Diff
Modified: trunk/Source/WebCore/ChangeLog (118396 => 118397)
--- trunk/Source/WebCore/ChangeLog 2012-05-24 18:35:10 UTC (rev 118396)
+++ trunk/Source/WebCore/ChangeLog 2012-05-24 18:42:58 UTC (rev 118397)
@@ -1,3 +1,17 @@
+2012-05-24 Alexey Proskuryakov <[email protected]>
+
+ [WK2] Let the client give local files universal access on a case by case basis
+ https://bugs.webkit.org/show_bug.cgi?id=87174
+ <rdar://problem/11024330>
+
+ Reviewed by Maciej Stachowiak.
+
+ * dom/Document.cpp: (WebCore::Document::initSecurityContext): When settings->allowUniversalAccessFromFileURLs()
+ is false, also try asking the client for an indulgence.
+
+ * loader/FrameLoaderClient.h: (WebCore::FrameLoaderClient::shouldForceUniversalAccessFromLocalURL):
+ Default implementation doesn't change anything.
+
2012-05-24 Tony Chang <[email protected]>
improve StyleRareNonInheritedData bit packing on Windows
Modified: trunk/Source/WebCore/dom/Document.cpp (118396 => 118397)
--- trunk/Source/WebCore/dom/Document.cpp 2012-05-24 18:35:10 UTC (rev 118396)
+++ trunk/Source/WebCore/dom/Document.cpp 2012-05-24 18:42:58 UTC (rev 118397)
@@ -4972,20 +4972,19 @@
if (Settings* settings = this->settings()) {
if (!settings->isWebSecurityEnabled()) {
- // Web security is turned off. We should let this document access every
- // other document. This is used primary by testing harnesses for web
- // sites.
+ // Web security is turned off. We should let this document access every other document. This is used primary by testing
+ // harnesses for web sites.
securityOrigin()->grantUniversalAccess();
- } else if (settings->allowUniversalAccessFromFileURLs() && securityOrigin()->isLocal()) {
- // Some clients want file:// URLs to have universal access, but that
- // setting is dangerous for other clients.
- securityOrigin()->grantUniversalAccess();
- } else if (!settings->allowFileAccessFromFileURLs() && securityOrigin()->isLocal()) {
- // Some clients want file:// URLs to have even tighter restrictions by
- // default, and not be able to access other local files.
- // FIXME 81578: The naming of this is confusing. Files with restricted access to other local files
- // still can have other privileges that can be remembered, thereby not making them unique origins.
- securityOrigin()->enforceFilePathSeparation();
+ } else if (securityOrigin()->isLocal()) {
+ if (settings->allowUniversalAccessFromFileURLs() || m_frame->loader()->client()->shouldForceUniversalAccessFromLocalURL(m_url)) {
+ // Some clients want local URLs to have universal access, but that setting is dangerous for other clients.
+ securityOrigin()->grantUniversalAccess();
+ } else if (!settings->allowFileAccessFromFileURLs()) {
+ // Some clients want local URLs to have even tighter restrictions by default, and not be able to access other local files.
+ // FIXME 81578: The naming of this is confusing. Files with restricted access to other local files
+ // still can have other privileges that can be remembered, thereby not making them unique origins.
+ securityOrigin()->enforceFilePathSeparation();
+ }
}
}
Modified: trunk/Source/WebCore/loader/FrameLoaderClient.h (118396 => 118397)
--- trunk/Source/WebCore/loader/FrameLoaderClient.h 2012-05-24 18:35:10 UTC (rev 118396)
+++ trunk/Source/WebCore/loader/FrameLoaderClient.h 2012-05-24 18:42:58 UTC (rev 118397)
@@ -322,6 +322,9 @@
// This callback is similar, but for plugins.
virtual void didNotAllowPlugins() { }
+ // Clients that generally disallow universal access can make exceptions for particular URLs.
