Title: [100100] trunk/Source/WebCore
- Revision
- 100100
- Author
- [email protected]
- Date
- 2011-11-13 23:50:55 -0800 (Sun, 13 Nov 2011)
Log Message
Move isSecureTransitionTo from SecurityOrigin to SecurityContext
https://bugs.webkit.org/show_bug.cgi?id=72241
Reviewed by Eric Seidel.
This patch is a step towards breaking the patch for
https://bugs.webkit.org/show_bug.cgi?id=71745 up into tiny,
digestible pieces.
* dom/SecurityContext.cpp:
(WebCore::SecurityContext::isSecureTransitionTo):
* dom/SecurityContext.h:
* loader/DocumentWriter.cpp:
(WebCore::DocumentWriter::begin):
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::stopLoading):
* page/SecurityOrigin.cpp:
* page/SecurityOrigin.h:
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (100099 => 100100)
--- trunk/Source/WebCore/ChangeLog 2011-11-14 05:14:41 UTC (rev 100099)
+++ trunk/Source/WebCore/ChangeLog 2011-11-14 07:50:55 UTC (rev 100100)
@@ -1,3 +1,24 @@
+2011-11-13 Adam Barth <[email protected]>
+
+ Move isSecureTransitionTo from SecurityOrigin to SecurityContext
+ https://bugs.webkit.org/show_bug.cgi?id=72241
+
+ Reviewed by Eric Seidel.
+
+ This patch is a step towards breaking the patch for
+ https://bugs.webkit.org/show_bug.cgi?id=71745 up into tiny,
+ digestible pieces.
+
+ * dom/SecurityContext.cpp:
+ (WebCore::SecurityContext::isSecureTransitionTo):
+ * dom/SecurityContext.h:
+ * loader/DocumentWriter.cpp:
+ (WebCore::DocumentWriter::begin):
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::stopLoading):
+ * page/SecurityOrigin.cpp:
+ * page/SecurityOrigin.h:
+
2011-11-13 Nat Duca <[email protected]>
[chromium] LayerRendererChromium::initialize should fail when GaphicsContext3D::makeCurrent fails
Modified: trunk/Source/WebCore/dom/SecurityContext.cpp (100099 => 100100)
--- trunk/Source/WebCore/dom/SecurityContext.cpp 2011-11-14 05:14:41 UTC (rev 100099)
+++ trunk/Source/WebCore/dom/SecurityContext.cpp 2011-11-14 07:50:55 UTC (rev 100100)
@@ -52,6 +52,16 @@
m_contentSecurityPolicy = contentSecurityPolicy;
}
+bool SecurityContext::isSecureTransitionTo(const KURL& url) const
+{
+ // This origin represents a new window created by the application.
+ if (securityOrigin()->isEmpty())
+ return true;
+
+ RefPtr<SecurityOrigin> other = SecurityOrigin::create(url);
+ return securityOrigin()->canAccess(other.get());
+}
+
SandboxFlags SecurityContext::parseSandboxPolicy(const String& policy)
{
// http://www.w3.org/TR/html5/the-iframe-element.html#attr-iframe-sandbox
Modified: trunk/Source/WebCore/dom/SecurityContext.h (100099 => 100100)
--- trunk/Source/WebCore/dom/SecurityContext.h 2011-11-14 05:14:41 UTC (rev 100099)
+++ trunk/Source/WebCore/dom/SecurityContext.h 2011-11-14 07:50:55 UTC (rev 100100)
@@ -35,6 +35,7 @@
class SecurityOrigin;
class ContentSecurityPolicy;
+class KURL;
enum SandboxFlag {
SandboxNone = 0,
@@ -56,6 +57,8 @@
SandboxFlags sandboxFlags() const { return m_sandboxFlags; }
ContentSecurityPolicy* contentSecurityPolicy() { return m_contentSecurityPolicy.get(); }
+ bool isSecureTransitionTo(const KURL&) const;
+
void enforceSandboxFlags(SandboxFlags mask) { m_sandboxFlags |= mask; }
bool isSandboxed(SandboxFlags mask) const { return m_sandboxFlags & mask; }
Modified: trunk/Source/WebCore/loader/DocumentWriter.cpp (100099 => 100100)
--- trunk/Source/WebCore/loader/DocumentWriter.cpp 2011-11-14 05:14:41 UTC (rev 100099)
+++ trunk/Source/WebCore/loader/DocumentWriter.cpp 2011-11-14 07:50:55 UTC (rev 100100)
@@ -124,7 +124,7 @@
// FIXME: Do we need to consult the content security policy here about blocked plug-ins?
- bool resetScripting = !(m_frame->loader()->stateMachine()->isDisplayingInitialEmptyDocument() && m_frame->document()->securityOrigin()->isSecureTransitionTo(url));
+ bool resetScripting = !(m_frame->loader()->stateMachine()->isDisplayingInitialEmptyDocument() && m_frame->document()->isSecureTransitionTo(url));
m_frame->loader()->clear(resetScripting, resetScripting);
clear();
if (resetScripting)
Modified: trunk/Source/WebCore/loader/FrameLoader.cpp (100099 => 100100)
--- trunk/Source/WebCore/loader/FrameLoader.cpp 2011-11-14 05:14:41 UTC (rev 100099)
+++ trunk/Source/WebCore/loader/FrameLoader.cpp 2011-11-14 07:50:55 UTC (rev 100100)
@@ -394,7 +394,7 @@
if (m_frame->document() && !m_frame->document()->inPageCache()) {
// Don't remove event listeners from a transitional empty document (see bug 28716 for more information).
bool keepEventListeners = m_stateMachine.isDisplayingInitialEmptyDocument() && m_provisionalDocumentLoader
- && m_frame->document()->securityOrigin()->isSecureTransitionTo(m_provisionalDocumentLoader->url());
+ && m_frame->document()->isSecureTransitionTo(m_provisionalDocumentLoader->url());
if (!keepEventListeners)
m_frame->document()->removeAllEventListeners();
Modified: trunk/Source/WebCore/page/SecurityOrigin.cpp (100099 => 100100)
--- trunk/Source/WebCore/page/SecurityOrigin.cpp 2011-11-14 05:14:41 UTC (rev 100099)
+++ trunk/Source/WebCore/page/SecurityOrigin.cpp 2011-11-14 07:50:55 UTC (rev 100100)
@@ -345,16 +345,6 @@
return SchemeRegistry::shouldTreatURLSchemeAsLocal(m_protocol);
}
-bool SecurityOrigin::isSecureTransitionTo(const KURL& url) const
-{
- // This origin represents a new window created by the application.
- if (isEmpty())
- return true;
-
- RefPtr<SecurityOrigin> other = SecurityOrigin::create(url);
- return canAccess(other.get());
-}
-
String SecurityOrigin::toString() const
{
if (isUnique())
Modified: trunk/Source/WebCore/page/SecurityOrigin.h (100099 => 100100)
--- trunk/Source/WebCore/page/SecurityOrigin.h 2011-11-14 05:14:41 UTC (rev 100099)
+++ trunk/Source/WebCore/page/SecurityOrigin.h 2011-11-14 07:50:55 UTC (rev 100100)
@@ -121,8 +121,6 @@
// origins.
bool canAccessSessionStorage() const { return !isUnique(); }
- bool isSecureTransitionTo(const KURL&) const;
-
// The local SecurityOrigin is the most privileged SecurityOrigin.
// The local SecurityOrigin can script any document, navigate to local
// resources, and can set arbitrary headers on XMLHttpRequests.
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes
