj (99463 => 99464)
--- trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj 2011-11-07 20:50:13 UTC (rev 99463)
+++ trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj 2011-11-07 21:01:14 UTC (rev 99464)
@@ -3247,6 +3247,8 @@
976D6C93122B8A3D001FD1F7 /* AsyncFileWriterClient.h in Headers */ = {isa = PBXBuildFile; fileRef = 976D6C74122B8A3D001FD1F7 /* AsyncFileWriterClient.h */; };
976D6C94122B8A3D001FD1F7 /* ThreadableBlobRegistry.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 976D6C75122B8A3D001FD1F7 /* ThreadableBlobRegistry.cpp */; };
976D6C95122B8A3D001FD1F7 /* ThreadableBlobRegistry.h in Headers */ = {isa = PBXBuildFile; fileRef = 976D6C76122B8A3D001FD1F7 /* ThreadableBlobRegistry.h */; };
+ 976F36EA14686225005E93B4 /* SecurityContext.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 976F36E814686225005E93B4 /* SecurityContext.cpp */; };
+ 976F36EB14686225005E93B4 /* SecurityContext.h in Headers */ = {isa = PBXBuildFile; fileRef = 976F36E914686225005E93B4 /* SecurityContext.h */; settings = {ATTRIBUTES = (Private, ); }; };
977B37231228721700B81FF8 /* HTMLElementStack.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 977B371F1228721700B81FF8 /* HTMLElementStack.cpp */; };
977B37241228721700B81FF8 /* HTMLElementStack.h in Headers */ = {isa = PBXBuildFile; fileRef = 977B37201228721700B81FF8 /* HTMLElementStack.h */; };
977B37251228721700B81FF8 /* HTMLTreeBuilder.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 977B37211228721700B81FF8 /* HTMLTreeBuilder.cpp */; };
@@ -10411,6 +10413,8 @@
976D6C74122B8A3D001FD1F7 /* AsyncFileWriterClient.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AsyncFileWriterClient.h; path = fileapi/AsyncFileWriterClient.h; sourceTree = "<group>"; };
976D6C75122B8A3D001FD1F7 /* ThreadableBlobRegistry.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = ThreadableBlobRegistry.cpp; path = fileapi/ThreadableBlobRegistry.cpp; sourceTree = "<group>"; };
976D6C76122B8A3D001FD1F7 /* ThreadableBlobRegistry.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ThreadableBlobRegistry.h; path = fileapi/ThreadableBlobRegistry.h; sourceTree = "<group>"; };
+ 976F36E814686225005E93B4 /* SecurityContext.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = SecurityContext.cpp; sourceTree = "<group>"; };
+ 976F36E914686225005E93B4 /* SecurityContext.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SecurityContext.h; sourceTree = "<group>"; };
977B371F1228721700B81FF8 /* HTMLElementStack.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = HTMLElementStack.cpp; path = parser/HTMLElementStack.cpp; sourceTree = "<group>"; };
977B37201228721700B81FF8 /* HTMLElementStack.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = HTMLElementStack.h; path = parser/HTMLElementStack.h; sourceTree = "<group>"; };
977B37211228721700B81FF8 /* HTMLTreeBuilder.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = HTMLTreeBuilder.cpp; path = parser/HTMLTreeBuilder.cpp; sourceTree = "<group>"; };
@@ -21204,6 +21208,8 @@
E11C9D9A0EB3681200E409DB /* ScriptExecutionContext.h */,
8A413ADF1207BBA50082016E /* ScriptRunner.cpp */,
8A413ADE1207BBA50082016E /* ScriptRunner.h */,
+ 976F36E814686225005E93B4 /* SecurityContext.cpp */,
+ 976F36E914686225005E93B4 /* SecurityContext.h */,
E45322A9140CE267005A0F92 /* SelectorQuery.cpp */,
E45322AA140CE267005A0F92 /* SelectorQuery.h */,
A766CF8B13810E0C0011A0B3 /* ShadowContentElement.cpp */,
@@ -24617,6 +24623,7 @@
2D8FEBDD143E3EF70072502B /* CSSCrossfadeValue.h in Headers */,
3169379C14609C6C00C01362 /* DragSession.h in Headers */,
CAE9F910146441F000C245B0 /* CSSAspectRatioValue.h in Headers */,
+ 976F36EB14686225005E93B4 /* SecurityContext.h in Headers */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@@ -27473,6 +27480,7 @@
CDEA763014608A53008B31F1 /* PlatformClockCA.cpp in Sources */,
CDEA76341460B56F008B31F1 /* PlatformClockPOSIX.cpp in Sources */,
CDEA76351460B71A008B31F1 /* Clock.cpp in Sources */,
+ 976F36EA14686225005E93B4 /* SecurityContext.cpp in Sources */,
);
runOnlyForDeploymentPostprocessing = 0;
};
Modified: trunk/Source/WebCore/dom/DOMAllInOne.cpp (99463 => 99464)
--- trunk/Source/WebCore/dom/DOMAllInOne.cpp 2011-11-07 20:50:13 UTC (rev 99463)
+++ trunk/Source/WebCore/dom/DOMAllInOne.cpp 2011-11-07 21:01:14 UTC (rev 99464)
@@ -110,6 +110,7 @@
#include "ScriptExecutionContext.cpp"
#include "ScriptRunner.cpp"
#include "ScriptableDocumentParser.cpp"
+#include "SecurityContext.cpp"
#include "SelectorQuery.cpp"
#include "ShadowContentElement.cpp"
#include "ShadowInclusionSelector.cpp"
Modified: trunk/Source/WebCore/dom/ScriptExecutionContext.cpp (99463 => 99464)
--- trunk/Source/WebCore/dom/ScriptExecutionContext.cpp 2011-11-07 20:50:13 UTC (rev 99463)
+++ trunk/Source/WebCore/dom/ScriptExecutionContext.cpp 2011-11-07 21:01:14 UTC (rev 99464)
@@ -89,8 +89,7 @@
}
ScriptExecutionContext::ScriptExecutionContext()
- : m_sandboxFlags(SandboxNone)
- , m_iteratingActiveDOMObjects(false)
+ : m_iteratingActiveDOMObjects(false)
, m_inDestructor(false)
, m_inDispatchErrorEvent(false)
#if ENABLE(SQL_DATABASE)
@@ -294,16 +293,6 @@
}
}
-void ScriptExecutionContext::setSecurityOrigin(PassRefPtr<SecurityOrigin> securityOrigin)
-{
- m_securityOrigin = securityOrigin;
-}
-
-void ScriptExecutionContext::setContentSecurityPolicy(PassRefPtr<ContentSecurityPolicy> contentSecurityPolicy)
-{
- m_contentSecurityPolicy = contentSecurityPolicy;
-}
-
bool ScriptExecutionContext::sanitizeScriptError(String& errorMessage, int& lineNumber, String& sourceURL)
{
KURL targetURL = completeURL(sourceURL);
Modified: trunk/Source/WebCore/dom/ScriptExecutionContext.h (99463 => 99464)
--- trunk/Source/WebCore/dom/ScriptExecutionContext.h 2011-11-07 20:50:13 UTC (rev 99463)
+++ trunk/Source/WebCore/dom/ScriptExecutionContext.h 2011-11-07 21:01:14 UTC (rev 99464)
@@ -29,16 +29,14 @@
#include "ActiveDOMObject.h"
#include "ConsoleTypes.h"
-#include "FrameLoaderTypes.h"
#include "KURL.h"
+#include "SecurityContext.h"
#include <wtf/Forward.h>
#include <wtf/HashMap.h>
#include <wtf/HashSet.h>
#include <wtf/Noncopyable.h>
#include <wtf/OwnPtr.h>
#include <wtf/PassOwnPtr.h>
-#include <wtf/PassRefPtr.h>
-#include <wtf/RefPtr.h>
#include <wtf/Threading.h>
#include <wtf/text/StringHash.h>
@@ -48,14 +46,12 @@
namespace WebCore {
-class ContentSecurityPolicy;
class DOMTimer;
class EventListener;
class EventQueue;
class EventTarget;
class MessagePort;
class ScriptCallStack;
-class SecurityOrigin;
#if ENABLE(SQL_DATABASE)
class Database;
@@ -67,7 +63,7 @@
class FileThread;
#endif
-class ScriptExecutionContext {
+class ScriptExecutionContext : public SecurityContext {
public:
ScriptExecutionContext();
virtual ~ScriptExecutionContext();
@@ -94,13 +90,6 @@
virtual void disableEval() = 0;
- SecurityOrigin* securityOrigin() const { return m_securityOrigin.get(); }
- SandboxFlags sandboxFlags() const { return m_sandboxFlags; }
- ContentSecurityPolicy* contentSecurityPolicy() { return m_contentSecurityPolicy.get(); }
-
- void enforceSandboxFlags(SandboxFlags mask) { m_sandboxFlags |= mask; }
- bool isSandboxed(SandboxFlags mask) const { return m_sandboxFlags & mask; }
-
bool sanitizeScriptError(String& errorMessage, int& lineNumber, String& sourceURL);
void reportException(const String& errorMessage, int lineNumber, const String& sourceURL, PassRefPtr<ScriptCallStack>);
virtual void addMessage(MessageSource, MessageType, MessageLevel, const String& message, unsigned lineNumber, const String& sourceURL, PassRefPtr<ScriptCallStack>) = 0;
@@ -189,13 +178,6 @@
String m_message;
};
- // Explicitly override the security origin for this script context.
- // Note: It is dangerous to change the security origin of a script context
- // that already contains content.
- void setSecurityOrigin(PassRefPtr<SecurityOrigin>);
-
- void setContentSecurityPolicy(PassRefPtr<ContentSecurityPolicy>);
-
private:
virtual const KURL& virtualURL() const = 0;
virtual KURL virtualCompleteURL(const String&) const = 0;
@@ -206,10 +188,6 @@
void closeMessagePorts();
- SandboxFlags m_sandboxFlags;
- RefPtr<SecurityOrigin> m_securityOrigin;
- RefPtr<ContentSecurityPolicy> m_contentSecurityPolicy;
-
HashSet<MessagePort*> m_messagePorts;
HashSet<ContextDestructionObserver*> m_destructionObservers;
HashMap<ActiveDOMObject*, void*> m_activeDOMObjects;
Added: trunk/Source/WebCore/dom/SecurityContext.cpp (0 => 99464)
--- trunk/Source/WebCore/dom/SecurityContext.cpp (rev 0)
+++ trunk/Source/WebCore/dom/SecurityContext.cpp 2011-11-07 21:01:14 UTC (rev 99464)
@@ -0,0 +1,54 @@
+/*
+ * Copyright (C) 2011 Google Inc. All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY GOOGLE, INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "config.h"
+#include "SecurityContext.h"
+
+#include "ContentSecurityPolicy.h"
+#include "SecurityOrigin.h"
+
+namespace WebCore {
+
+SecurityContext::SecurityContext()
+ : m_sandboxFlags(SandboxNone)
+{
+}
+
+SecurityContext::~SecurityContext()
+{
+}
+
+void SecurityContext::setSecurityOrigin(PassRefPtr<SecurityOrigin> securityOrigin)
+{
+ m_securityOrigin = securityOrigin;
+}
+
+void SecurityContext::setContentSecurityPolicy(PassRefPtr<ContentSecurityPolicy> contentSecurityPolicy)
+{
+ m_contentSecurityPolicy = contentSecurityPolicy;
+}
+
+}
Added: trunk/Source/WebCore/dom/SecurityContext.h (0 => 99464)
--- trunk/Source/WebCore/dom/SecurityContext.h (rev 0)
+++ trunk/Source/WebCore/dom/SecurityContext.h 2011-11-07 21:01:14 UTC (rev 99464)
@@ -0,0 +1,79 @@
+/*
+ * Copyright (C) 2011 Google Inc. All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY GOOGLE, INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE COMPUTER, INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef SecurityContext_h
+#define SecurityContext_h
+
+#include <wtf/PassRefPtr.h>
+#include <wtf/RefPtr.h>
+
+namespace WebCore {
+
+class SecurityOrigin;
+class ContentSecurityPolicy;
+
+enum SandboxFlag {
+ SandboxNone = 0,
+ SandboxNavigation = 1,
+ SandboxPlugins = 1 << 1,
+ SandboxOrigin = 1 << 2,
+ SandboxForms = 1 << 3,
+ SandboxScripts = 1 << 4,
+ SandboxTopNavigation = 1 << 5,
+ SandboxPopups = 1 << 6,
+ SandboxAll = -1 // Mask with all bits set to 1.
+};
+
+typedef int SandboxFlags;
+
+class SecurityContext {
+public:
+ SecurityOrigin* securityOrigin() const { return m_securityOrigin.get(); }
+ SandboxFlags sandboxFlags() const { return m_sandboxFlags; }
+ ContentSecurityPolicy* contentSecurityPolicy() { return m_contentSecurityPolicy.get(); }
+
+ void enforceSandboxFlags(SandboxFlags mask) { m_sandboxFlags |= mask; }
+ bool isSandboxed(SandboxFlags mask) const { return m_sandboxFlags & mask; }
+
+protected:
+ SecurityContext();
+ ~SecurityContext();
+
+ // Explicitly override the security origin for this security context.
+ // Note: It is dangerous to change the security origin of a script context
+ // that already contains content.
+ void setSecurityOrigin(PassRefPtr<SecurityOrigin>);
+ void setContentSecurityPolicy(PassRefPtr<ContentSecurityPolicy>);
+
+private:
+ SandboxFlags m_sandboxFlags;
+ RefPtr<SecurityOrigin> m_securityOrigin;
+ RefPtr<ContentSecurityPolicy> m_contentSecurityPolicy;
+};
+
+} // namespace WebCore
+
+#endif // SecurityContext_h
Modified: trunk/Source/WebCore/loader/FrameLoader.h (99463 => 99464)
--- trunk/Source/WebCore/loader/FrameLoader.h 2011-11-07 20:50:13 UTC (rev 99463)
+++ trunk/Source/WebCore/loader/FrameLoader.h 2011-11-07 21:01:14 UTC (rev 99464)
@@ -41,6 +41,7 @@
#include "PolicyChecker.h"
#include "ResourceHandle.h"
#include "ResourceLoadNotifier.h"
+#include "SecurityContext.h"
#include "SubframeLoader.h"
#include "Timer.h"
#include <wtf/Forward.h>
Modified: trunk/Source/WebCore/loader/FrameLoaderTypes.h (99463 => 99464)
--- trunk/Source/WebCore/loader/FrameLoaderTypes.h 2011-11-07 20:50:13 UTC (rev 99463)
+++ trunk/Source/WebCore/loader/FrameLoaderTypes.h 2011-11-07 21:01:14 UTC (rev 99464)
@@ -92,18 +92,6 @@
NoReferrer
};
- enum SandboxFlag {
- SandboxNone = 0,
- SandboxNavigation = 1,
- SandboxPlugins = 1 << 1,
- SandboxOrigin = 1 << 2,
- SandboxForms = 1 << 3,
- SandboxScripts = 1 << 4,
- SandboxTopNavigation = 1 << 5,
- SandboxPopups = 1 << 6,
- SandboxAll = -1 // Mask with all bits set to 1.
- };
-
// Passed to FrameLoader::urlSelected() and ScriptController::executeIfJavaScriptURL()
// to control whether, in the case of a _javascript_ URL, executeIfJavaScriptURL() should
// replace the document. It is a FIXME to eliminate this extra parameter from
@@ -118,7 +106,6 @@
NotAboutToInstantiatePlugin
};
- typedef int SandboxFlags;
}
#endif
Modified: trunk/Source/WebCore/page/SecurityOrigin.h (99463 => 99464)
--- trunk/Source/WebCore/page/SecurityOrigin.h 2011-11-07 20:50:13 UTC (rev 99463)
+++ trunk/Source/WebCore/page/SecurityOrigin.h 2011-11-07 21:01:14 UTC (rev 99464)
@@ -29,8 +29,8 @@
#ifndef SecurityOrigin_h
#define SecurityOrigin_h
-#include "FrameLoaderTypes.h"
#include "PlatformString.h"
+#include "SecurityContext.h" // FIXME: Remove once parseSandboxPolicy moves to SecurityContext.
#include <wtf/ThreadSafeRefCounted.h>
namespace WebCore {