+ virtual bool shouldForceUniversalAccessFromLocalURL(const KURL&) { return false; }
+
virtual PassRefPtr<FrameNetworkingContext> createNetworkingContext() = 0;
virtual bool shouldPaintBrokenImage(const KURL&) const { return true; }
Modified: trunk/Source/WebKit2/ChangeLog (118396 => 118397)
--- trunk/Source/WebKit2/ChangeLog 2012-05-24 18:35:10 UTC (rev 118396)
+++ trunk/Source/WebKit2/ChangeLog 2012-05-24 18:42:58 UTC (rev 118397)
@@ -1,3 +1,22 @@
+2012-05-24 Alexey Proskuryakov <[email protected]>
+
+ [WK2] Let the client give local files universal access on a case by case basis
+ https://bugs.webkit.org/show_bug.cgi?id=87174
+ <rdar://problem/11024330>
+
+ Reviewed by Maciej Stachowiak.
+
+ * WebProcess/InjectedBundle/API/c/WKBundlePage.h:
+ * WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.cpp:
+ (WebKit::InjectedBundlePageLoaderClient::shouldForceUniversalAccessFromLocalURL):
+ * WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.h:
+ * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
+ (WebKit::WebFrameLoaderClient::shouldForceUniversalAccessFromLocalURL):
+ * WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
+ * WebProcess/qt/QtBuiltinBundlePage.cpp:
+ (WebKit::QtBuiltinBundlePage::QtBuiltinBundlePage):
+ Added glue code to call bundle client.
+
2012-05-24 Alexander Færøy <[email protected]>
Reorder arguments to compare() in the QML WebView tests
Modified: trunk/Source/WebKit2/WebProcess/InjectedBundle/API/c/WKBundlePage.h (118396 => 118397)
--- trunk/Source/WebKit2/WebProcess/InjectedBundle/API/c/WKBundlePage.h 2012-05-24 18:35:10 UTC (rev 118396)
+++ trunk/Source/WebKit2/WebProcess/InjectedBundle/API/c/WKBundlePage.h 2012-05-24 18:42:58 UTC (rev 118397)
@@ -108,6 +108,7 @@
typedef void (*WKBundlePageWillDisconnectDOMWindowExtensionFromGlobalObjectCallback)(WKBundlePageRef page, WKBundleDOMWindowExtensionRef, const void* clientInfo);
typedef void (*WKBundlePageDidReconnectDOMWindowExtensionToGlobalObjectCallback)(WKBundlePageRef page, WKBundleDOMWindowExtensionRef, const void* clientInfo);
typedef void (*WKBundlePageWillDestroyGlobalObjectForDOMWindowExtensionCallback)(WKBundlePageRef page, WKBundleDOMWindowExtensionRef, const void* clientInfo);
+typedef bool (*WKBundlePageShouldForceUniversalAccessFromLocalURLCallback)(WKBundlePageRef, WKStringRef url, const void* clientInfo);
struct WKBundlePageLoaderClient {
int version;
@@ -145,6 +146,7 @@
// Version 2
WKBundlePageDidFinishProgressCallback didFinishProgress;
+ WKBundlePageShouldForceUniversalAccessFromLocalURLCallback shouldForceUniversalAccessFromLocalURL;
};
typedef struct WKBundlePageLoaderClient WKBundlePageLoaderClient;
Modified: trunk/Source/WebKit2/WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.cpp (118396 => 118397)
--- trunk/Source/WebKit2/WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.cpp 2012-05-24 18:35:10 UTC (rev 118396)
+++ trunk/Source/WebKit2/WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.cpp 2012-05-24 18:42:58 UTC (rev 118397)
@@ -296,4 +296,12 @@
m_client.willDestroyGlobalObjectForDOMWindowExtension(toAPI(page), toAPI(extension.get()), m_client.clientInfo);
}
+bool InjectedBundlePageLoaderClient::shouldForceUniversalAccessFromLocalURL(WebPage* page, const String& url)
+{
+ if (!m_client.shouldForceUniversalAccessFromLocalURL)
+ return false;
+
+ return m_client.shouldForceUniversalAccessFromLocalURL(toAPI(page), toAPI(url.impl()), m_client.clientInfo);
+}
+
} // namespace WebKit
Modified: trunk/Source/WebKit2/WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.h (118396 => 118397)
--- trunk/Source/WebKit2/WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.h 2012-05-24 18:35:10 UTC (rev 118396)
+++ trunk/Source/WebKit2/WebProcess/InjectedBundle/InjectedBundlePageLoaderClient.h 2012-05-24 18:42:58 UTC (rev 118397)
@@ -79,6 +79,8 @@
void willDisconnectDOMWindowExtensionFromGlobalObject(WebPage*, WebCore::DOMWindowExtension*);
void didReconnectDOMWindowExtensionToGlobalObject(WebPage*, WebCore::DOMWindowExtension*);
void willDestroyGlobalObjectForDOMWindowExtension(WebPage*, WebCore::DOMWindowExtension*);
+
+ bool shouldForceUniversalAccessFromLocalURL(WebPage*, const String& url);
};
} // namespace WebKit
Modified: trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp (118396 => 118397)
--- trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp 2012-05-24 18:35:10 UTC (rev 118396)
+++ trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp 2012-05-24 18:42:58 UTC (rev 118397)
@@ -1538,6 +1538,15 @@
webPage->didChangeScrollOffsetForMainFrame();
}
+bool WebFrameLoaderClient::shouldForceUniversalAccessFromLocalURL(const WebCore::KURL& url)
+{
+ WebPage* webPage = m_frame->page();
+ if (!webPage)
+ return false;
+
+ return webPage->injectedBundleLoaderClient().shouldForceUniversalAccessFromLocalURL(webPage, url.string());
+}
+
PassRefPtr<FrameNetworkingContext> WebFrameLoaderClient::createNetworkingContext()
{
RefPtr<WebFrameNetworkingContext> context = WebFrameNetworkingContext::create(m_frame);
Modified: trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.h (118396 => 118397)
--- trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.h 2012-05-24 18:35:10 UTC (rev 118396)
+++ trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.h 2012-05-24 18:42:58 UTC (rev 118397)
@@ -220,6 +220,8 @@
virtual void didChangeScrollOffset() OVERRIDE;
+ virtual bool shouldForceUniversalAccessFromLocalURL(const WebCore::KURL&) OVERRIDE;
+
virtual PassRefPtr<WebCore::FrameNetworkingContext> createNetworkingContext() OVERRIDE;
WebFrame* m_frame;
Modified: trunk/Source/WebKit2/WebProcess/qt/QtBuiltinBundlePage.cpp (118396 => 118397)
--- trunk/Source/WebKit2/WebProcess/qt/QtBuiltinBundlePage.cpp 2012-05-24 18:35:10 UTC (rev 118396)
+++ trunk/Source/WebKit2/WebProcess/qt/QtBuiltinBundlePage.cpp 2012-05-24 18:42:58 UTC (rev 118397)
@@ -75,6 +75,7 @@
0, // didReconnectDOMWindowExtensionToGlobalObject
0, // willDestroyGlobalObjectForDOMWindowExtension
0, // didFinishProgress
+ 0, // shouldForceUniversalAccessFromLocalURL
};
WKBundlePageSetPageLoaderClient(m_page, &loaderClient);
}
Modified: trunk/Tools/ChangeLog (118396 => 118397)
--- trunk/Tools/ChangeLog 2012-05-24 18:35:10 UTC (rev 118396)
+++ trunk/Tools/ChangeLog 2012-05-24 18:42:58 UTC (rev 118397)
@@ -1,3 +1,14 @@
+2012-05-24 Alexey Proskuryakov <[email protected]>
+
+ [WK2] Let the client give local files universal access on a case by case basis
+ https://bugs.webkit.org/show_bug.cgi?id=87174
+ <rdar://problem/11024330>
+
+ Reviewed by Maciej Stachowiak.
+
+ * WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp: (WTR::InjectedBundlePage::InjectedBundlePage):
+ Added initialization of a new structure member to prevent build failure.
+
2012-05-24 Raphael Kubo da Costa <[email protected]>
[EFL] Modify keycode conversion functions to return keycodes with location information after r118001.
Modified: trunk/Tools/WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp (118396 => 118397)
--- trunk/Tools/WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp 2012-05-24 18:35:10 UTC (rev 118396)
+++ trunk/Tools/WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp 2012-05-24 18:42:58 UTC (rev 118397)
@@ -241,6 +241,7 @@
0, // didReconnectDOMWindowExtensionToGlobalObject
0, // willDestroyGlobalObjectForDOMWindowExtension
didFinishProgress, // didFinishProgress
+ 0 // shouldForceUniversalAccessFromLocalURL
};
WKBundlePageSetPageLoaderClient(m_page, &loaderClient);
