Title: [100169] trunk/Source/WebCore
- Revision
- 100169
- Author
- [email protected]
- Date
- 2011-11-14 11:33:02 -0800 (Mon, 14 Nov 2011)
Log Message
SecurityOrigin inheritance should depend on document URL, not on "emptiness" of the SecurityOrigin
https://bugs.webkit.org/show_bug.cgi?id=72283
Reviewed by Sam Weinig.
This change aligns our implementation more closely with the spec. I
don't think this change has an observable effects, but it moves us
closer to removing the concept of an empty security origin.
* dom/Document.cpp:
(WebCore::shouldInheritSecurityOriginFromOwner):
(WebCore::Document::initSecurityContext):
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (100168 => 100169)
--- trunk/Source/WebCore/ChangeLog 2011-11-14 19:26:41 UTC (rev 100168)
+++ trunk/Source/WebCore/ChangeLog 2011-11-14 19:33:02 UTC (rev 100169)
@@ -1,3 +1,18 @@
+2011-11-14 Adam Barth <[email protected]>
+
+ SecurityOrigin inheritance should depend on document URL, not on "emptiness" of the SecurityOrigin
+ https://bugs.webkit.org/show_bug.cgi?id=72283
+
+ Reviewed by Sam Weinig.
+
+ This change aligns our implementation more closely with the spec. I
+ don't think this change has an observable effects, but it moves us
+ closer to removing the concept of an empty security origin.
+
+ * dom/Document.cpp:
+ (WebCore::shouldInheritSecurityOriginFromOwner):
+ (WebCore::Document::initSecurityContext):
+
2011-11-14 Erik Arvidsson <[email protected]>
Remove getParameter from HTMLAnchorElement and Location
Modified: trunk/Source/WebCore/dom/Document.cpp (100168 => 100169)
--- trunk/Source/WebCore/dom/Document.cpp 2011-11-14 19:26:41 UTC (rev 100168)
+++ trunk/Source/WebCore/dom/Document.cpp 2011-11-14 19:33:02 UTC (rev 100169)
@@ -286,6 +286,19 @@
return true;
}
+static bool shouldInheritSecurityOriginFromOwner(const KURL& url)
+{
+ // http://www.whatwg.org/specs/web-apps/current-work/#origin-0
+ //
+ // If a Document has the address "about:blank"
+ // The origin of the Document is the origin it was assigned when its browsing context was created.
+ //
+ // Note: We generalize this to all "about" URLs and invald URLs because we
+ // treat all of these URLs as about:blank.
+ //
+ return !url.isValid() || url.protocolIs("about");
+}
+
static Widget* widgetForNode(Node* focusedNode)
{
if (!focusedNode)
@@ -4442,7 +4455,7 @@
}
}
- if (!securityOrigin()->isEmpty())
+ if (!shouldInheritSecurityOriginFromOwner(m_url))
return;
// If we do not obtain a meaningful origin from the URL, then we try to
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes
